AWS SCPs That Actually Work: Practical Guide for Real Teams

SCPs every AWS org should deploy on day one — plus the break-glass pattern, limit gotchas, and why you shouldn’t use SCPs to fix human behavior.

July 8, 2026 · 9 min · 1711 words · Javier Pulido

5 Critical AWS Security Misconfigurations (2026 Edition) – How to Find & Fix Them

Five AWS misconfigurations still causing breaches in 2026 — includes fixes for public S3 buckets, over-permissive IAM, open security groups, and missing monitoring.

July 7, 2026 · 4 min · 645 words · Javier Pulido

AmazonSSMManagedInstanceCore: Full Policy Breakdown

Full breakdown of every permission in the AmazonSSMManagedInstanceCore IAM policy, plus a least-privilege custom alternative for production EC2 instances.

July 7, 2026 · 7 min · 1462 words · Javier Pulido

AWS Incident Response: 5 Scenarios & How to Contain Them

Five real-world AWS incident response scenarios with detection signals, containment steps, CLI commands, and automation examples. Practical guide for security teams.

July 7, 2026 · 7 min · 1450 words · Javier Pulido

AWS Security Checklist 2026: 30+ Controls for IAM, EC2 & S3

A step-by-step checklist to secure your AWS account in 2026 — includes IAM hardening, S3 lockdown, logging, and budget alerts. Beginner to intermediate friendly.

July 7, 2026 · 3 min · 566 words · Javier Pulido

EKS Security Best Practices: Hardening Your Cluster

10 actionable EKS security best practices covering IAM integration, RBAC, network policies, pod security, image scanning, secrets management, and node hardening.

July 7, 2026 · 7 min · 1438 words · Javier Pulido

IAM Users Are Dead: Modern AWS Access Control for 2026

Stop using IAM users in AWS. This guide explains why they’re risky and how to migrate to Identity Center, STS, and OIDC-based access — step-by-step.

July 7, 2026 · 3 min · 437 words · Javier Pulido

Meeting CIS Benchmarks for EC2: A Practical Guide

How to map, audit, and automate CIS Benchmark compliance for EC2 instances using AWS Config, Security Hub, SSM, and open-source scanners.

September 25, 2025 · 3 min · 506 words · Javier Pulido

EKS Security: Monitoring, Audit Logs & Runtime Detection

How to monitor EKS for security threats using CloudWatch, GuardDuty, audit logs, and Falco. Covers AWS-native tools, open-source options, and best practices.

September 17, 2025 · 5 min · 955 words · Javier Pulido

EC2 Hardening Guide: Secure AWS Instances Step by Step

This guide delves into the technical aspects of hardening EC2 instances, covering topics from instance selection to monitoring and automation, aligning with AWS’s security recommendations.

May 29, 2025 · 2 min · 383 words · Javier Pulido

AWS Incident Response Guide for Small Security Teams

Run effective incident response in AWS with automation and forensic best practices. Free playbook template included — no dedicated IR account needed.

May 4, 2025 · 5 min · 939 words · Javier Pulido

Building Least-Privilege IAM Roles with IAM Access Analyzer

Use IAM Access Analyzer to build least-privilege IAM roles in AWS — includes policy generation from CloudTrail, Terraform integration, and AWS best practices.

April 21, 2025 · 4 min · 799 words · Javier Pulido

How to Detect AWS Root Account Usage (And Respond to It)

Detect and alert on AWS root account usage using CloudTrail, EventBridge, SNS, and optional Slack notifications. Step-by-step setup and Terraform included.

April 21, 2025 · 3 min · 458 words · Javier Pulido