Marco Lancini, Director of Security e autore di "The CloudSec Engineer", esperto in strategia di sicurezza, leadership tecnica e sicurezza cloud.
59 articles from this blog
A guide to automating the deployment of Cartography and Neo4J on Kubernetes using HashiCorp Vault for secrets management.
A guide to automating GitHub account backups using AWS ECS (Fargate) and S3 Glacier, including architecture and implementation details.
A technical guide on automating Google Drive backups using AWS ECS (Fargate), S3 Glacier, and rclone, including architecture and security considerations.
A guide to building a comprehensive cloud security program, covering strategy, maturity levels, and controls based on the NIST framework.
How Thought Machine uses Cartography to map and secure ephemeral cloud environments across multiple providers.
A guide to setting up cross-account security auditing for AWS and GCP environments using hub-and-spoke models and IAM roles.
A guide for security professionals to understand Apache Kafka basics and its security features within the Kubernetes ecosystem.
A guide to deploying a Kubernetes lab for security research, covering local setups, vulnerable clusters, and production-ready multi-node deployments.
A hands-on walkthrough of setting up and exploring Google Kubernetes Engine (GKE) Autopilot, a fully managed Kubernetes service.
Explores using Semgrep, a static analysis tool, to find security vulnerabilities in Infrastructure as Code like Terraform and Kubernetes configurations.
Announcing CloudSecDocs.com, a public collection of technical notes and cheatsheets for cloud-native technologies, DevOps, and security.
A technical guide on setting up Domain-Wide Delegation of Authority between GSuite and GCP for security tools to access GSuite APIs.
A guide to integrating Cartography with Elasticsearch for continuous monitoring and drift detection of cloud assets in multi-cloud environments.
A summary of three major Kubernetes threat modeling initiatives to help security professionals secure their production clusters.
A technical guide on building a cost-effective, serverless mailing list for a security newsletter using AWS services, Terraform, and CI/CD.
A technical breakdown of a personal blog's infrastructure, covering AWS S3 hosting, CloudFlare DNS, Jekyll generation, and GitHub Actions deployment.
A guide to setting up a Chromebook for remote software development using SSH, VSCode Remote, and Linux tools.
Announcing a new weekly newsletter curating cloud-native security news and updates for professionals.
A curated list of security auditing and offensive tools for Docker, Kubernetes, AWS, GCP, and Git, with usage guides and an Ansible role.
A technical guide to automating the deployment of the full HashiCorp stack (Consul, Vault, Nomad, Traefik) using Vagrant and Ansible for infrastructure.
