cloud-security
Safeguard articles tagged "cloud-security" — guides, analysis, and best practices for software supply chain and application security.
290 articles
How to encrypt a Terraform state file
A step-by-step guide to encrypting a Terraform state file using an S3 backend, KMS keys, and IAM controls to keep infrastructure secrets safe.
What is Attack Path Analysis
Attack path analysis maps how vulnerabilities and misconfigurations chain together into real exploit routes, cutting 10,000+ findings down to the handful that matter.
How to configure AWS Config for continuous compliance mon...
A step-by-step guide to configure AWS Config compliance monitoring: rules setup, conformance packs, alerting, remediation, and multi-account aggregation.
Infrastructure as Code Security Tools, Compared
Infrastructure as code security tools catch misconfigured cloud resources before they're ever provisioned — here's how the main options differ and where each one fits.
Azure ACR Image Signing with Notation Policy
Azure Container Registry plus Notation gives you signing, trust policy, and AKS enforcement without bolting on Sigstore. Here is how the pieces actually fit together.
SOC 2 Cloud Compliance: A Practical Primer
SOC 2 cloud compliance means proving your cloud-hosted controls actually operate the way you say they do — here's what auditors check and how a cloud compliance platform shortens the path to a report.
Agile Data Security Platforms: What the Label Actually Means
An agile data security platform is marketing shorthand for tools that adapt security controls as fast as data moves — here's what actually separates a real one from the label.
GitLab OIDC Token Theft: Workflow Research
GitLab CI OIDC tokens are becoming the keys to cloud kingdoms. Recent research shows how workflow misconfigurations leak them in surprising ways.
How to set up AWS Organizations Service Control Policies
A practical, command-by-command guide to AWS Organizations SCP setup — from enabling policy types to real guardrail examples, rollout, and troubleshooting.
How to implement least privilege for GCP service accounts
A step-by-step guide to auditing, scoping, and enforcing least privilege service accounts GCP-wide — including key rotation and IAM audit workflows.
How to set up cloud security posture management (CSPM)
A practical, step-by-step guide to setting up cloud security posture management: inventory, tool selection, policy tuning, alerting, remediation, and verification.
How to configure network ACLs in AWS VPC
A step-by-step guide to configure AWS NACLs correctly — creating rules, associating subnets, and verifying traffic — for real defense-in-depth in your VPC.