Learn Cloud Security
Page 11 of 13
5 Things to Consider When Using AWS Elastic IP Addresses
Learn the key considerations and best practices for using AWS Elastic IP addresses effectively
Fixing the default insecure network connection option for RDS instances
The AWS RDS service, by default, does not enable transport layer security, allowing clients to connect insecurely if they want to. This article shows how SREs, DevOps, and RDS administrators can lower the risk that this default configuration poses.
Automate scanning of GitHub repos for secrets with GitHub Actions
Secrets like passwords, API keys, access keys, etc. can often creep into our source code repositories intentionally or unintentionally, hence it is essential to ensure that we spot them at the earliest. In this article, we look into how to automate scanning of GitHub repositories for secrets using GitHub Actions.
How to securely configure an AWS EC2 instance
AWS EC2 is one of the most popular and widely used services from AWS. With a variety of options available to tailor the EC2 instances as per one’s requirements, it also poses a risk of introducing security gaps in the form of misconfigurations or insecure defaults. In this article we discuss some of the ways that can help configure our EC2 instances securely.
Top 10 security best practices for securing data in Amazon S3
A list of top 10 security best practices created based on our experience as attackers and defenders that can be employed to dramatically enhance the security of AWS S3 service.
Enumerating Users and their Access levels in 1Password
1Password is a SaaS that is used to securely store and share credentials across team members. This article shows how you can perform a user audit and identify access or rogue users within your organisation.
-on-the-cloud/1673703146-how-to-patch-the-pwnkit-vulnerability-(CVE-2021-4034)-on-the-cloud-thumbnail.png)
How to Patch the Pwnkit vulnerability (CVE-2021-4034) on the Cloud
A quick guide on detecting and fixing the recently discovered Pwnkit (CVE-2021-4034) Local Privilege Escalation vulnerability on standalone and cloud based virtual machines.
A detailed guide on protecting against the 8KB AWS WAF limitation
Google Cloud Armor has a documented limitation related to the maximum size of an HTTP POST request body the service is able to inspect and block. Attackers can use this limitation to bypass the protection provided by Cloud Armor and potentially exploit vulnerabilities that may be present in an underlying web application. This article will take you through how Cloud Armor rules can be configured to appropriately mitigate the risk due to the limitation.
5 ways to connect to your GCP VM instances using SSH
GCP provides various ways by which you can SSH to a Linux compute instance, especially useful when you have firewall rules preventing external access. This article shows the 5 ways to connect to a GCP VM instance using SSH.
What is Multi-Factor Authentication in AWS?
A detailed article that describes what Multi-Factor Authentication systems are, how they increase the security of the system they protect and what it means in the context of the AWS cloud.
How to perform an IAM Security Audit in AWS
A step by step guide to show how a security audit of AWS IAM can be performed to identify users attributes like unrotated keys, IAM password policies, access and much more.
Deploying web applications with GitHub Actions
A guide on deploying your first (or second, or third or …) application from a code repository to a server via the awesome GitHub Actions workflow.