Introducing KEV Bot, Our Known Exploited Vulnerabilities Bot
An introduction to Aquia's KEV notification system
Taking The New Secrets Manager Lambda Extension For a Spin
Walkthrough on using the new Lambda Extension to retrieve secrets, and comparison against using Boto3
The Importance of Internal Cloud Security Standards
Why an internal cloud security standard is important and how to create one
AWS Re:Invent 2022 Security Recap and Top 5 Releases
We collected the security relevant AWS releases and announcements from this years reinvent!
OWASP Software Component Verification Standard (SCVS)
A look at some of the fundamental controls for each of the SCVS levels
An Incomplete Look at Vulnerability Databases & Scoring Methodologies
A look at some of the fundamental vulnerability databases and scoring methodologies currently in use in the industry
How I Passed the AWS Certified Security - Specialty Exam
Tips and recommended materials used to pass the exam.
Threat Detection on EKS – Comparing Falco and GuardDuty For EKS Protection
A comparison of Falco and GuardDuty for EKS Protection.
Auto Remediation with Eventbridge, Step Functions, and the AWS SDK Integration
Learn how to use the AWS SDK for Step Functions to auto-remediate findings.
Supply Chain Risk Management
Supply chain security is rapidly becoming a top concern of most technology and security leaders. This article will examine some of the background, relevant efforts, incidents and best practices around securing the software supply chain.
Using Semgrep to find security issues and misconfigurations in AWS Cloud Development Kit projects
Learn how to find security issues and misconfigurations in AWS Cloud Development Kit projects with Semgrep.