s3-security
Safeguard articles tagged "s3-security" — guides, analysis, and best practices for software supply chain and application security.
8 articles
The S3 bucket security hardening checklist
AWS blocked public access by default in April 2023, yet misconfigured buckets still leak data — here's a concrete checklist and Terraform to close the gaps.
The 2026 AWS Security Checklist: Account, IAM, Network, and Data Controls
One SSRF call against an unpatched WAF and a permissive IAM role were enough to expose 106 million Capital One records in 2019 — here's the checklist that stops it.
The AWS Shared Responsibility Model, Explained With Real Examples
AWS secures the cloud; you secure what's in it. Most breaches — like the thousands of exposed public S3 buckets found every year — happen entirely on the customer's side of that line.
High-profile AWS breaches: lessons learned
Capital One's 2019 breach exposed 106 million records through a single SSRF call to the EC2 metadata service — here's the exact control that would have stopped it.
The S3 bucket security checklist every AWS team needs
AWS made Block Public Access the default for new S3 buckets in April 2023 — but the Capital One breach exposed 106 million records through IAM, not a bucket setting.
AWS S3 Bucket Security: The Complete 2026 Guide
S3 is the single most common source of cloud data leaks. This guide covers block public access, encryption, bucket policies, and how to enforce all three in Terraform.
Top AWS security misconfigurations and how to fix them
A practical AWS misconfigurations cheat sheet — IAM, S3, security groups, logging, and snapshots — with real breach data and exact fixes.
How to prevent public access to AWS S3 buckets
A practical walkthrough for locking down AWS S3 buckets: Block Public Access, bucket policies, encryption, and how Safeguard catches misconfigurations early.