AWS SCPs That Actually Work: Practical Guide for Real Teams

SCPs every AWS org should deploy on day one — plus the break-glass pattern, limit gotchas, and why you shouldn’t use SCPs to fix human behavior.

July 8, 2026 · 9 min · 1711 words · Javier Pulido

AmazonSSMManagedInstanceCore: Full Policy Breakdown

Full breakdown of every permission in the AmazonSSMManagedInstanceCore IAM policy, plus a least-privilege custom alternative for production EC2 instances.

July 7, 2026 · 7 min · 1462 words · Javier Pulido

AWS Incident Response: 5 Scenarios & How to Contain Them

Five real-world AWS incident response scenarios with detection signals, containment steps, CLI commands, and automation examples. Practical guide for security teams.

July 7, 2026 · 7 min · 1450 words · Javier Pulido

EKS Security Best Practices: Hardening Your Cluster

10 actionable EKS security best practices covering IAM integration, RBAC, network policies, pod security, image scanning, secrets management, and node hardening.

July 7, 2026 · 7 min · 1438 words · Javier Pulido

Meeting CIS Benchmarks for EC2: A Practical Guide

How to map, audit, and automate CIS Benchmark compliance for EC2 instances using AWS Config, Security Hub, SSM, and open-source scanners.

September 25, 2025 · 3 min · 506 words · Javier Pulido

EKS Security: Monitoring, Audit Logs & Runtime Detection

How to monitor EKS for security threats using CloudWatch, GuardDuty, audit logs, and Falco. Covers AWS-native tools, open-source options, and best practices.

September 17, 2025 · 5 min · 955 words · Javier Pulido

EC2 Hardening Guide: Secure AWS Instances Step by Step

This guide delves into the technical aspects of hardening EC2 instances, covering topics from instance selection to monitoring and automation, aligning with AWS’s security recommendations.

May 29, 2025 · 2 min · 383 words · Javier Pulido

AWS Incident Response Guide for Small Security Teams

Run effective incident response in AWS with automation and forensic best practices. Free playbook template included — no dedicated IR account needed.

May 4, 2025 · 5 min · 939 words · Javier Pulido

AWS Incident Response Playbook Template (Free)

A downloadable AWS incident response playbook for small teams, including isolation workflows, evidence handling, and post-incident reporting guidance.

May 4, 2025 · 2 min · 376 words · Javier Pulido

How I Passed the AWS Certified Security – Specialty (SCS-C02) Exam in 2025

My real-world journey passing the AWS Certified Security – Specialty (SCS-C02) exam. Study strategies, mistakes, resources, and tips for future candidates.

April 28, 2025 · 3 min · 622 words · Javier Pulido

Building Least-Privilege IAM Roles with IAM Access Analyzer

Use IAM Access Analyzer to build least-privilege IAM roles in AWS — includes policy generation from CloudTrail, Terraform integration, and AWS best practices.

April 21, 2025 · 4 min · 799 words · Javier Pulido