The warning is a rare admission from the FBI about the threat from fake emergency data requests submitted by hackers with access to police email accounts.

Threagile enables teams to execute Agile Threat Modeling as seamless as possible, even highly-integrated into DevSecOps environments.

June 15, 2020: This blog is out of date. Please refer here for the updated info: https://aws.amazon.com/blogs/aws/new-enhanced-amazon-macie-now-available/ Amazon Macie is a security service that makes it easy for you to discover, classify, and protect sensitive data in Amazon Simple Storage Service (Amazon S3). Macie collects AWS CloudTrail events and Amazon S3 metadata such as permissions […]

The open-source GitHub cybersecurity projects provide valuable tools, frameworks, and resources to enhance security practices.

OpenCTI is an open-source platform designed to help organizations manage their cyber threat intelligence (CTI) data and observables.

With end-to-end integration into the SDLC, continuous security supports CI/CD to improve productivity, speed time-to-market and reduce risks.

Generate and verify signed attestations for anything you make with GitHub Actions.

Explore how GitHub Advanced Security can help address several of the OWASP Top 10 vulnerabilities

January 20, 2020: Based on customer feedback, we rephrased the fourth goal in the “An example structure with nested OUs and SCPs” section to try to improve clarity. With AWS Organizations, you can centrally manage policies across multiple AWS accounts without having to use custom scripts and manual processes. For example, you can apply service […]

AWS CloudSaga - Simulate security events in AWS. Contribute to awslabs/aws-cloudsaga development by creating an account on GitHub.

Google’s Project Zero hackers and DeepMind boffins have collaborated to uncover a zero-day security vulnerability in real-world code for the first time using AI.

No patches yet, can be mitigated, requires user interaction

Define permissions on a resource in order to grant IAM users access to resources in other AWS accounts.

Learn how to secure your GitHub Actions with these best practices! From controlling credentials to using specific action version tags, this cheat sheet will help you protect against supply-chain attacks. Don't let a malicious actor inject code into your repository - read now!

AWS Policy Generator

The Louvre heist was an instant joke online — a joke that gets even funnier when you learn the museum's video surveillance password.

Compatibility:
Source: See Trivy website for details. Trivy is an all-in-one open source security scanner that can help you identify vulnerabilities and IaC misconfigurations, discover SBOMs, perform cloud scanni…

September 12, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. Today, AWS introduced AWS IAM Identity Center (AWS IAM Identity Center), a service that makes it easy for you to centrally manage IAM Identity […]

The long-awaited law, if passed, will be Australia’s first standalone cyber security act.

Since its founding, the Sysdig Threat Research Team (TRT) has been committed to making the world a safer, more informed place. Upholding this commitment