- tl;dr sec
- Archive
- Page 16
Archive
![[tl;dr sec] #125 - Hacking a Billionaire, Automating Incident Response in AWS, Exploiting/Hardening GitHub Actions](https://media.beehiiv.com/cdn-cgi/image/format=auto,width=800,height=421,fit=scale-down,onerror=redirect/uploads/publication/thumbnail/080a561f-2435-4477-a549-ab9f115e047c/landscape_Screenshot_2024-11-21_at_10.48.21_AM.png)
[tl;dr sec] #125 - Hacking a Billionaire, Automating Incident Response in AWS, Exploiting/Hardening GitHub Actions
Rachel and Evan Tobac vs. Jeffrey Katzenberg, a framework for automatically isolating an EC2 instance and gathering what you need, attacking and hardening GitHub Actions and repos.
[tl;dr sec] #121 - Container Security Checklist, DevSecOps & Automating Compliance, Proactive Subdomain Takeovers
A dense checklist of container hardening steps, Cloud Security Alliance whitepaper on automating compliance and better relating it to security requirements, tool to preemptively take over your subdomains before attackers can.
[tl;dr sec] #119 - Picking the Right Terraform Security Tool, BloodHound for Cloud, Awesome-Security-Hardening
Bake-off of multiple Terraform static analysis tools, tool to identify privilege escalation paths within and across different clouds, collection of security hardening best practices, checklists, benchmarks, tools, and more.
[tl;dr sec] #116 - Secrets of Successful Security Programs, Supply Chain, Killing Bug Classes
A masterclass in building a modern, scalable security program by Phil Venables, GitHub Action to check your supply chain security posture, Chrome feature to protect against CSRF and DNS rebinding.