Analyze resource-based policy dependencies across your AWS Organizations accounts
Managing multiple AWS accounts in an organization can get complicated, especially when trying to understand how services and permissions are connected. The Account Assessment …
YES3 Scanner: Open-source S3 security scanner for public access, ransomware protection
YES3 Scanner is an open-source tool that scans and analyzes 10+ different configuration items for your S3 buckets in AWS. This includes access such as public access via ACLs …
Whitepaper: Voice of Security 2025
Discover insights from 900 security leaders across the globe in IDC’s Voice of Security 2025 survey, sponsored by Tines in partnership with AWS. Understand the biggest …
Ingress-nginx vulnerabilities can lead to Kubernetes cluster takeover
Wiz researchers have unearthed several critical vulnerabilities affecting Ingress NGINX Controller for Kubernetes (ingress-nginx) that may allow attackers to take over …
Finders Keypers: Open-source AWS KMS key usage finder
Finders Keypers is an open-source tool for analyzing the current usage of AWS KMS keys. It supports both AWS customer managed KMS keys and AWS Managed KMS keys. Use cases …
Attackers are encrypting AWS S3 data without using ransomware
A ransomware gang dubbed Codefinger is encrypting data stored in target organizations’ AWS S3 buckets with AWS’s server-side encryption option with customer-provided …
The shocking speed of AWS key exploitation
It’s no secret that developers often inadvertently expose AWS access keys online and we know that these keys are being scraped and misused by attackers before …
AWS offers incident response service
Amazon Web Services (AWS) has launched a new service to help organizations prepare for and recover from ransomware attacks, account takeovers, data breaches, and other …
Deploy a SOC using Kali Linux in AWS
The Kali SOC in AWS project is a Terraform-based implementation that enables the deployment of a Security Operations Center (SOC) in AWS, utilizing the Kali Linux toolset for …
AWS security essentials for managing compliance, data protection, and threat detection
AWS offers a comprehensive suite of security tools to help organizations manage compliance, protect sensitive data, and detect threats within their environments. From AWS …
Whispr: Open-source multi-vault secret injection tool
Whispr is an open-source CLI tool designed to securely inject secrets from secret vaults, such as AWS Secrets Manager and Azure Key Vault, directly into your application’s …
The Cloud Latency Map measures latency across 100+ cloud regions
Kentik launched The Cloud Latency Map, a free public tool allowing anyone to explore the latencies measured between over 100 cloud regions worldwide. Users can identify recent …
Featured news
Resources
Don't miss
- Patch Tuesday: Microsoft fixes 5 actively exploited zero-days
- Zero-day exploited to compromise Fortinet FortiVoice systems (CVE-2025-32756)
- Ivanti EPMM vulnerabilities exploited in the wild (CVE-2025-4427, CVE-2025-4428)
- Product showcase: Go beyond VPNs and Tor with NymVPN
- CISOs must speak business to earn executive trust