life's a blog, shine you star

Over the Last Decade Introduction Over the last ten years, the landscape of public cloud providers such as AWS, Google Cloud, and Microsoft Azure has dramatically transformed. Companies of all sizes have migrated to the cloud to leverage its scalability, flexibility, and cost-effectiveness. Alongside this migration, security controls have evolved to address new challenges. This blog will explore how customer progression and maturity have developed in areas like cloud IAM entitlement management, workloads (Kubernetes, serverless, containers), and public-facing applications. We will also highlight example solutions, particularly focusing on Check Point's CloudGuard products. Evolution of Cloud IAM Entitlement Management Identity and Access Management (IAM) is critical for securing cloud environments. Over the past decade, the complexity and granularity of IAM controls have significantly improved. Early Stages Initially, IAM was basic, often limited to simple role-based access control...

Spoiler Alert: (you've got some time) Container Registry will be replaced by Artifact Registry. Please upgrade your projects to Artifact Registry before March 18, 2025. On March 18, 2025 , Container Registry will be replaced by Artifact Registry . We understand this change may affect your production workloads, so we've put together resources to make this transition as smooth as possible for you. What do you need to know? To retain access to your container images, please take note of these critical dates and actions you need to take related to the Container Registry shutdown: March 18, 2025: You will no longer be able to push new images to Container Registry. April 22, 2025: You will lose access to existing images in Container Registry. To maintain access, you must copy them to the Artifact Registry before this date. May 22, 2025: All requests to the gcr.io domain will be handled exclusively by Artifact Registry. Ensure the Artifact Registry...

Enhancing Security: Google Cloud's Organizational Policy Change Google announced an upcoming organizational policy change set to take effect on June 16, 2024 continueing to bolster their security of our services, and this change marks another step in that direction so great job Google!  Recieved via email today, tldr below: What's Changing? Starting June 16, 2024, Google Cloud administrators will gain the ability to dictate how Google Cloud responds in the event of a private Service Account Key being publicly exposed . This change is integral in fortifying the security of your Google Cloud environment. Our systems are intricately linked with various programs, including the GitHub scanning program , enabling us to swiftly identify any instances of private Service Account Keys being exposed to the public eye. In addition to Google's vulnerability scanning these are great options for securing your workloads.  Why is This Important? Service Account Keys are crucial components...

AI in Today’s Cybersecurity Landscape Top Security Concerns with AI in Today’s Cybersecurity Landscape Integrating Artificial Intelligence (AI) into various sectors has been a game-changer, offering unprecedented advancements and efficiencies. However, this integration has not come without its cybersecurity risks. AI systems are becoming an attractive target for cybercriminals, and their exploitation can lead to significant data breaches, privacy violations, and operational disruptions. Here, we explore the top security concerns with AI, provide examples of recent cyber security attacks, and outline best practices users can adopt to mitigate these risks. AI Security Concerns 1. Data Poisoning:  AI systems learn from data. If attackers manage to introduce malicious data into the training set, they can skew the AI’s behavior. An example is manipulating an AI’s algorithm in autonomous vehicles to misinterpret stop signs as yield signs by slightly altering the image data the AI trains ...

Let's level set; what are OpenAI and ChatGPT? OpenAi   OpenAI is an artificial intelligence research laboratory founded in December 2015 by tech luminaries such as Elon Musk, Greg Brockman, Reid Hoffman, Peter Thiel, and Sam Altman. OpenAI's mission is to promote and develop friendly artificial intelligence in a way that is most likely to benefit humanity as a whole, unconstrained by a need to generate a financial return. Its research aims to "advance digital intelligence in the way that is most likely to benefit humanity in the long term." OpenAI is associated with various activities, such as developing software applications and services powered by machine learning.  ChatGPT ChatGPT is a natural language processing (NLP) model developed by OpenAI. It is based on the GPT-2 natural language processing model and is designed to generate conversations in chatbot applications. The ChatGPT model is trained on conversational datasets and can generate natural-sounding respon...

Make & Google Chat=Webhook Make + Google Chat = easypeazywebhook Today, we are introducing Make,  Make's mission is to empower people to visually create, build, and automate at the speed of their ideas. Inspired by an amazing community, they've realized their platform is more than just integration and automation.  Put simply, they realized their users are not users: they’re Makers. No-code tools are just that; they enable users to build and automate, without writing any code. They offer something more: a visual language that democratizes development makes processes tangible, and fosters team collaboration, regardless of technical skills. “Make” is short, modern, and easy to spell and pronounce. It’s a verb that captures what users do on our platform. Most importantly—it represents the evolution of our product, and the spirit of our customers, and reflects one of the most transformational trends of our era: from rigid, top-down, repetitive jobs to flexible, empowering, and ...

 What is Podman? Podman is a daemonless container engine for developing, managing, and running OCI Containers on your Linux System. Containers can either be run as root or in rootless mode.  Simply put, alias docker=podman. Quickly test drive using Podman Desktop . To read more on Podman technical visit  here . Podman versus Kaniko , versus Docker? So much innovation last year with all the above v isit my previous blog.