2021-05-12: Shifting left is an antiquated way to think about security in a cloud-native world Once upon a time you needed to hand-tune and architect infrastructure to performantly serve static …

2021-05-05: Mediocre persistent threats: infosec basics for startups (part 3) Unless you’re an extremely high value target, advanced persistent threats and exotic attacks …

2021-04-30: Mediocre persistent threats: infosec basics for startups (part 2) Most “start here” for infosec guides begin with an exercise in assessing and enumerating the threats …

2021-04-23: CSPM (cloud security posture management) and where it fits within your infrastructure Cloud and other B2B infrastructure providers are notorious for creating a new and never ending …

2021-04-14: Linting cloud infrastructure (part 2) In our last blog post we introduced the concept linting through the prism of …

2021-04-07: Cloud infrastructure linting even if you aren’t 100% IaC Linters have a long and enduring history in software. From their origins in late 1970s to the …

2021-03-23: Understanding Infrastructure-as-Deployed Engineering teams are steadily adopting a “cattle, not pets” attitude towards infrastructure. Cloud …

2021-03-10: Introducing rpCheckup - Find Backdoors and Public Access In AWS Resource Policies AWS’ policy language is notoriously challenging. As you build out your infrastructure, you …

2021-02-24: When should my startup prioritize infosec? If you imagine your organization as a sea-faring vessel, infosec’s goal is to ensure the boat can …

2021-02-11: Do The Basics First - What To Check Before Launching on AWS How do engineers make the seemingly-obvious mistake of opening their infrastructure to the world? …

2021-01-27: Our Philosophy No one doubts that security is important for cloud infrastructure. The potential for harm to your …