Learn how to secure your GitHub Actions with these best practices! From controlling credentials to using specific action version tags, this cheat sheet will help you protect against supply-chain attacks. Don't let a malicious actor inject code into your repository - read now!

@bettersafetynet: I've had 3 calls so far today (it's not even 10) about defending against Russian cyber ops I'm tired of having the same call... so... here's what I've told everyone. This is the playbook you...…

AWS CloudSaga - Simulate security events in AWS. Contribute to awslabs/aws-cloudsaga development by creating an account on GitHub.

AWS Security Hub is a service that gives you aggregated visibility into your security and compliance posture across multiple Amazon Web Services (AWS) accounts. By joining Security Hub with Amazon QuickSight—a scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud—your senior leaders and decision-makers can use dashboards to empower data-driven decisions […]

With end-to-end integration into the SDLC, continuous security supports CI/CD to improve productivity, speed time-to-market and reduce risks.

Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more - prowler-cloud/prowler

Sticking to container security best practices is critical for successfully delivering secure software.

Zero trust architecture design principles 1.0 launched.

Minimum Viable Secure Product (MVSP) is a minimum security baseline for enterprise-ready products and services.

Project Archived

January 2, 2024: We’ve updated this post to include the new failover Region feature. April 29, 2021: We’ve updated the order of the commands in Step 1. April 23, 2021: We’ve updated the commands in Steps 1 and 5 and in the “Additional Features” section. Using AWS Secrets Manager, you can more securely retrieve secrets […]

Purple Knight, built by Semperis, is the top Active Directory security assessment tool today. Identify threats and get prioritized guidance.

Turning Outlook into a keylogger via VBA macros

Explore Boundary product documentation, tutorials, and examples.