For updates subscribe to CloudSecList and follow @lancinimarco on Twitter

CloudSecDocs

Log Types

Initializing search

Home
Containers
Container Security
DevOps
AWS
GCP
Azure
Culture & Engineering
AI

CloudSecDocs

Home
Containers
Containers
- Docker
  Docker
  - CLI
  - Build
- Kubernetes
  Kubernetes
  - Architecture
    Architecture
    
    Components
    
    Services
    
    Service Catalog
    
    Tekton
    
    References
  - Apps
    Apps
    
    Deploy App Manually
    
    Sample Apps
  - Usage
    Usage
    
    Kubectl
    
    Kubeless
Container Security
Container Security
- Theory
  Theory
  - Threats
    Threats
    
    Docker Threat Model
    
    K8S Threat Model
  - K8S RBAC
    K8S RBAC
    
    Authentication
    
    Authorisation
  - Secure Components
    Secure Components
    
    Secure Config
    
    API Server (Authn/Authz)
    
    Network
    
    Pod Security Standards
- Offensive
  Offensive
  - Attacks
    Attacks
    
    Writeups
    
    Techniques
    Techniques
    
    Compromised Container
    
    Create Over-Privileged Service Account
    
    Get Reverse Shell (Docker/K8s)
    
    Kubelet Exploit
    
    AWS
    
    GCP
  - Pentest
    Pentest
    
    Process
    
    Resources
- Defensive
  Defensive
  - Containers
    Containers
    
    Docker Focus Areas
    
    Secure Dockerfiles
  - Kubernetes
    Kubernetes
    
    Best Pratices
    
    K8S Focus Areas
    
    K8S Production Checklist
    
    Managed
    
    RBAC
  - Tooling
    Tooling
    
    Interaction
    
    Audit
    
    Falco
    
    IAM
DevOps
DevOps
- Strategy
  Strategy
  - Frameworks
  - SDLC
- Pipelines
  Pipelines
  - Building
    Building
    
    Building
    
    Secrets
  - Securing
    Securing
    
    Container Scanning
    
    Compliance as Code
    
    Security Scanners
    
    CI/CD Providers
  - Supply Chain
    Supply Chain
    
    SLSA
    
    Sigstore
    
    Supply Chain Security
    
    Container Pipelines
- Tooling
  Tooling
  - Collaboration
  - Labs
  - HashiCorp
    HashiCorp
    
    Boundary
    
    Terraform
    
    Vault
- Monitoring
  Monitoring
- How-Tos
  How-Tos
  - Design
    Design
    
    Threat Modelling
    
    Rapid Risk Assessment
  - Metrics
    Metrics
    
    AppSec
    
    Pentest
  - Logging
    Logging
    
    Collecting Logs
    
    Analyzing Logs
AWS
AWS
- Services
  Services
  - Access Management
    Access Management
    
    Organizations
    
    IAM
    
    Federation
    
    Machine to Machine Authentication
  - Logging & Monitoring
    Logging & Monitoring
    
    Comparison
    
    Log Types
    
    CloudTrail
    
    CloudWatch
  - Security
    Security
    
    Config
    
    GuardDuty
    
    HSM & KMS
    
    WAF & Shield
    
    Vulnerability Related
    
    Other
  - Networking
    Networking
    
    Shared Responsibility Model
    
    VPC Concepts
    
    VPC Security
    
    Route53
    
    Load Balancers
  - Compute
    Compute
    
    EC2
    
    Lambda
    
    Containers
  - Storage
    Storage
    
    S3 & Glacier
    
    Databases
    
    Elasticache
    
    EBS
    
    EFS
    
    Other
  - Dev
    Dev
    
    Serving Content
    
    Deployment
    
    Data processing
    
    Data Manipulation
- Offensive
  Offensive
  - Attacks
    Attacks
    
    Writeups
    
    Threats
    
    Credentials Compromise
  - Pentest
    Pentest
    
    Process
    
    Resources
- Defensive
  Defensive
  - Checklists
    Checklists
    
    AWS Security Maturity Roadmap
    
    AWS Organizations Setup
    
    Inherited AWS Account
    
    Audit Considerations
  - Resources
    Resources
    
    Best Pratices
    
    IAM
    
    Logging
    
    Building an AWS Perimeter
    
    Compliance
    
    AWS Well-Architected Security Pillar
    
    Architecture Best Practices
  - Tooling
    Tooling
    
    CLI
    
    Audit
    
    Visibility & Enforcement
    
    IAM
    
    Monitoring
    
    Incident Response
GCP
GCP
- Services
  Services
  - Access Management
    Access Management
    
    Projects
    
    IAM
    
    Federation
  - Logging & Monitoring
    Logging & Monitoring
    
    Cloud Operations
  - Security
    Security
    
    Security Command Center
    
    KMS
    
    Other
  - Networking
    Networking
    
    VPC Concepts
    
    VPC Security
    
    Hybrid Connectivity
    
    Load Balancers
  - Compute
    Compute
    
    Compute Engine
    
    Serverless
  - Storage
    Storage
    
    Cloud Storage
    
    Databases
  - Dev
    Dev
    
    Managing Content
    
    Serving Content
- Offensive
  Offensive
  - Attacks
    Attacks
    
    Writeups
  - Pentest
    Pentest
    
    Process
    
    Resources
- Defensive
  Defensive
  - Resources
    Resources
    
    Best Pratices
    
    IAM
    
    Org Policies
    
    Logging
    
    Compliance
  - Tooling
    Tooling
    
    CLI
    
    Audit
    
    Visibility & Enforcement
    
    IAM
  - Setup
    Setup
    
    Setup Google Workspace
    
    Migrate Data to Google Workspace
    
    Activate GCP
Azure
Azure
- Services
  Services
  - Overview
  - Security
    Security
    
    Identities
    
    Authentication & Access
    
    Encryption
    
    Network
  - Development
    Development
    
    API Management
- Offensive
  Offensive
  - Pentest
    Pentest
    
    Process
    
    Resources
- Defensive
  Defensive
  - Resources
    Resources
    
    Best Pratices
    
    Azure Security Baseline
    
    Azure Security Roadmap
  - Tooling
    Tooling
    
    CLI
    
    Audit
    
    Visibility & Enforcement
    
    IAM
Culture & Engineering
Culture & Engineering
- Engineering
  Engineering
  - Security Programs
  - Engineering Decisions
- Personal Development
  Personal Development
- Organizational Development
  Organizational Development
AI
AI
- Theory
  Theory
- Defending
  Defending
  - Security Best Practices

Log Types

Made with Material for MkDocs