Building your first IaC scanning pipeline
·
In this post, we will configure an IaC scanning pipeline using tfsec to scan Terraform code – ensuring our AWS infrastructure is deployed in a secure manner.
Daniel Cremin
-
-
Dangling DNS Records: What are they & how to remediate them
·
In this post we will discuss dangling DNS records in a cloud computing context, why they matter and how they can be identified and remediated.
-
AWS Secrets Manager: Best Practices
·
In this post will discuss some best practices when using AWS Secrets Manager. We’ll touch on secret rotation, encryption and limiting access via IAM and resource policies.
-
Phishing websites: How do they work?
·
In this post we’ll discuss the phishing phenomenon, reverse engineer a real phishing website and discuss how you can stay safe from phishing attempts.
-
Securing EC2 Instance Metadata in AWS
·
In this post we will discuss the security pitfalls of the EC2 Instance Metadata Service (IMDS) version 1, identifying it’s use within your AWS account(s), remediation steps and future predictions.