security

Cloud-Native Application Security Platform (CNAPP)

By Andreas Dann

Here we explain the term Cloud-Native Application Protection Platfom.

Is your AWS Account vulnerable to the newest attack presented at Black Hat 2021?

By Manuel Benz & Johannes Späth

In this article we are demonstrating a new confused deputy attack against AWS Serverless Application Repository Apps and how to find and fix the underlying vulnerabilty.

Cloud Security Term: Cloud Workload Protection Platform (CWPP)

By Johannes Spaeth

Here we explain the term Cloud Workload Protection Platform.

Cloud Security Term: Cloud Security Posture Management (CSPM)

By Andreas Dann

Here we explain the term Cloud Security Posture Management.

Automated Vulnerability Prioritization in the Context of the Cloud

By Johannes Spaeth

In this article, we explain how cloud security warnings can be prioritized.

Cloud Security Term: Software Composition Analysis (SCA)

By Rajiv Thorat

Here we explain the term Software Composition Analysis.

How to Exploit Code Injection Vulnerabilities in Serverless Goat

By Andreas Dann

This article is part one of a series on how to prevent code injection attacks against Serverless applications using AWS Web application firewalls.

Five Common Cloud Security Threats and Data Breaches

By Andreas Dann

In this article, we explain the term Infrastructure as Code (IaC)

Cloud Security Term: Infrastructure as Code (IaC)

By Kaustubh Kelkar

In this article, we explain the term Infrastructure as Code (IaC)

How to Prevent Code Injection Vulnerabilities in Serverless Applications (Part 2/2)

By Manuel Benz

This article is part two of a series on how to prevent code injection attacks against Serverless applications using AWS Web application firewalls.

-->