Blog SecurityKeep in touch
What is a pentest and how to do it?
Pentesting is one of the main activities of the Padok SecOps team. Find out what it is and how our methodology helps us organize our week.
An introduction to Policy As Code
This article will give you guidance on how to build a Policy As Code system that encourages teams to adopt it while not affecting their productivity.
How to pentest AWS Cognito? Attack and remediation explained
So, you are pentesting a website, and it uses AWS Cognito. But you don’t know what is this service nor how to abuse it? Let's see how to pwn it!
Enable AWS GuardDuty Malware Protection to detect suspicious activity
Learn how to enhance your cloud security posture with GuardDuty's intelligent threat detection capabilities and safeguard your AWS infrastructure.
Secure access to your tooling components with IAP in GKE
Learn how to control and secure access to your tooling components with Identity-Aware Proxy (IAP) in GKE.
How to create and set up Kubernetes (k8s) secrets?
A Kubernetes secret is a resource for safely storing small chunks of data such as ssl certificate and keys, database passwords or ssh keys.
AWS Cloudfront: how to configure a WAF on a CloudFront?
In this article, we'll look at howw to implement a WAF on AWS components such as CloudFront or API-gateway.
Secure your Azure cloud with a private hub and spoke infrastructure
Secure your Azure cloud with a private hub and spoke infrastructure with private endpoints, private DNS, Azure policy, and private DNS resolver.
Top 5 questions when deploying an intrusion detection system
There are still too many IDS implementation errors. Here are five questions to ask yourself when choosing the right solution!