Featured Posts

All Blog Posts

  • Infrastructure security

Remediating AWS IMDSv1

  • icon Aug 11, 2021
  • icon 15 minutes read
  • icon 3194
2024-12-17 Updated to include Declarative Policies Compute resources in AWS (e.g. EC2 instances, ECS tasks/services, etc.) get access to AWS credentials, such as temporary instance role credentials, via the Instance Metadata Service (IMDS). The …
Read more
  • Infrastructure security

Gripes with Google Groups

  • icon May 29, 2018
  • icon 4 minutes read
  • icon 812
If you’re like me, you think of Google Groups as the Usenet client turned mailing list manager. If you’re a GCP user or maybe one of a handful of SAML users you probably know Google Groups as an access control mechanism. The bad news is we’re both …
Read more