Back to all articles

Security

11 articles tagged with “Security

Secrets Manager vs. Parameter Store: Which One Should You Really Use?
Sep 8, 20255 min read

Secrets Manager vs. Parameter Store: Which One Should You Really Use?

Choosing between AWS Secrets Manager and SSM Parameter Store isn’t always straightforward. This guide breaks down the key differences in cost, secret rotation, versioning, encryption, IaC support, and more—helping you decide which service fits your use case. Whether you're managing sensitive credentials or sharing configuration across environments, you'll walk away with a clear, practical recommendation backed by real-world experience.

14 AWS Lambda Security Best Practices to Secure Your Serverless Applications
Jul 9, 202511 min read

14 AWS Lambda Security Best Practices to Secure Your Serverless Applications

AWS Lambda makes it easy to build serverless apps—but security is often an afterthought. This post covers 14 real-world Lambda security best practices, from input validation, secret management, and least-privileged IAM to tenant isolation and safe logging. Backed by years of hands-on experience and aligned with OWASP Serverless Top 10, it includes a downloadable checklist to help you secure your functions from day one.

How Social Engineering Phishing Works: My Real-Life Encounter
Jan 27, 20259 min read

How Social Engineering Phishing Works: My Real-Life Encounter

Fell for a phishing attack using social engineering? I did—almost. Here’s how it worked, the tech behind it, and tips to stay safe.

Simplify Security, Governance, and WAF Management with AWS Firewall Manager
Jan 15, 20259 min read

Simplify Security, Governance, and WAF Management with AWS Firewall Manager

Learn how to simplify AWS security, manage WAF rules, and enforce policies across accounts with AWS Firewall Manager, with AWS CDK code

Protect Your API Gateway with AWS WAF using CDK
Dec 16, 20245 min read

Protect Your API Gateway with AWS WAF using CDK

learn about AWS Web Application Firewall (WAF) and use CDK code to protect an REST API served by an API Gateway and enable metrics and logs

AWS WAF Essentials: Securing Your SaaS Services Against Cyber Threats
Nov 13, 202410 min read

AWS WAF Essentials: Securing Your SaaS Services Against Cyber Threats

Learn about the AWS Web Application Firewall (WAF), what it is for, tips, and insights for visibility, ownership, governance and more

AWS Security Best Practices: Leveraging IAM for Service-to-Service Authentication and Authorization
Jun 3, 202418 min read

AWS Security Best Practices: Leveraging IAM for Service-to-Service Authentication and Authorization

AWS security best practices for service to service authentication, authorization and cross-account access with IAM policies and python code.

Unleashing Resilience: A Practical Guide to Chaos Engineering in Serverless Architectures
Apr 15, 202415 min read

Unleashing Resilience: A Practical Guide to Chaos Engineering in Serverless Architectures

We'll explore chaos engineering in AWS serverless architecture, using AWS FIS for fault injection and providing example code.

Introduction to Chaos Engineering in Serverless Architectures
Jan 15, 20247 min read

Introduction to Chaos Engineering in Serverless Architectures

Explore how chaos engineering enhances serverless systems by introducing controlled failures to improve resilience.

Serverless Production Readiness Checklist
Dec 18, 20228 min read

Serverless Production Readiness Checklist

Before going to production, go through this checklist. The checklist spans security, backups, crisis recovery, CI/CD, and support readiness.

AWS Lambda Input Validation Best Practices | AWS Lambda Cookbook
Apr 7, 202210 min read

AWS Lambda Input Validation Best Practices | AWS Lambda Cookbook

AWS Lambda handler. This blog focuses on AWS Lambda input validation and parsing best practices.