Vandana Verma interviewed Paul on OWASP Domain Protect as part of her OWASP Spotlight series:
I'll be discussing cloud security at The Future of Cybersecurity CISO Think Tank organised by CVision on 5 October 2023
I've just published my first blog post on Medium: AWS IAM Roles Anywhere with MacOS Keychain
The code I developed during the investigation of AWS IAM Roles Anywhere is at this repository
I’ll be presenting “Road to IAM Zero” at the DevSecOps London Gathering on Wednesday 25th October, sign-up link here
My talk "Preventing subdomain takeover with OWASP Domain Protect" at OWASP Global AppSec Dublin 2023 is now online.
Join me at OWASP Global AppSec Dublin to hear how an OVO Energy bug bounty program led to the creation of OWASP Domain Protect and prevented subdomain takeover
Domain Protect is now officially an OWASP project!
Discover 3 actionable security improvements for AWS at the DevSecOps London Meetup on 24 August.
Ditch the bastions, delete that privileged CI/CD IAM user, and stop CloudFront bypass. Do it now!
In each case, I'll explore the security impact, demonstrate a practical solution, and provide open-source infrastructure-as-code examples.
In April 2022, Microsoft announced its first ever expert level security certification - Microsoft Certified: Cybersecurity Architect. To be awarded the certification, one of the requirements is to pass the new SC-100 exam, which became generally available July 2022.
I took the SC-100 exam while it was in its Beta phase in May. Click "Read More" to see how I prepared.
My recent SANS CloudSecNext 2022 talk and live demo now online!
Paul Schwarzenberger is a Cloud Security Architect and DevSecOps specialist