Posts
I deliberately published an Access Key and Secrets. Here's what happened.

At BSides Atlanta, I talked about how to handle an incident in AWS. The talk and this post are for those already familiar with the principles of Incident Response to understand what to do when the incident involves the AWS Control Plane.

There were 125 AWS Announcements in the last 10 days. Here are the ones I thought interesting, or security pros may care about.

There were 234 AWS announcements in pre:Invent season. I breakdown and snark about 27 of them relating to security and governance.

It's 2021, time to revisit what you should do when setting up a new AWS Organization from scratch.

After being the butt of jokes since it's release, I take a fresh look at AWS's Macie service. To my surprise, I'm kind of a fan.