iam-security
Safeguard articles tagged "iam-security" — guides, analysis, and best practices for software supply chain and application security.
11 articles
Top AWS security misconfigurations and how to fix them
A practical AWS misconfigurations cheat sheet — IAM, S3, security groups, logging, and snapshots — with real breach data and exact fixes.
Scanning AWS CloudFormation templates for misconfigurations
CloudFormation deploys exactly what you write, misconfigurations included. Here's how scanning catches IAM, S3, and security group errors before they ship.
Securing AWS Lambda functions
A practical guide to AWS Lambda security best practices: IAM scoping, dependency risk, secrets handling, and runtime detection for serverless apps.
What is Privilege Escalation
Privilege escalation turns a minor foothold into a full breach. Learn the techniques, real-world examples, and how to detect and stop it.
What is Serverless Security
Serverless security protects function code, IAM roles, and event triggers where traditional host-based scanning and patching don't apply.
What is Cloud Misconfiguration
Cloud misconfiguration is the top cause of cloud breaches. Learn what it is, why it happens, real-world costs, and how to detect and prevent it.
What is the Principle of Least Privilege
The principle of least privilege limits every user and system to only the access it needs. Here's how it works and why it matters for cloud security.
How to implement least privilege IAM policies in AWS
A practical guide to building a least privilege IAM policy AWS teams can trust, using Access Advisor data and generator tooling to cut over-permissioning fast.
How AWS STS temporary credentials reduce long-lived key risk
Long-lived AWS keys sit in code and CI logs for years. AWS STS temporary credentials expire automatically, shrinking the window attackers have to exploit a leak.
Misconfiguration Fatigue: Why the Same Cloud Mistakes Kee...
The same cloud misconfigurations — public buckets, stale IAM roles, unwatched drift — keep causing breaches years apart. Here's why, with real cases and how to break the cycle.
AWS Security Breaches: Lessons Learned From Real Incidents
Most AWS security breach postmortems trace back to a small set of repeating misconfigurations — public S3 buckets, overprivileged IAM roles, exposed credentials — not novel attacks on AWS itself.