Posts

Leveraging AWS SSO (aka Identity Center) with Azure AD
Leveraging AWS SSO (aka Identity Center) with Azure AD

How to configure AWS Identity Center to use AzureAD

Elements of a Successful Cloud Security Program
Elements of a Successful Cloud Security Program

Building a successful cloud security program is more than just buying some tools. It's about understanding your business, defining your mission, and embracing your developers.

Cloud Penetration Tests
Cloud Penetration Tests

What to consider when you're looking to get an PenTest in AWS, along with our whitepaper guide on offensive operations in AWS

Public Access Key - 2023
Public Access Key - 2023

I deliberately published an Access Key and Secrets. Here's what happened.

Incident Response in AWS
Incident Response in AWS

At BSides Atlanta, I talked about how to handle an incident in AWS. The talk and this post are for those already familiar with the principles of Incident Response to understand what to do when the incident involves the AWS Control Plane.

re:Invent 2021 Recap
re:Invent 2021 Recap

There were 125 AWS Announcements in the last 10 days. Here are the ones I thought interesting, or security pros may care about.