A technical guide on building a conversational AI knowledge base using RAG pipelines and Cloudflare's AutoRAG to query years of curated cloud security content.
Architecting a multi-account security logging platform in AWS, covering services like CloudTrail and CloudWatch, and best practices for collection, monitoring, and SIEM integration.
Announcing the release date for 'The CloudSec Engineer' book, a guide focused on cloud security engineering.
Introducing CloudSecGPT, a specialized AI model trained on cloud security documentation to provide interactive insights and troubleshooting help.
A guide to designing a state-of-the-art, multi-account security logging and monitoring platform in Google Cloud Platform (GCP).
An exploration of career pathways in cyber security, focusing on cloud security roles and the lack of industry standardization.
A guide to building a comprehensive cloud security program, covering strategy, maturity levels, and controls based on the NIST framework.
How Thought Machine uses Cartography to map and secure ephemeral cloud environments across multiple providers.
A guide to setting up cross-account security auditing for AWS and GCP environments using hub-and-spoke models and IAM roles.
Explores using Semgrep, a static analysis tool, to find security vulnerabilities in Infrastructure as Code like Terraform and Kubernetes configurations.
Announcing CloudSecDocs.com, a public collection of technical notes and cheatsheets for cloud-native technologies, DevOps, and security.
A guide to integrating Cartography with Elasticsearch for continuous monitoring and drift detection of cloud assets in multi-cloud environments.
Announcing a new weekly newsletter curating cloud-native security news and updates for professionals.
A curated list of security auditing and offensive tools for Docker, Kubernetes, AWS, GCP, and Git, with usage guides and an Ansible role.
