Introduction While building Lambda-based automation for patch management and security hardening, I frequently ran into a frustrating problem: some EC2 instances failed during software installation or SSM command execution. Usually the root cause was that the instance wasn’t a Managed Instance in SSM. An EC2 instance must be managed...
Introduction I often see companies struggle with installing security agents on their virtual machines fleets. These agents could be Wazuh, Splunk, Microsoft Defender for Endpoint (MDE), or others. Setting them up manually or with tools like Ansible takes a lot of time and effort. It also doesn’t fully match...
Introduction Let’s be real - when you’re working in a smaller company or with a lean cloud team, you don’t always have a full-blown CNAPP solution in place. A lot of cloud engineers I meet just want to keep things manageable: they’re already routing logs to...
The Challenge of Security Visibility in the Past Back in the day, we followed best practices to configure our services securely. However, there was always the question: Did we actually configure everything correctly? Even if we used tools to identify misconfigurations, they rarely provided a comprehensive view across all services,...
Introduction In AWS, roles have become an essential part of securely granting permissions to services without the need for manual key management. Traditionally, in legacy systems or on-premises environments, services like virtual machines would rely on static access keys or service accounts for authentication. But with AWS roles were introduced...
Introduction Imagine you’re responsible for securing an AWS environment with dozens or even hundreds of accounts. Each account has its own users, permissions, and workloads. One day, you find out that a compromised IAM key in a sandbox account was used to exfiltrate data from an S3 bucket. The...
