Cloud Hardening

13 chapters on cloud security — from AWS and Azure to Kubernetes and secrets management.

Cloud Providers

1. Preventing Cloud Reconnaissance — Minimizing the attack surface in the cloud
2. AWS Hardening — Securing IAM, S3, VPC, and CloudTrail
3. Azure & Entra ID Hardening — Azure AD, Conditional Access, and resource security
4. GCP Hardening — Configuring IAM, VPC, and Cloud Audit Logs
5. Container Hardening — Docker images, runtime security, and registries

Modern Defense

1. CI/CD Pipeline Hardening — Securing build pipelines against supply chain attacks
2. Serverless Hardening — Securing Lambda, Functions, and Cloud Run
3. Stopping Cloud Lateral Movement — Blocking cross-account and cross-service pivoting
4. Preventing Cloud Persistence — Detecting backdoor accounts and roles
5. Cloud Detection & Logging — CloudTrail, Azure Monitor, and centralized logging
6. Kubernetes Hardening — RBAC, network policies, and pod security
7. Infrastructure as Code Security — Terraform, CloudFormation, and policy-as-code
8. Secrets Management — Vault, KMS, and securely handling credentials