Thomas de Lachaux

Thomas is a SecOps Engineer at Padok. He pentests cloud infrastructures to assess their security level to prevent malicious user attacks. He enjoys CTFs and playing piano.

Technology • 4 min

IAM Identity Center: why you should get rid of IAM Users

Do you use IAM users to manage the employees? Let’s see why it is a huge mistake and why you should replace it with AWS IAM Identity Center.

Technology • 5 min

How to pentest AWS Cognito? Attack and remediation explained

So, you are pentesting a website, and it uses AWS Cognito. But you don’t know what is this service nor how to abuse it? Let's see how to pwn it!