Security Keep in touch
GCP's Security Command Center for Multi-Account Security
Securing the Cloud Ecosystem with GCP's Security Command Center for Multi-Account Strategies
Detecting and dealing with cleartext secrets in code
Learn how to clear your code base of hardcoded cleartext secrets and prevent new secrets from being added by mistake later on.
What is a pentest and how to do it?
Pentesting is one of the main activities of the Padok SecOps team. Find out what it is and how our methodology helps us organize our week.
How to pentest AWS Cognito? Attack and remediation explained
So, you are pentesting a website, and it uses AWS Cognito. But you don’t know what is this service nor how to abuse it? Let's see how to pwn it!
How to create and set up Kubernetes (k8s) secrets?
A Kubernetes secret is a resource for safely storing small chunks of data such as ssl certificate and keys, database passwords or ssh keys.
AWS Cloudfront: how to configure a WAF on a CloudFront?
In this article, we'll look at howw to implement a WAF on AWS components such as CloudFront or API-gateway.
Secure your Azure cloud with a private hub and spoke infrastructure
Secure your Azure cloud with a private hub and spoke infrastructure with private endpoints, private DNS, Azure policy, and private DNS resolver.
Secure and access easily your cloud infrastructure with SSH Bastion
Learn how to implement an SSH bastion host on the cloud with sshuttle for secure and encrypted access to internal resources. Read our guide now!
The sole purpose of SSL Certificates
The internet is a vast space. Your computer interacts with multiple other entities. SSL certificates play a key role in making the web a safer place.