Step-by-step guides about
Cloud Security

A hands-on introduction and walkthrough of GCP Goat - an intentionally vulnerable GCP environment to help understand common misconfigurations in Google Cloud and how attackers can take advantage of it.

AWS EC2 is one of the most popular and widely used services from AWS. With a variety of options available to tailor the EC2 instances as per one’s requirements, it also poses a risk of introducing security gaps in the form of misconfigurations or insecure defaults. In this article we discuss some of the ways that can help configure our EC2 instances securely.

A list of top 10 security best practices created based on our experience as attackers and defenders that can be employed to dramatically enhance the security of AWS S3 service.

A quick guide on detecting and fixing the recently discovered Pwnkit (CVE-2021-4034) Local Privilege Escalation vulnerability on standalone and cloud based virtual machines.

A detailed article that describes what Multi-Factor Authentication systems are, how they increase the security of the system they protect and what it means in the context of the AWS cloud.

A step by step guide to show how a security audit of AWS IAM can be performed to identify users attributes like unrotated keys, IAM password policies, access and much more.