Use AWS Security Token Service (STS) to let low-privileged user temporarily assume privileged role in other account

Imagine one of your contractors usually does not need access to your AWS S3 buckets (or only access to buckets … More Use AWS Security Token Service (STS) to let low-privileged user temporarily assume privileged role in other account

Script to set up port forwarding, start/stop & automatically SSH into headless VirtualBox VM

Virtual machines are very useful not only on servers or in cloud environments, but also installed locally on a workstation … More Script to set up port forwarding, start/stop & automatically SSH into headless VirtualBox VM

“Stealing the environment” – Insecure password injection in scripts and containers via environment variables

An “interesting” part when working with APIs or runtime environments like containers is of course credential management. Somehow you have … More “Stealing the environment” – Insecure password injection in scripts and containers via environment variables

Differences in cloud security (Alibaba, Amazon, Google, IBM, Microsoft)

I recently had a look at the security assessments of different well-known cloud providers and found some interesting discrepancies. It … More Differences in cloud security (Alibaba, Amazon, Google, IBM, Microsoft)