Skip to content
Demystifying Policy as Code Non Technical Guide Effective Governance

ScaleSec Blog

Aaron Wilson5 min read

How Do I Urgently Harden Cloud Services?

Actions teams can take today to protect against potential cyberattacks
Start Reading
Allison DiPietro4 min read

Cybersecurity Executive Order: a tl;dr

What the White House’s Executive Order on Cybersecurity means for software companies, and ...
Start Reading
Eric Evans8 min read

Cloud-First API Security

APIs can be secured using AWS and GCP cloud native technologies and architectures.
Start Reading
Eric Evans11 min read

A Guide to Securing Google Kubernetes Engine

This guide helps you secure Google Kubernetes Engine (GKE).
Start Reading
Steven Adegbenle4 min read

12 Days of Cloud Security Christmas

ScaleSec celebrates the holiday season with 12 gifts users should avoid giving their ...
Start Reading
Eric Evans4 min read

TDD in Your Infrastructure Pipeline

Using TDD can be an effective way to move fast and not break security.
Start Reading
Anthony DiMarco5 min read

Using WAF and CloudFront with Serverless Applications

The third installment of security best practices for serverless applications running on ...
Start Reading
Eric Evans6 min read

Test Driven Development for Secure Infrastructure

Test Driven Development helps keep your infrastructure safe.
Start Reading
Dustin Whited4 min read

PassRole Control

How the iam:PassRole permission can be restricted and monitored in AWS.
Start Reading
John Porter7 min read

Why Your YubiKey Won’t Work With AWS CLI (and the fix)

Set up a YubiKey as two-factor authentication in AWS that will work with the Console, ...
Start Reading