Marco Lancini's Blog

You Don't Need a Vendor to Automate Security Questionnaires

Transform Years of Content Into a Conversational Knowledge Base

Building an AppRunner on EC2 with Cloudflare Zero Trust Access

What to look for when reviewing a company's infrastructure

Security Logging in Cloud Environments - AWS

The CloudSec Engineer is released today!

The CloudSec Engineer - We have a release date!

Introducing CloudSecGPT: Your Go-To AI for Cloud Security Insights

Migrating to Google Workspace: Solving Email Routing Challenges

Migrating Terraform state from Terraform Cloud to S3

Zero Trust Access to Private Webapps on AWS ECS with Cloudflare Tunnel

Weekly Digests to Increase Visibility and Transparency

Serverless Ad Blocking with Cloudflare Gateway

Security Logging in Cloud Environments - GCP

Serverless Emails with Cloudflare Email Routing

Cyber Security Career Pathways

CVE-2022-0847 (aka Dirty Pipe): What does it mean for defenders

Docker on MacOS via minikube (2022 edition)

Remotely Access your Kubernetes Lab with Cloudflare Tunnel

Kubernetes Lab on Baremetal

Introducing k8s-lab-plz: A modular Kubernetes Lab

Automating Cartography Deployments on Kubernetes

Automated GDrive Backups with ECS and S3

Automated Github Backups with ECS and S3

On Establishing a Cloud Security Program

Mapping Moving Clouds: How to stay on top of your ephemeral environments with Cartography

Cross Account Auditing in AWS and GCP

So I Heard You Want to Learn Kafka

Deploy Your Own Kubernetes Lab

A Quick Look at GKE Autopilot (in 15 minutes)

Semgrep for Cloud Security

Introducing CloudSecDocs.com

Domain-Wide Delegation of Authority in GSuite

Tracking Moving Clouds: How to continuously track cloud assets with Cartography

The Current State of Kubernetes Threat Modelling

Building a Serverless Mailing List in AWS

My Blogging Stack

Remote Development with a Chromebook in 2020

Introducing CloudSecList.com

My Arsenal of Cloud Native (Security) Tools

Offensive Infrastructure: the HashiStack

So I Heard You Want to Learn Kubernetes

Critical Vulnerability in Kubernetes API Server (CVE-2018-1002105)

Red Teaming Mind Map from The Hacker Playbook 3

Offensive ELK: Elasticsearch for Offensive Security

Hunt for and Exploit the libSSH Authentication Bypass (CVE-2018-10933)

Offensive Infrastructure: Introduction to Consul

GoScan v2

Introducing GoScan (aka a reason to learn Go)

Robtex-Go: Go Client for the Robtex API

Burp Pro as a Docker Container

Docker + Consul + Vault: A Practical Guide

Needle meets Jenkins: how to include Needle in your CI pipeline

Needle v1.0.0 released: new native agent and support for iOS 10

Needle V0.1.1 Released

iOS 9: Effective Jailbreak

Needle V0.0.4 Released

Needle Status Update

A quick intro to Needle

Introducing Needle