cloud-security
Safeguard articles tagged "cloud-security" — guides, analysis, and best practices for software supply chain and application security.
290 articles
How Snyk IaC scans a Terraform Plan JSON file to catch dr...
How Snyk IaC parses Terraform plan JSON's resource_changes to catch drift and misconfigurations before terraform apply — the mechanics, limits, and what it can't see.
How Snyk IaC correlates code-level misconfigurations with...
How Snyk's Cloud Context feature joins Terraform and CloudFormation misconfigurations to live AWS, Azure, and GCP resources — and where that correlation model breaks down.
How Snyk IaC's severity scoring weighs the exploitability...
A mechanical look at how Snyk IaC assigns Critical-to-Low severity to misconfigurations, and how exploitability factors like exposure and privilege requirements shape the rating.
How Snyk IaC's custom rule SDK structures resource-attrib...
A technical look at how Snyk IaC's Rego-based SDK normalizes Terraform, CloudFormation, Kubernetes, and ARM into one resource-attribute query model.
How Snyk IaC handles Terraform modules and remote module ...
How Snyk IaC statically parses Terraform, resolves local modules inline, and why remote Registry or Git modules stay unexpanded until a Terraform plan is scanned.
How an organization's custom policy set overrides Snyk Ia...
How Snyk IaC's Rego-based custom rules layer onto, disable, or supplement default policies — and what that means for enforcing org-specific IaC standards.
How Snyk IaC detects overly permissive IAM policies in Te...
A mechanical walkthrough of how Snyk IaC parses Terraform and CloudFormation, normalizes IAM policies into one model, and flags wildcard actions, resources, and principals before deploy.
How Snyk IaC identifies unencrypted storage resources acr...
Snyk IaC flags unencrypted S3 buckets, Azure Storage, and GCP disks by parsing Terraform and CloudFormation for missing encryption attributes before deployment.
Cloud Cyber Security: The Fundamentals Teams Skip
The cloud cyber security fundamentals teams reliably skip — identity sprawl, misconfigured storage, and compliance standards treated as a checkbox instead of a control.
Why Cloud Security Ownership Keeps Falling Into the Gap B...
Misconfigurations sit unpatched for months because three teams each assume someone else owns them. Here's why the cloud security ownership gap keeps widening.
IaC Drift: The Gap Between Declared and Actual Cloud Conf...
IaC drift lets your cloud diverge silently from Terraform state, breaking the compliance guarantees teams assume are still true. Here's how it happens and how to catch it.
Startups vs Enterprises: Why Smaller Cloud Footprints Are...
Smaller cloud footprints feel safer, but startups often face a higher per-workload security incident rate than enterprises. Here's why size is the wrong safety proxy.