@njabuloshabalala

Beyond the Audit: Mapping SOC 2 Controls to AWS

Apr 22 · 3 min read · A policy document says what's actually running in your cloud environment. A policy can claim you have access controls. Whether your IAM configuration actually enforces them is a different question ent

Building My First ISO 27001 Compliance Matrix

Apr 21 · 5 min read · This is my first GRC portfolio project. I built an ISO 27001:2022 compliance matrix for a fictional company called NovaCloud SA, which is a 15-person SaaS startup in Johannesburg, South Africa that pr

I Just Launched My First Kubernetes Cluster on AWS EKS — Here's What Actually Happened

Apr 14 · 5 min read · This is the first project in my Kubernetes series, and I want to document it honestly — not the polished "here's how it works" version, but what actually happened when I sat down and tried to do it.

RBAC felt new. It wasn't.

Apr 10 · 4 min read · I don't have a CS degree. No bootcamp either. I've been teaching myself cloud and security from scratch — certs, projects, YouTube, documentation, whatever I can get my hands on. This is my first post