Network ACLs (NACLs) versus Security Groups (SGs) (Cheat Sheet)
To control the flow of data in and out of your VPCs and Subnets in AWS, you can use Network Access Control Lists (NACLs), Security Groups…
Tag: AWS
Must-have AWS security monitoring & alerting (Cheat Sheet)
Most of us know that having visibility into our cloud accounts and resources is critical, but it can easily be overwhelming to implement. What should…
IaC Scanning and Policy as Code with Checkov (Cheat Sheet)
We posted a video introducing the benefits of Infrastructure as Code (IaC) scanning and Policy as Code scanning, and why you absolutely should be running…
Anatomy of an AWS IAM Policy (Cheat Sheet)
If we had to name the most critical service to understand when it comes to AWS security, it would have to be IAM (Identity and…
How crypto miners hijack AWS accounts (Cryptojacking GUI-Vil Case Study)
This is the story of how you print free money. It’s a story that involves an AWS account, a threat actor named GUI-Vil, and unauthorized…
Intro to AWS Pentesting (with Pacu)
In this article, you’re going to learn how to hack AWS cloud environments so that you can find exploitable vulnerabilities in your own AWS accounts…
AWS WAF Made Simple: Protect Your Web Apps In The Cloud
AWS built its own Web Application Firewall and named the service AWS WAF, and we’re going to take a detailed look at how we can…
Network segmentation
Network segmentation is a really important topic to understand for IT in general, but also for security. As we deploy resources in our networks, creating…