fridaysecurity.hashnode.devπProject 7: Automated Threat Containment in AWS β Building a Cloud-Native SOAR WorkflowModern cloud security is not about alerts. Itβs about automated response. In this project, I built a Cloud-native SOAR workflow that: Detects high-severity threats Automatically isolates an EC2 instance Sends security notifications Requires zero ...Feb 13Β·3 min read
fridaysecurity.hashnode.devπ Project 6: Implementing Just-In-Time (JIT) SSH Access for EC2 on AWSTime-bound access, automatic revocation, and full auditability Why This Project Exists Permanent SSH access to EC2 instances is one of the most common and dangerous cloud misconfigurations.Open port 22, long-lived keys, and forgotten security group r...Feb 9Β·3 min read
fridaysecurity.hashnode.devπ Project 5: Zero-Trust EC2 Access in AWS Using IAM, SSM, CloudTrail, and GuardDutyIntroduction SSH has been the default way to access Linux servers for decades. In cloud environments like AWS, however, SSH introduces unnecessary risk: static keys, open network ports, weak identity attribution, and poor auditability at scale. In th...Feb 1Β·5 min read
fridaysecurity.hashnode.devπ Project 4: Eliminating SSH with AWS Systems Manager β IAM-Controlled, Auditable EC2 AccessSSH-based access to cloud workloads remains common, but it introduces unnecessary attack surface: open inbound ports, long-lived credentials, key sprawl, and limited auditability. Modern AWS environments do not require SSH for interactive access to E...Jan 24Β·4 min read
fridaysecurity.hashnode.devπ Project 3: Implementing and Testing Security Controls in a Real Cloud Environmentπ Why This Project Matters Security controls appear perfect on paper β until real-world traffic, misconfigurations, and human errors expose the gaps. In Project 3, I focused on implementing core cloud security controls and then actively testing them...Jan 17Β·3 min read