- tl;dr sec
- Archive
- Page 14
Archive
![[tl;dr sec] #127 - Trufflehog V3, The Future of InfoSec, IaC Scanning](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2024-11-21_at_10.48.21_AM.png)
[tl;dr sec] #126 - How to Review Your Company's Infrastructure, Kubernetes DFIR, Security for Start-ups
How to review the security architecture of a multi-cloud environment and find the most critical components, responding to incidents in k8s, advice for start-ups without a security team.
[tl;dr sec] #125 - Hacking a Billionaire, Automating Incident Response in AWS, Exploiting/Hardening GitHub Actions
Rachel and Evan Tobac vs. Jeffrey Katzenberg, a framework for automatically isolating an EC2 instance and gathering what you need, attacking and hardening GitHub Actions and repos.
[tl;dr sec] #121 - Container Security Checklist, DevSecOps & Automating Compliance, Proactive Subdomain Takeovers
A dense checklist of container hardening steps, Cloud Security Alliance whitepaper on automating compliance and better relating it to security requirements, tool to preemptively take over your subdomains before attackers can.
[tl;dr sec] #119 - Picking the Right Terraform Security Tool, BloodHound for Cloud, Awesome-Security-Hardening
Bake-off of multiple Terraform static analysis tools, tool to identify privilege escalation paths within and across different clouds, collection of security hardening best practices, checklists, benchmarks, tools, and more.