Jason Dyke
  • Menu ▾
    • About
    • Articles
    • Certificates
    • Events
    • Projects
    • Socials
  • About
  • Articles
  • Certificates
  • Events
  • Projects
  • Socials

Blogs and Articles

  • Access GCP from AWS using Workload Identity Federation: No more GCP Service Account Keys! Avoid risky service account keys and access GCP from AWS using Workload Identity Federation.

  • Identify unused service account keys in GCP: Step by step guide on how to leverage the IAM recommender service and a free python tool to track down service account keys that have not been used in the past 90 days.

  • Overview of Google Cloud Function Identities: An overview of Cloud Function IAM service accounts and roles with recommendations for secure usage of this serverless offering from GCP.

  • re:Invent Security re:Cap: Week 1: Dive into the best security announcements from the first week of the re:Invent 2020.

  • Announcing Project Lockdown: Announcing the release of an open source security GCP tool called “Project Lockdown”. Project Lockdown is a collection of automated remediation Cloud Functions that react to high risk events in real time.

  • Announcing the GCP Organization Policy Notifier: Announcing the release of the GCP organization policy constraint bot that tweets whenever org policies are added, removed, or edited. You can follow the bot @gcporgpolicybot to stay up to date on when Google releases new security policies.

  • Security Best Practices for Amazon Elasticsearch — Part Two: The second half of a 2 part series where I talk about the security best practices for Amazon Elasticsearch. Amazon Elasticsearch is a commonly exploited database where billions of records have been exposed since it’s release.

  • Security Best Practices for Amazon Elasticsearch — Part One: The first half of a 2 part series where I talk about the security best practices for Amazon Elasticsearch. Amazon Elasticsearch is a commonly exploited database where billions of records have been exposed since it’s release.

  • Inventory Your GCP API Keys: A step by step guide on leveraging a free python security tool to inventory API keys in your GCP environment.

  • Automate Security on GCP with Event Threat Detection: A walkthrough on how to leverage GCP Cloud Functions and Event Threat Detection to automate your cloud security response.

  • Encryption in the Cloud Pt. 2: Encryption in GCS: Part 2 of a multipart series on encryption in AWS/GCP. This article focuses on GCS and deep dives into the different encryption offerings.

  • Our Favorite AWS re:Invent Security Announcements: A recap of the best security announcements from re:Invent 2019.

  • How I Passed the CISSP: My personal experience with the CISSP including tips and tricks, recommended readings, and an overview of how I prepared for the grueling exam.

  • Encryption in The Cloud Pt. 1: Part 1 of a multipart series on encryption in AWS/GCP. This article focuses on AWS S3 and the different options available to you.

  • Using Terraform to Secure Your AWS Organizations: How to apply security guardrails and best practices on the organizational level using Service Control Policies and HashiCorp Terraform.

© 2023 Powered by Hugo :: Theme made by panr