Introduction Finally - attack path analysis has arrived in AWS. 🎯 While GCP and Azure have long offered attack path analysis, AWS was suspiciously quiet. That silence is finally over. With Security Hub v2, AWS is finally bringing modern risk-based prioritization to its native ecosystem - not just listing misconfigurations, but...
Introduction While building Lambda-based automation for patch management and security hardening, I frequently ran into a frustrating problem: some EC2 instances failed during software installation or SSM command execution. Usually the root cause was that the instance wasn’t a Managed Instance in SSM. An EC2 instance must be managed...
The Challenge of Security Visibility in the Past Back in the day, we followed best practices to configure our services securely. However, there was always the question: Did we actually configure everything correctly? Even if we used tools to identify misconfigurations, they rarely provided a comprehensive view across all services,...
Introduction In AWS, roles have become an essential part of securely granting permissions to services without the need for manual key management. Traditionally, in legacy systems or on-premises environments, services like virtual machines would rely on static access keys or service accounts for authentication. But with AWS roles were introduced...
Introduction Imagine you’re responsible for securing an AWS environment with dozens or even hundreds of accounts. Each account has its own users, permissions, and workloads. One day, you find out that a compromised IAM key in a sandbox account was used to exfiltrate data from an S3 bucket. The...
Introduction When managing an AWS Organization, you often need to execute tasks across multiple AWS accounts. Instead of manually configuring credentials for each account, AWS provides cross-account IAM roles that allow services in one account (such as a Lambda function in the central account) to assume a role in another...
