Welcome to The Hidden Port

Cloud Security, Automation, Best Practices, and Beyond.

EKS Security Monitoring: Visibility, Runtime Detection & Best Practices

Amazon EKS introduces new monitoring challenges: pods, containers, audit logs, runtime threats. This guide covers AWS-native monitoring tools, open-source Falco integration, and best practices to secure Kubernetes workloads.

September 17, 2025 · 5 min · 939 words · Javier Pulido

From Cloud Security to Pentesting: My eJPTv2 Journey

For the past years, most of my focus has been on cloud security — hardening AWS environments, responding to incidents, and making sure access is tightly controlled. But lately, I’ve felt the urge to explore a different side of the equation: ethical hacking. That’s why I’ve decided to take the eJPTv2 (Junior Penetration Tester) certification. This post is a mix of personal motivation, my preparation strategy, and how I see pentesting tying directly back into the work I’ve done in AWS and incident response. ...

September 8, 2025 · 3 min · 539 words · Javier Pulido

What Is IDOR? Finding and Preventing Insecure Direct Object References in AWS APIs

Learn what IDOR is, why it’s so common (and dangerous), see real AWS-related examples, and discover prevention and detection methods for robust API security.

June 27, 2025 · 5 min · 902 words · Javier Pulido

Getting Started with Amazon GuardDuty: Setup, Findings, and SIEM Integration

A comprehensive guide to setting up Amazon GuardDuty, interpreting its findings, and integrating with SIEM systems to bolster AWS security.

June 24, 2025 · 3 min · 609 words · Javier Pulido

Detecting Privilege Escalation in AWS Using CloudTrail and EventBridge

A deep technical guide to setting up AWS-native detection for privilege escalation using CloudTrail, EventBridge, and minimal infrastructure.

June 20, 2025 · 4 min · 734 words · Javier Pulido

Building a Hardened Amazon Linux 2 AMI for Secure EC2 Deployments

Step-by-step guide to build a hardened Amazon Linux 2 AMI with EC2 Image Builder including CIS benchmarks, IMDSv2 enforcement, auditd, and logging configuration.

June 9, 2025 · 3 min · 571 words · Javier Pulido

Enforcing Least Privilege in AWS IAM with Access Analyzer and Last Access Data

This article shows how to audit and refine IAM permissions using Access Analyzer, CloudTrail, and service access history — enforcing least privilege the right way in AWS.

June 9, 2025 · 3 min · 516 words · Javier Pulido

Securing EC2 Access with AWS Systems Manager Session Manager: Eliminating SSH

Introduction Traditional SSH access to EC2 instances poses several security challenges, including the management of SSH keys, exposure of ports, and lack of centralized auditing. AWS Systems Manager Session Manager offers a secure and auditable alternative, allowing you to manage EC2 instances without opening inbound ports or maintaining bastion hosts. This guide provides a step-by-step approach to configuring Session Manager for secure EC2 access, aligning with AWS’s official documentation and best practices. ...

June 3, 2025 · 7 min · 1324 words · Javier Pulido

Hardening EC2 Instances for AWS Security: A Practical Guide

This guide delves into the technical aspects of hardening EC2 instances, covering topics from instance selection to monitoring and automation, aligning with AWS’s security recommendations.

May 29, 2025 · 2 min · 402 words · Javier Pulido

AWS Incident Response Toolkit: Resources & Templates

After publishing my free AWS IR checklist, I decided to go one step further — a full incident response toolkit with Terraform code, automation scripts, and ready-to-use templates. Here’s what’s inside.

May 20, 2025 · 2 min · 374 words · Javier Pulido
Disclaimer