Lab notebook
In-depth analyses of malware samples, technique deep-dives, and lab notes from the field. Long-form, technical, no fluff.
54 articles in "cloud-security" — page 6 of 6
How cloud security controls are layered across preventive, detective, and corrective tiers — and a complete walkthrough of the 17 domains of the CSA Cloud Controls Matrix v4.
Regions, availability zones, control planes, defence in depth, Zero Trust, Type-1 and Type-2 hypervisors, hardware-assisted virtualization, and why containers are not VMs — the architectural layer that cloud security sits on top of.
From the NIST five essential characteristics to IaaS, PaaS, SaaS and beyond — the building blocks every cloud security practitioner must understand before touching a single control.
How to apply the STRIDE threat model to cloud workloads, and how the MITRE ATT&CK for Cloud matrix maps attacker techniques to cloud-native detection opportunities.
How sync tokens from Dropbox, OneDrive, and Google Drive are hijacked without ever touching a password — and the privacy, jurisdiction, and data isolation challenges that define cloud forensics and compliance.
How attackers steal cloud service access through credential exposure, weaponise cloud elasticity for Economic Denial of Sustainability attacks, and how defenders shut both down.
The CSA Top 10 cloud threats, the SSRF-to-IMDS credential theft chain, and the critical difference between IMDSv1 and IMDSv2 — the attack patterns that dominate modern cloud breaches.
Comparing AWS, Azure, and GCP across compute, storage, and identity primitives — and understanding NIC MeghRaj and Indian data sovereignty requirements that shape every cloud deployment in India.
Public, private, community, hybrid — and who is actually responsible for what. The shared responsibility model is the contract that defines cloud security obligations for every workload.