6 posts
A hands-on walkthrough of compliance-trestle and AWS Config rules turning your authorization package into a living, automated artifact, and why FedRAMP 20x is moving toward exactly this model.
AWS's FedRAMP 20x readiness blog reveals what's really underneath: GRC engineering. Here's why compliance evidence is an engineering byproduct.
AWS's 7-layer defense-in-depth architecture is functionally a blueprint for continuous Authority to Operate. GRC engineering and security engineering are converging, and AI is the accelerant.
A demo of signing a container image using Cosign with a locally generated key and an AWS KMS key.
Learn about the importance of signing software artifacts using Cosign to help secure the software supply chain.
Tips and recommended materials used to pass the AWS Security Specialty exam.