Blog SecurityKeep in touch
IAM Identity Center: why you should get rid of IAM Users
Do you use IAM users to manage the employees? Let’s see why it is a huge mistake and why you should replace it with AWS IAM Identity Center.
A Guide to Conducting Risk Analysis on cloud computing
Discover how to perform risk analysis for cloud infrastructures. Strengthen your security and protect sensitive data by following this guide.
What is a pentest and how to do it?
Pentesting is one of the main activities of the Padok SecOps team. Find out what it is and how our methodology helps us organize our week.
An introduction to Policy As Code
This article will give you guidance on how to build a Policy As Code system that encourages teams to adopt it while not affecting their productivity.
How to pentest AWS Cognito? Attack and remediation explained
So, you are pentesting a website, and it uses AWS Cognito. But you don’t know what is this service nor how to abuse it? Let's see how to pwn it!
Enable AWS GuardDuty Malware Protection to detect suspicious activity
Learn how to enhance your cloud security posture with GuardDuty's intelligent threat detection capabilities and safeguard your AWS infrastructure.
Secure access to your tooling components with IAP in GKE
Learn how to control and secure access to your tooling components with Identity-Aware Proxy (IAP) in GKE.
How to create and set up Kubernetes (k8s) secrets?
A Kubernetes secret is a resource for safely storing small chunks of data such as ssl certificate and keys, database passwords or ssh keys.
AWS Cloudfront: how to configure a WAF on a CloudFront?
In this article, we'll look at howw to implement a WAF on AWS components such as CloudFront or API-gateway.