cloud-security
Safeguard articles tagged "cloud-security" — guides, analysis, and best practices for software supply chain and application security.
290 articles
How to set up AWS GuardDuty for threat detection
A step-by-step guide to enabling AWS GuardDuty across accounts and regions, routing findings to your alerting stack, and triaging results.
How to prevent public access to AWS S3 buckets
A practical walkthrough for locking down AWS S3 buckets: Block Public Access, bucket policies, encryption, and how Safeguard catches misconfigurations early.
How to implement least privilege IAM policies in AWS
A practical guide to building a least privilege IAM policy AWS teams can trust, using Access Advisor data and generator tooling to cut over-permissioning fast.
Multi-Cloud Software Supply Chain Abstractions
Running supply chain controls across AWS, Azure, and GCP means picking the right abstractions. Here is which ones hold up and which ones you will regret.
Cloud Supply Chain Security Across AWS, Azure, and GCP
Each major cloud provider approaches supply chain security differently. Here's a practical comparison and what it means for multi-cloud organizations.
IaC Scanning Tools for Terraform and Beyond
IaC scanning tools catch misconfigured cloud resources before they're ever applied — the question is which ones actually understand Terraform's module graph instead of just its syntax.
How to set up AWS CloudTrail logging
A step-by-step guide to setting up AWS CloudTrail logging, enabling it across all regions, validating log integrity, and building a solid audit logging setup.
How to enable MFA on an AWS root account
A step-by-step guide to enabling MFA on your AWS root account, covering virtual MFA device setup, verification commands, troubleshooting, and ongoing security best practices.
GCP Artifact Analysis API for Vulnerability Triage
GCP's Artifact Analysis API is the most direct way to get scan results into your triage tooling. Here is how to use it without drowning your team.
How to set up AWS Secrets Manager with automatic rotation
A practical guide to setting up AWS Secrets Manager with automatic rotation via Lambda, including verification steps and a comparison to Parameter Store.
How to configure Azure AD Conditional Access policies
A step-by-step guide to configure Azure AD conditional access policies safely — MFA enforcement, device compliance, report-only piloting, and troubleshooting tips.
What is a Honeypot
A honeypot is a decoy system or credential built to lure attackers so defenders can detect, delay, and study intrusions before real assets are touched.