The Most Underrated Service in GCP? It's Not What You Think. In the world of cloud security, we are obsessed with the new, the complex, and the cutting-edge. We talk about advanced threat intelligence feeds, sophisticated eBPF-based runtime security, and AI-powered anomaly detection. But what if the most...
Introduction Let’s be honest: the current AI hype is exhausting. Every company I talk to wants to “do something with AI.” Most don’t even know why - it just feels like something they should be doing. The result? Teams rush to train models on whatever data they can...
Introduction I often see companies struggle with installing security agents on their virtual machines fleets. These agents could be Wazuh, Splunk, Microsoft Defender for Endpoint (MDE), or others. Setting them up manually or with tools like Ansible takes a lot of time and effort. It also doesn’t fully match...
Introduction Let’s be real - when you’re working in a smaller company or with a lean cloud team, you don’t always have a full-blown CNAPP solution in place. A lot of cloud engineers I meet just want to keep things manageable: they’re already routing logs to...
Introduction During my time leading development teams, one of the most frustrating challenges we faced was dealing with the overwhelming number of security findings flooding in from various systems. They were rarely well-described, almost never prioritized, and often left us scratching our heads about their actual impact. Google’s Security...
Introduction For a long time, I used service accounts and understood the security implications of working with them in GCP, but I never really took a deep dive into how they work. Like many developers, I relied on the abstraction provided by Google’s SDKs, which made it easy to...
