Tag
iam-misconfiguration
Safeguard articles tagged "iam-misconfiguration" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Container Security
Securing serverless containers on Fargate and Cloud Run
No SSH, no DaemonSets, no host agents. Here's how Firecracker and gVisor isolation change container security on Fargate and Cloud Run — and what still gets you breached.
Jun 21, 20267 min read
Cloud Security
Common AWS IAM misconfigurations that lead to breaches
Capital One and Code Spaces both fell to AWS IAM misconfigurations, not novel exploits. Here's how overly permissive policies and privilege escalation paths cause real breaches.
Jan 17, 20268 min read
Cloud Security
GCP IAM privilege escalation paths explained
Attackers escalate GCP privilege using IAM actAs chains, default Editor service accounts, and Cloud Build tokens -- no exploit code required.
Nov 3, 20257 min read