Introduction Finally - attack path analysis has arrived in AWS. 🎯 While GCP and Azure have long offered attack path analysis, AWS was suspiciously quiet. That silence is finally over. With Security Hub v2, AWS is finally bringing modern risk-based prioritization to its native ecosystem - not just listing misconfigurations, but...
Introduction I’ve been using Notion for several years now - it’s where I store everything from deep‑dive research to HackTheBox write‑ups, and even notes for my books. It’s truly my second brain. But I also love capturing quick ideas in VS Code (don’t judge...
Introduction Let’s be honest: the current AI hype is exhausting. Every company I talk to wants to “do something with AI.” Most don’t even know why - it just feels like something they should be doing. The result? Teams rush to train models on whatever data they can...
Introduction While building Lambda-based automation for patch management and security hardening, I frequently ran into a frustrating problem: some EC2 instances failed during software installation or SSM command execution. Usually the root cause was that the instance wasn’t a Managed Instance in SSM. An EC2 instance must be managed...
Introduction I often see companies struggle with installing security agents on their virtual machines fleets. These agents could be Wazuh, Splunk, Microsoft Defender for Endpoint (MDE), or others. Setting them up manually or with tools like Ansible takes a lot of time and effort. It also doesn’t fully match...
Introduction Let’s be real - when you’re working in a smaller company or with a lean cloud team, you don’t always have a full-blown CNAPP solution in place. A lot of cloud engineers I meet just want to keep things manageable: they’re already routing logs to...
