Archive
Container Security: Building Fortified Foundations with Minimal Attack Surfaces + pre-RSA 2025
Discover how leading cloud security experts are revolutionizing container security by leveraging minimal images, immutable infrastructure, and developer-friendly tools. This week's newsletter reveals practical strategies to reduce attack surfaces, automate security controls, and implement the "shift down" philosophy for securing containerized workloads at scale.
CVE Program Saved, 1200 AWS Access Key Compromised, & Mastering Cloud Incident Response
This week, we focus on MITRE's CVE program gets last-minute funding extension, Major AWS S3 ransomware campaign uses stolen credentials and expert strategies for effective multi-cloud incident response from Fortune 500 security leaders.
Attacker Stealth Tactics in Azure and Ransomware still Threatening Organizations
This week we uncover Azure security blindspots in our latest newsletter featuring experts Christian Philipov (WithSecure) and Katie Knowles (Datadog). Learn how attackers exploit Azure's limited read-event logging for stealthy reconnaissance, plus practical defenses using conditional access policies and Resource Graph Explorer. Also covers breaking news on Microsoft's ransomware-related zero-day patch, pension fund breaches, and critical SAP vulnerabilities. Essential insights for cloud security professionals defending Azure environments.
Google Cloud Run ImageRunner Vulnerability & Tackling Kubernetes Network Security Across Multiple Cloud Providers
This week we examine recently discovered vulnerabilities in GCP Cloud Run, AWS S3, and Azure VM deployment, alongside expert insights from Confluent's Kubernetes team on implementing Cilium across multiple clouds. Learn how cloud-specific networking challenges can be overcome while enhancing security posture through eBPF-powered protection, with practical guidance for security professionals managing containerized workloads.
Kubernetes Nightmare of Vulnerabilities & Building Detection Engineering Excellence
Critical Kubernetes vulnerabilities (CVSS score 9.8 🫣 ) threaten thousands of clusters while detection engineering practices gain importance as more vulnerabilities continue to get announced. Learn how to protect your environment from IngressNightmare CVEs and implement Detection as code strategies from Google Cloud's security experts.
24hrs into Google's $32B Acquisition of Wiz - What It Means for Cloud Security
Google's $32B acquisition of Wiz reshapes cloud security landscape. Leading experts analyze implications for multi-cloud strategies, vendor lock-in concerns, and the evolution of CSPM/CNAPP to runtime security. Essential insights for CISOs and security teams navigating this industry-transforming deal.
Securing AI Applications in Cloud: What are We Really Securing?
As organizations increasingly integrate AI into their cloud environments, security teams face a new challenge: securing AI-driven applications while ensuring innovation isn't stifled. But what does securing AI really mean? Is it about securing the cloud infrastructure running AI workloads, the AI models themselves, or the applications utilizing AI? This week, we explore AI Bill of Materials (AIBOM), shadow AI risks, and 4 Steps you can take to Secure your AI systems without blocking innovation.
Why AWS Anti-Patterns Might Be Your Next Cloud Security Superpower!
Are Anti-Patterns the New Best Practices in AWS Cloud Network Security? Explore how AWS anti-patterns like centralized VPC endpoints and flipped NAT setups can boost cloud security. Experts Jack Harter, Kyler Middleton, Meg Ashby, and Brian McHenry share insights on bending vendor rules for compliance, cost, and prevention in this week’s Cloud Security Newsletter.
2025 Guide to Cloud Pentesting: AWS & Azure Edition
Cloud penetration testing has evolved beyond simple configuration reviews to comprehensive security assessments. Our experts Nick Jones (WithSecure), Karl Fosaaen (NetSPI), and Seth Art (Datadog) share insights on the critical differences between web application and cloud pentesting, the central role of identity in cloud security, and common attack vectors. Learn why cloud-specific expertise matters when selecting pentesting partners, how to scope engagements effectively based on account and service complexity, and practical considerations for collaborative pentesting.
Microsoft Azure Security: From Incident Response to Proactive Defense
Whether you're managing a hybrid environment, responding to incidents, or building security controls, understanding Azure's distinct security model is crucial for effective cloud security. This issue contains practical insights on navigating the complexities of Azure identity, implementing proactive security measures, and building effective incident response capabilities.
Netflix's Identity First - AWS Cloud Security Evolution!
How Netflix Scaled AWS Security by breaking Traditional Account Boundaries & starting with Identity instead of Infrastructure. Netflix's Bold Take on re-thinking AWS Multi-Account Security at Scale beyond Least Privilege using identity isolation allowed them to be developer friendly at their scale.
