| Follow @lancinimarco | Subscribe to CloudSecList

For the past few years, I’ve been gradually implementing and extending a Flask web app that I use to automate the management of some of my side projects (i.e., CloudSecList, CloudSecBooks).

This app started as a simple project with a few endpoints deployed locally via docker-compose, to a not-so-simple-anymore application that automates multiple parts of my side projects. I have now reached a state where I need more than a local deployment, as I might need to perform some quick operations when I don’t have my laptop with me. So I started looking at options to deploy it safely on AWS without exposing it directly to the public Internet, as it is an admin-like interface.

As you might know, I’m working on my next side-project, The CloudSec Engineer, a book on entering, establishing yourself, and thriving in the cloud security industry as an individual contributor.

As part of the book’s introduction, I’ve been researching common career pathways within the security industry to contextualise where Cloud Security fits into the big picture.

Previous Articles

MUST READ What to look for when reviewing a company's infrastructure    Cloud Security Strategies
CVE-2022-0847 (aka Dirty Pipe): What does it mean for defenders
Docker on MacOS via minikube (2022 edition)
Remotely Access your Kubernetes Lab with Cloudflare Tunnel    Kubernetes Primer for Security Professionals
Introducing k8s-lab-plz: A modular Kubernetes Lab
Weekly Digests to Increase Visibility and Transparency
Automated GDrive Backups with ECS and S3
Automated Github Backups with ECS and S3
MUST READ On Establishing a Cloud Security Program    Cloud Security Strategies
Automating Cartography Deployments on Kubernetes    Continuous Visibility into Cloud Environments
Kubernetes Lab on Baremetal    Kubernetes Primer for Security Professionals
MUST READ Security Logging in Cloud Environments - GCP    Continuous Visibility into Cloud Environments
A Quick Look at GKE Autopilot (in 15 minutes)
MUST READ Security Logging in Cloud Environments - AWS    Continuous Visibility into Cloud Environments
Semgrep for Cloud Security
Introducing CloudSecDocs.com
Domain-Wide Delegation of Authority in GSuite    Continuous Visibility into Cloud Environments
MUST READ Tracking Moving Clouds: How to continuously track cloud assets with Cartography    Continuous Visibility into Cloud Environments
So I Heard You Want to Learn Kafka    Kubernetes Primer for Security Professionals
MUST READ The Current State of Kubernetes Threat Modelling    Kubernetes Primer for Security Professionals
Building a Serverless Mailing List in AWS
My Blogging Stack
Remote Development with a Chromebook in 2020
MUST READ Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography    Continuous Visibility into Cloud Environments
Cross Account Auditing in AWS and GCP    Continuous Visibility into Cloud Environments
Introducing CloudSecList.com
Deploy Your Own Kubernetes Lab    Kubernetes Primer for Security Professionals
Offensive Infrastructure: the HashiStack    Offensive Infrastructure with Modern Technologies
Critical Vulnerability in Kubernetes API Server (CVE-2018-1002105)
Red Teaming Mind Map from The Hacker Playbook 3
My Arsenal of Cloud Native (Security) Tools    Kubernetes Primer for Security Professionals
Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)
MUST READ So I Heard You Want to Learn Kubernetes    Kubernetes Primer for Security Professionals
GoScan v2
Offensive Infrastructure: Introduction to Consul    Offensive Infrastructure with Modern Technologies
Offensive ELK: Elasticsearch for Offensive Security
Robtex-Go: Go Client for the Robtex API
Introducing GoScan (aka a reason to learn Go)
Burp Pro as a Docker Container
Docker + Consul + Vault: A Practical Guide
Needle meets Jenkins: how to include Needle in your CI pipeline
Needle v1.0.0 released: new native agent and support for iOS 10
Needle V0.1.1 Released
iOS 9: Effective Jailbreak
Needle V0.0.4 Released
Needle Status Update
A quick intro to Needle
Introducing Needle