
Security measures against SSRF attacks for AWS EC2 instances
In this article you will learn about some preemptive security measures that can be implemented for AWS EC2 instances against SSRF attacks.
In this article you will learn about some preemptive security measures that can be implemented for AWS EC2 instances against SSRF attacks.
A hands-on introduction and walkthrough of GCP Goat - an intentionally vulnerable GCP environment to help understand common misconfigurations in Google Cloud and how attackers can take advantage of it.
The AWS RDS service, by default, does not enable transport layer security, allowing clients to connect insecurely if they want to. This article shows how SREs, DevOps, and RDS administrators can lower the risk that this default configuration poses.
Secrets like passwords, API keys, access keys, etc. can often creep into our source code repositories intentionally or unintentionally, hence it is essential to ensure that we spot them at the earliest. In this article, we look into how to automate scanning of GitHub repositories for secrets using GitHub Actions.
AWS EC2 is one of the most popular and widely used services from AWS. With a variety of options available to tailor the EC2 instances as per one’s requirements, it also poses a risk of introducing security gaps in the form of misconfigurations or insecure defaults. In this article we discuss some of the ways that can help configure our EC2 instances securely.
A list of top 10 security best practices created based on our experience as attackers and defenders that can be employed to dramatically enhance the security of AWS S3 service.