AirFrance-KLM transformed its automation platform using Terraform, Vault, and Ansible to enhance security, compliance, and efficiency. The shift from compliance-by-construction to compliance-by-guardrails streamlined their processes, reducing provisioning time and errors while maintaining governance.

This article details the Quiet Riot tool for enumerating AWS, Azure, and GCP principals without authentication. It explains setup requirements, command usage, and performance insights based on extensive testing. The tool facilitates automated scanning for various account IDs and user details across cloud services.

HashiCorp reflects on 2025, highlighting the challenges of cloud complexity faced by organizations across various sectors. Key themes include the need for unified automation, addressing identity sprawl, and leveraging AI to enhance infrastructure management and security.

Google Cloud is enhancing its commitment to federal compliance through the innovative FedRAMP 20x pilot program, which streamlines the authorization process by automating compliance management with the new Compliance Manager tool. This approach aims to reduce the time and resources needed for federal agencies to achieve FedRAMP authorization, facilitating faster access to secure cloud technologies. Additionally, independent validation from Coalfire supports the effectiveness of this automated path for agencies.

Uber has developed a centralized Multi-Cloud Secrets Management Platform to address the challenges of secrets sprawl and enhance security across its extensive microservices architecture. By consolidating secret vaults and implementing automated scanning and remediation strategies, Uber aims to prevent credential leaks while ensuring efficient secret management and governance across multiple cloud environments.