Click any tag below to further narrow down your results
Links
This article details how attackers can misuse AWS CLI aliases to stealthily maintain persistence in cloud environments. It explains the mechanics of creating malicious aliases that preserve normal command functionality while executing harmful actions, such as credential exfiltration. A proof of concept demonstrates the technique in action.
This article explains how Authress maintained service availability despite the significant AWS outage on October 20th. It discusses the importance of reliability in their authentication services and the architectural strategies they implemented to achieve a five-nines SLA.
AWS Lambda now offers improved observability for Kafka event source mappings, allowing users to monitor event polling, scaling, and processing with Amazon CloudWatch Logs and metrics. This enhancement helps troubleshoot issues quickly, reducing operational overhead and mean time to resolution. It's available for both Amazon Managed Streaming for Apache Kafka and self-managed Kafka setups.
This article examines how attackers can exploit log data in cloud environments for enumeration and intelligence gathering. It discusses the types of logs generated by major cloud providers like AWS, Azure, and GCP, and highlights the importance of rethinking log access to enhance security. Practical mitigation strategies for defenders are also presented.
AWS now supports response streaming in API Gateway, allowing REST APIs to send responses progressively. This reduces wait times, improves user experience in applications like AI chatbots, and handles larger payloads more efficiently.
AWS has introduced Database Savings Plans, allowing customers to save up to 35% on managed database services by committing to a consistent hourly usage over a year. This plan includes flexibility to switch between database engines and deployment types while maintaining cost efficiency. Customers can purchase and evaluate plans through the AWS Billing and Cost Management Console.
This article explains how to integrate FortiGate Next-Generation Firewall (NGFW) with AWS Gateway Load Balancer for improved security in hybrid environments. It highlights the benefits of centralized traffic inspection and policy management, simplifying compliance and threat prevention. A free 30-day trial is available for evaluation.
AWS faced a major outage on October 19-20 due to a race condition in DynamoDB’s DNS management, disrupting multiple services in the Northern Virginia region. While the incident was brief, many customers experienced issues for up to 15 hours, prompting discussions on AWS reliability and future improvements.
This article explains service-linked roles (SLRs) in AWS, detailing their unique characteristics and how they differ from standard service roles. It covers how SLRs are created, managed, and the implications of AWS owning these roles, including access limitations for users.
The article recounts a costly mistake involving AWS NAT Gateways and data transfer fees due to a missing VPC Endpoint for S3. After a surprise $1,000 bill, the author explains how to implement VPC Gateway Endpoints to prevent similar charges in the future.
AWS is launching a preview of AWS Interconnect, which offers private, high-speed connections to other cloud providers like Google Cloud and Microsoft Azure. This service simplifies multicloud networking by allowing customers to connect their AWS resources directly to other clouds without the complexities of traditional methods. It's currently available in five AWS Regions.
Amazon S3 now allows tagging on S3 Tables to help manage access permissions and track costs. Tags can simplify permission management and assist in organizing AWS expenses. This feature is available in all regions supporting S3 Tables.
This guide breaks down how to create effective EventBridge patterns for JSON structures. It covers basic to complex matching logic, including the use of boolean algebra and operators like $or. Understanding these patterns helps in building precise detection rules for AWS events.
This article details the technical implementation of the Modular Open-Source Identity Platform (MOSIP) on AWS, highlighting its cloud-based architecture, deployment models, and cost benefits. It covers the collaboration between Atos and AWS, showcasing how they transformed MOSIP from an on-premises solution to a scalable cloud-based system for digital identity. The piece also outlines various hybrid deployment options to meet data sovereignty requirements.
Pathfinding.cloud offers resources for security and DevOps professionals to identify and address IAM privilege escalation risks in AWS. It includes a library of exploitation guides and a coverage map, along with upcoming labs for hands-on practice in a controlled setting.
The article explores how software companies maintain high gross margins but struggle to convert that into net income due to heavy spending on sales, marketing, and R&D. It contrasts this with AWS, which has successfully maintained high operating margins through significant investment in infrastructure rather than customer acquisition. Ultimately, it argues that in software, the opportunity lies in outspending competitors.
AWS has upgraded CloudWatch to consolidate operational, security, and compliance logs from multiple accounts and sources into a unified platform. The new features support querying logs directly in Amazon S3 without ETL, making it easier for organizations to manage their log data while reducing costs and complexity. However, there are concerns about vendor lock-in as it ties users closely to the AWS ecosystem.
This article examines a recent AWS DynamoDB outage caused by a latent race condition in the DNS management system. It discusses how applying System-Theoretic Process Analysis (STPA) could have identified potential issues before the outage occurred, highlighting the importance of proactive analysis in software reliability.
This article details the Quiet Riot tool for enumerating AWS, Azure, and GCP principals without authentication. It explains setup requirements, command usage, and performance insights based on extensive testing. The tool facilitates automated scanning for various account IDs and user details across cloud services.
Amazon Web Services (AWS) and OpenAI have formed a $38 billion partnership to enhance OpenAI's AI workloads. AWS will provide advanced computing resources, including NVIDIA GPUs and the ability to scale up to millions of CPUs, to support OpenAI's generative AI projects. The infrastructure is designed for high efficiency and low-latency performance.
Amazon Route 53 Resolver now allows private access through AWS PrivateLink, enabling users to manage its features without using the public internet. This includes operations like creating and managing DNS records securely over the Amazon network. It is available in all VPCs and supports various AWS regions, including GovCloud.
The article discusses how AWS IAM's eventual consistency can leave a 4-second window during which deleted access keys may still be valid. Attackers can exploit this delay to create new keys after the old ones are revoked, posing significant security risks. It outlines mitigation strategies, including using Service Control Policies.
AWS Secrets Manager now offers managed external secrets for third-party software credentials, simplifying their management and rotation. This feature standardizes formats and automates processes, reducing operational overhead for organizations that use multiple external services. Users can create and manage these secrets directly in Secrets Manager.
This article discusses a method for privilege escalation in AWS SageMaker, paralleling previous exploits in EC2. It explains how an attacker can manipulate lifecycle configurations to run unauthorized code and gain access to IAM roles. The author provides a proof of concept and highlights the need for better security measures.
Yelp revamped its data infrastructure by transitioning to a streaming lakehouse architecture on AWS. This change addressed latency issues, reduced operational complexity, and improved data governance, resulting in analytics data processing times dropping from 18 hours to minutes.
The article covers key announcements and trends from AWS re:Invent 2025, focusing on the rise of AI agents and the evolving role of developers. It discusses new tools like AWS Transform and Nova 2, along with concerns about job displacement in tech. The event underscored AWS's commitment to enhancing its platform for developers and enterprises.
This article explains how to set up a centralized logging system for AWS CloudFormation StackSets across multiple accounts. It outlines the architecture, implementation steps, and monitoring capabilities to streamline deployment tracking and troubleshooting.
Heimdall is an AWS security scanner that identifies privilege escalation paths that attackers could exploit. It analyzes over 10 AWS services and provides insights into IAM roles, detecting potential vulnerabilities and mapping them with MITRE ATT&CK.
NVIDIA and AWS announced an expansion of their collaboration at AWS re:Invent, introducing NVIDIA NVLink Fusion for enhanced AI infrastructure. This integration will support new custom silicon, improve performance, and simplify deployment for advanced AI services. Additionally, they are launching AWS AI Factories for secure, sovereign AI solutions worldwide.
AWS has launched new EC2 C8id, M8id, and R8id instances that feature up to 22.8 TB of NVMe storage and improved performance metrics. These instances are designed for various workloads, including compute-intensive tasks, balanced memory applications, and memory-heavy databases. They support larger instance sizes and enhanced resource allocation options.
AWS has introduced a Responsible AI Lens and updated its Machine Learning and Generative AI Lenses within the Well-Architected Framework. These updates aim to help professionals design and manage AI systems with a focus on ethics, risk management, and operational best practices.
AWS Lambda Managed Instances lets you run Lambda functions on EC2 instances while keeping the serverless experience. This feature provides access to specialized compute options and cost savings for steady workloads without the hassle of managing infrastructure. You can configure capacity providers to optimize for your specific needs.
AWS Backup can now back up Amazon EKS clusters and their data. This service offers automated scheduling, retention management, and the ability to restore entire clusters or specific elements. It simplifies backup processes by eliminating the need for custom scripts or third-party tools.
This article explains how Vectra AI helps identify security threats that move from AWS to on-premises and SaaS environments. It highlights the platform's capability to detect more high-risk threats faster and offers a chance to see a live demo with a security engineer.
Shorlabs is a platform that streamlines the deployment and management of backend applications using Python or Node.js. Built on AWS Lambda, it offers automatic scaling and a pay-per-use pricing model, making backend deployment more accessible without the need for extensive infrastructure management.
The article argues that while AWS remains financially strong, it faces significant challenges, particularly from Google Cloud and internal talent issues. It discusses the need for AWS to improve execution amid growing competition and changing market demands.
This article highlights key security updates announced before AWS re:Invent 2025, focusing on AWS local development with console credentials, IAM outbound identity federation, and attribute-based access control for S3. It discusses the benefits of these features, potential risks for attackers, and monitoring strategies using CloudTrail.
AWS introduced VPC encryption controls to help organizations enforce encryption for traffic within and between VPCs. The feature offers two modes: monitor and enforce, allowing users to audit encryption status and ensure compliance with regulations. It simplifies the process of maintaining encryption across cloud infrastructure without significant performance impact.
This article outlines the creation of a unified dashboard for tracking costs across multiple cloud platforms, including AWS and GCP. It details the implementation steps using tools like dlt, SQL, and Rill to visualize data and combines cloud costs with revenue metrics for better financial insights.
The article explores security vulnerabilities in AWS EKS by deploying misconfigured Kubernetes pods. It demonstrates how an attacker can escape from a compromised pod to gain root access on the host and potentially access other services. The focus is on the implications of specific dangerous configurations and their exploitation.
Fog Security revealed methods to evade AWS Trusted Advisor's S3 security checks, allowing public access to S3 buckets without triggering alerts. Despite reporting these issues to AWS, initial fixes were incomplete, leading to continued inaccurate assessments of bucket security. Their communication regarding the problem's severity was also criticized as insufficient.
This article explores AWS Bottlerocket, a secure operating system designed for container hosting. It tests how Bottlerocket defends against common container escape techniques, demonstrating its effective security measures compared to less hardened systems like Ubuntu.
Amazon CloudWatch now allows users to enable deletion protection for their log groups. This feature prevents accidental deletions, ensuring critical operational and compliance logs are preserved. Administrators can activate this protection during log group creation or for existing groups.
The author shares a misstep during an AWS migration from IAM Users to SSO, resulting in a permissions error related to a KMS key. After discovering the issue, they detail the recovery process and a new checklist step to prevent similar problems in the future.
AWS is discontinuing its SSE-C encryption for S3, a feature that allowed users to manage their own encryption keys. While not widely adopted, it was exploited in a ransomware scheme, prompting the decision to remove it. The article outlines alternatives like KMS and client-side encryption.
AWS introduced three new AI agents aimed at improving software development and DevOps processes. The Kiro agent enhances coding efficiency by automating tasks, while the DevOps agent focuses on incident management and performance improvement. Despite claims of increased efficiency, concerns about AI reliability and past failures remain.
This article details a cloud attack where a threat actor gained administrative access to an AWS environment in under 10 minutes, utilizing stolen credentials from public S3 buckets. The attacker leveraged large language models to automate tasks such as reconnaissance and malicious code generation, ultimately compromising multiple AWS principals.
Amazon EC2 now offers interruptible Capacity Reservations, allowing users to temporarily share unused compute capacity with other workloads while retaining the right to reclaim it for critical tasks. This feature benefits flexible operations like batch processing and data analysis, providing advance notice before any interruptions occur. It's available at no extra cost for all Capacity Reservations customers.
This article explains how the Octopus AI Assistant helps DevOps teams create AWS Well-Architected reports for their projects. By automating the evaluation process, teams can quickly assess alignment with AWS best practices without manual analysis. It streamlines the mapping of best practices to actual project implementations.
This article offers a comprehensive e-book focused on AWS container services. It covers various aspects like security, monitoring, and management for applications running in AWS environments. You'll find insights tailored for developers and IT professionals working with containers.
A recent AWS report identifies major security issues in cloud systems, with human errors and operational misconfigurations leading to data breaches. Despite widespread cloud adoption, concerns about cybersecurity and integration challenges persist among businesses. The report underscores the need for organizations to address these vulnerabilities as they transition to cloud-based solutions.
This article outlines key engineering insights gained from building a database replication tool for Amazon RDS Postgres using Rust. It addresses challenges like compatibility issues, deployment complexities, and the need for proactive network management. The authors stress the importance of customizing solutions for the specific constraints of managed environments.
This article discusses how attrition among engineers, particularly in the context of AWS outages, is rarely acknowledged in public incident reports. While internal write-ups may reference attrition, they often focus on technical causes, leaving out broader organizational factors that contribute to incidents. The author argues that attrition is a significant risk factor that impacts system reliability, similar to other systemic risks.
taws is a terminal-based user interface designed to help users manage AWS resources efficiently. It supports multiple AWS profiles and regions, allowing easy navigation and management of over 60 services. Key features include resource filtering, detailed views, and direct actions on EC2 instances.
Security researchers identified a major flaw in the AWS Console that could have allowed attackers to seize control of key GitHub repositories, potentially leading to widespread supply chain attacks. The vulnerability, linked to a misconfiguration in AWS CodeBuild CI pipelines, has been addressed by AWS following its disclosure in August 2025. Users are advised to implement certain security measures to mitigate risks.
AWS Lambda now officially supports Rust for building serverless applications. The article explains how to set up and deploy Rust-based Lambda functions using Cargo Lambda and the AWS Cloud Development Kit (CDK). It covers prerequisites, function creation, testing, and deployment steps.
EC2 Auto Scaling now offers an instance lifecycle policy that lets you retain instances when termination hooks fail or time out. This feature allows for custom actions during instance wait states and gives you more control over graceful shutdowns, which is useful for stateful applications.
AWS has announced the Fastnet, a new subsea fiber optic cable system connecting Maryland and County Cork, Ireland, set to operate in 2028. This cable will enhance network resilience, enabling better data routing and supporting growing demands in cloud computing and AI.
Amazon Web Services is constructing a new subsea cable, named Fastnet, to connect Maryland and Ireland by 2028. The cable will enhance internet capacity and resilience, featuring deep burial and robust armoring to prevent damage. It aims to support high-speed data transfer and bolster Amazon's network reliability.
This article outlines common misconfigurations in AWS that can expose cloud resources to unauthorized access. It focuses on two main issues: service exposure and access by design, highlighting specific services like Lambda, EC2, and ECR that can create vulnerabilities. Understanding these risks is essential for effective cloud security management.
The article details a serious vulnerability in AWS ROSA Classic Clusters that allowed unauthenticated attackers to take control of clusters and access underlying AWS accounts. The exploit involved manipulating cluster transfer requests without proper authorization checks, enabling mass compromises. The author outlines the discovery, mechanics, and potential impacts of the attack.
This article discusses findings from the 2025 State of Cloud Security study, highlighting issues like the risks of long-lived credentials and the importance of using AWS Organizations for better security management. It also offers recommendations for improving security postures in cloud environments.
Amazon S3 now allows users to change the server-side encryption type of existing objects without moving data. You can use the UpdateObjectEncryption API to switch between encryption methods, such as from SSE-S3 to SSE-KMS, and apply these changes at scale with S3 Batch Operations. This is particularly useful for meeting compliance and security standards.
The article analyzes the long-term costs of storing 10 petabytes of cold data using AWS, GCP, Azure, and tape over 20 years. It highlights the financial implications and efficiency of each option, providing insights for organizations considering their data storage strategies.
AWS has introduced its European Sovereign Cloud, a €7.8 billion investment aimed at meeting EU regulatory demands and addressing data privacy concerns. Despite claims of technical isolation from U.S. jurisdiction, experts question the effectiveness of this separation in protecting against U.S. government data requests.
This article details Yelp's approach to handling S3 server access logs at scale. It discusses the challenges of logging, the benefits of object-level logging for debugging and security, and the architecture used to optimize log storage by converting them into a more efficient format.
Ubiquity Global Services has announced a partnership with AWS to create customized generative AI applications using AWS Bedrock. This collaboration will enhance customer interactions through tailored AI tools like chatbots and knowledge bases, while ensuring security and accuracy with advanced techniques.
This article explains how to set up the AWS WAF Anti-DDoS managed rule group to effectively protect web applications from Layer 7 DDoS attacks. It covers the balance between mitigating attacks and ensuring a smooth experience for legitimate users, detailing configurations for different client types and request scenarios.
New Relic migrated its Lambda Extension from Go to Rust, resulting in a 40% reduction in billed duration and improved memory efficiency. The rewrite also enhanced reliability and introduced a more robust telemetry pipeline.
AWS Lambda now allows asynchronous invocations with a maximum payload size of 1 MB, up from 256 KB. This change enables developers to send more complex data in a single event, simplifying data handling for event-driven applications. Customers can use the Lambda API or receive events from various AWS services.
AWS introduced a new tool called AWS Capabilities by Region in Builder Center, allowing users to explore and compare service availability across different AWS Regions. It includes an interactive interface and access to a roadmap for future services. The AWS Knowledge Model Context Protocol server has also been updated to provide real-time insights on regional capabilities.
This article details Cloud Native Qumulo (CNQ) on AWS, highlighting its ability to handle various unstructured data workloads with high performance and scalability. It supports integration with AWS services, offers strong data security, and provides flexible consumption options. The platform is designed for both new applications and migration of existing workloads to the cloud.
This article details the evolution of AWS privilege escalation, highlighting the shift from IAM policy abuse to service-based execution and AI orchestration. It discusses the various escalation techniques, including those introduced by new AI services like Bedrock and AgentCore, and outlines which actions can be effectively blocked by security policies.
The article critiques the complexity of deploying applications on AWS, highlighting how the cumbersome setup process and confusing services can frustrate younger developers. It contrasts this experience with simpler platforms like Vercel, suggesting that the next generation will prefer user-friendly options over AWS's intricate system.
AWS has introduced its European Sovereign Cloud, designed to meet strict data sovereignty requirements for public sector and regulated industries in Europe. This independent cloud infrastructure operates entirely within the EU, ensuring data residency and operational control under European jurisdiction.
This article outlines the features and capabilities of FortiGate-VM, a next-generation firewall and VPN solution for AWS environments. It highlights its integration with AWS services, automated security management, and advanced threat protection functionalities. User experiences and pricing details are also discussed.
This article explains AWS's EC2 Instance Attestation, a feature that extends security verification to entire EC2 instances, unlike Nitro Enclaves, which operates in a limited, secure environment. It outlines the differences in deployment complexity, security measures, and potential use cases, emphasizing the need for proactive security in standard EC2 instances.
AWS introduces Stack Refactoring for CloudFormation, allowing users to reorganize their infrastructure without downtime. This feature enables moving resources between stacks, renaming IDs, and breaking down large templates into smaller ones while ensuring operational stability. The process is controlled and can be tracked for safety.
The article highlights a flaw in the trust policies created by AWS Bedrock for execution roles. These policies allow any agent in the account to assume roles, leading to potential security risks if not properly scoped. The author suggests that AWS should refine these policies to ensure only specific agents can invoke models.
This article outlines Sumo Logic's cloud security features for AWS, emphasizing real-time monitoring and AI-driven incident response. It invites readers to sign up for a demo and offers insights into improving security operations.
AWS Control Tower now offers improved visibility into proactive controls through the AWS CloudFormation Hook Invocation Summary console. This enhancement helps teams quickly identify and resolve deployment issues caused by policy violations, streamlining compliance and reducing troubleshooting time.
This article explores how to implement robust authorization for data accessed through Retrieval-Augmented Generation (RAG) using Amazon S3 Access Grants with Amazon Bedrock. It highlights the need to verify permissions directly from the data source to prevent unauthorized information retrieval.
Amazon Nova Forge is a new service that allows organizations to create customized AI models using their proprietary data alongside curated training data from Amazon Nova. It addresses issues like catastrophic forgetting and offers tools for reinforcement learning and responsible AI. This service is ideal for businesses seeking to develop models tailored to specific industry needs.
AWS DevOps Agent is a new tool that automates incident response by correlating data from various operational tools to identify root causes and recommend fixes. It helps on-call engineers manage incidents more efficiently and provides insights for long-term system improvements. The agent integrates with popular services like CloudWatch and GitHub to streamline investigations.
This article discusses the development of the AWS DevOps Agent, focusing on the transition from prototype to a reliable product. It outlines essential mechanisms for improving agent quality, such as evaluations, fast feedback loops, and visualization tools to analyze performance and failures.
This article outlines how to effectively manage alerts using Amazon Managed Service for Prometheus. It covers creating and routing alerting rules, optimizing query performance, and reducing alert fatigue for teams monitoring applications on AWS. Practical examples and YAML configurations are provided for recording and alerting rules.
AWS now offers flat-rate pricing plans for its CloudFront service, eliminating overage charges regardless of traffic spikes. These plans include essential features like CDN, DDoS protection, and analytics, available in various tiers to suit different needs. Users can choose from a free tier up to premium options, making it easier to budget for internet-facing applications.
The author shares their experience of having their AWS account hacked, detailing how the attacker gained access, the immediate steps taken to regain control, and the lessons learned about cloud security. They emphasize the importance of proper security measures and the mindset needed to prevent such incidents.
This article explains how to use AWS Lambda durable functions for building multi-step applications and AI workflows. It describes features like automatic retries, state management, and execution suspension, allowing developers to handle complex scenarios efficiently. It also provides a sample order processing workflow demonstrating these capabilities.
Amazon EKS and ECS have introduced fully managed Model Context Protocol (MCP) servers in preview. These servers enhance AI applications with real-time insights about clusters, simplifying development and operations by eliminating local installation and maintenance. Developers can configure AI coding assistants, while operators gain access to a rich knowledge base for best practices and troubleshooting.
This article discusses the challenges and solutions for deploying large Mixture-of-Experts models on AWS using Elastic Fabric Adapter technology. It details the development of new inter-node kernels that improve performance and reduce latency for these complex models. The authors explain the technical aspects of their implementation and how it enhances cloud-based model deployment.
AWS's Project Rainier is now operational, featuring nearly 500,000 Trainium2 chips to support advanced AI workloads. Partner Anthropic is using this infrastructure to enhance its AI model, Claude, which is expected to grow significantly in power by 2025. The project emphasizes AWS's commitment to scaling AI capabilities and improving sustainability in data centers.
MilkStraw helps manage AWS billing by syncing your account and optimizing savings plans based on your needs. It simplifies your AWS interface, providing a clear view of costs across all services. You can activate savings plans effortlessly as your requirements change.
This article discusses Autocomp, a framework designed to optimize code for tensor accelerators using large language models. It highlights how Autocomp outperforms human experts in efficiency and portability, particularly when applied to AWS Trainium. The authors explore the challenges of programming tensor accelerators and the unique optimizations required for effective performance.
The article outlines the features and performance benefits of Amazon EC2 M9g instances, which use AWS Graviton5 processors. These instances offer significant speed improvements for general workloads, outperforming the previous generation M8g in various applications, including databases, web services, and machine learning.
AWS and Google Cloud have created a new multicloud networking solution that simplifies connections between their platforms. This allows customers to establish private, high-speed connectivity quickly and efficiently, reducing the complexity and time involved in previous setups. The initiative also introduces an open specification for network interoperability, aiming to enhance collaboration across cloud providers.
This article outlines how to deploy GitLab Runners on Amazon EKS Auto Mode to enhance containerized CI/CD processes. It highlights the use of EC2 Spot Instances for cost savings and provides a step-by-step guide for setting up the environment.
Amazon ECS now allows tmpfs mounts for Linux tasks on AWS Fargate and ECS Managed Instances. This enables the creation of in-memory file systems for tasks, which is useful for temporary data and sensitive information that shouldn’t persist after the task ends. Users can configure tmpfs mounts through task definitions in the ECS console or via AWS CLI and other tools.
This article discusses an interview with Mai-Lan Tomsen Bukovec, VP of Data and Analytics at AWS, focusing on the engineering behind Amazon S3. Key topics include S3's scale, strong consistency, durability measures, and the use of formal methods to ensure system correctness.
The AWS Infrastructure-as-Code MCP Server is a new tool that integrates AI assistants with AWS development workflows. It offers features like documentation search, template validation, and deployment troubleshooting, all while keeping operations secure and local. This tool helps streamline AWS CloudFormation and CDK development.