Tag: IAM

  • Credential Leaks: The Fundamentals We’re Still Missing

    Credential Leaks: The Fundamentals We’re Still Missing

    The recent news of CISA Admin AWS GovCloud credentials exposed on a public GitHub repository [1] serves as a stark, yet unfortunately familiar, reminder of a foundational security failure: credentials leakage. This isn’t a novel attack vector. The OWASP Top 10:2025 [2] confirms Security Misconfiguration has jumped from #5 to #2, with every tested application…

  • AWS Security Hub – Progress, Plans and Problems

    AWS Security Hub – Progress, Plans and Problems

    ,

    Cloud Security Tooling is maturing fast, and AWS has been feeling the competitive pressure. Over recent years, third-party platforms like Wiz, Orca Security, and Palo Alto’s Prisma Cloud set the pace in cloud-native application protection — offering agentless scanning, multi-cloud coverage, and rich contextual risk analysis that AWS’s native tooling struggled to match. AWS has…

  • Architecting Proactive Data Governance and Reactive Security at Scale with AWS Security Hub Automation

    Architecting Proactive Data Governance and Reactive Security at Scale with AWS Security Hub Automation

    The proliferation of data, further driven by generative AI and machine learning workloads, has intensified the challenge of data governance in the cloud. Simultaneously, the volume of security findings generated by modern cloud environments demands an equally scalable and automated response. Manual approaches to data classification, lifecycle management, and incident remediation are no longer viable…