Archive - Daniel’s Substack

Building your first IaC scanning pipeline

In this post, we will configure an IaC scanning pipeline using tfsec to scan Terraform code – ensuring our AWS infrastructure is deployed in a secure…

May 13, 2024 •

February 2024

Dangling DNS Records: What are they & how to remediate them

What is a dangling DNS record?

Feb 26, 2024 •

September 2023

AWS Secrets Manager: Best Practices

In this post will discuss some best practices when using AWS Secrets Manager. We’ll touch on secret rotation, encryption and limiting access via IAM and…

Sep 15, 2023 •

April 2023

Phishing websites: How do they work?

In this post we'll discuss the phishing phenomenon, reverse engineer a real phishing website and discuss how you can stay safe from phishing attempts.

Apr 16, 2023 •

Securing EC2 Instance Metadata in AWS

In this post we will discuss the security pitfalls of the EC2 Instance Metadata Service (IMDS) version 1, identifying it’s use within your AWS…

Apr 16, 2023 •

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts