Secrets like passwords, API keys, access keys, etc. can often creep into our source code repositories intentionally or unintentionally, hence it is essential to ensure that we spot them at the earliest. In this article, we look into how to automate scanning of GitHub repositories for secrets using GitHub Actions.
1Password is a SaaS that is used to securely store and share credentials across team members. This article shows how you can perform a user audit and identify access or rogue users within your organisation.
A quick guide on detecting and fixing the recently discovered Pwnkit (CVE-2021-4034) Local Privilege Escalation vulnerability on standalone and cloud based virtual machines.
A step by step guide to show how a security audit of AWS IAM can be performed to identify users attributes like unrotated keys, IAM password policies, access and much more.
A guide on deploying your first (or second, or third or …) application from a code repository to a server via the awesome GitHub Actions workflow.
A guide on how to perform an EC2 Vulnerability Scan using Amazon Inspector with the console and the CLI.
-on-the-cloud/1673703146-how-to-patch-the-pwnkit-vulnerability-(CVE-2021-4034)-on-the-cloud-thumbnail.png)
