We’ve updated our open source tool Domain Protect to include optional automated takeover of vulnerable subdomains, see my blog post OVO vs Bug Bounty researchers - round 2
The CIISec Masterclass "AWS, Azure and GCP security" is now online:
Which cloud has the best security features? Find out at my online CIISec Masterclass "AWS, Azure and GCP Security" on 12 January 2022.
Sign up at the LinkedIn Events page
Which cloud has the best security features - AWS, Azure or GCP? Find out at my talk on the final day of the ISC2 Security Congress.
At OVO Energy, we recently released a tool to prevent subdomain takeovers: Domain Protect, available at https://github.com/ovotech/domain-protect.
I've published a blog post where I go through the basics of domain takeover, talk about how the requirement arose at OVO, and describe the tool’s features, findings, and planned next steps.
And you’ll see how we saved many thousands of US Dollars in fees to Bug Bounty researchers.
Microsoft recently released the MS-500 exam - Microsoft 365 Certified Security Administrator. I decided to study for this, as I'm working for an organisation in a role where I'm responsible for Microsoft 365 security, and I wanted to improve my knowledge and understanding of the subject.
I had never previously studied for any Microsoft 365 certifications. I was fortunate to already have a good knowledge of Azure AD thanks to the on-line course I developed for AZ-500, Azure Security Technologies. However, Azure AD is only one part of the syllabus for MS-500, so I needed additional training material.
Click the read more link below to see how I studied for the exam.
Paul Schwarzenberger's talk "Centralizing identity across AWS, Azure and GCP" at fwd:cloudsec 2020 is now online. fwd:cloudsec is a new community driven, not for profit, independent conference focusing on cloud security.
The conference was streamed live on 29 June, with 15 excellent talks on a range of cloud security topics across AWS, Azure and GCP.
I'm looking forward to presenting "Centralizing identity across AWS, Azure and GCP" at fwd:cloudsec, a new, community organised, not-for-profit conference on cloud security. The event takes place on 29 June 2020 and is free to attend online.
To see the abstract for the talk, please click on the "Read More" link below.
I'm delighted to announce that my A Cloud Guru on-line certification course AZ-500 Azure Security Technologies has had over 1,000 students since its launch around 2 months ago.
Many thanks to all at A Cloud Guru, and most of all, a special appreciation to all 1,000 of you!
I'm pleased to announce my latest training course AWS, Azure and GCP Security - get hands-on with security for the top 3 cloud platforms, 12 - 13 March, London, with 44CON
Paul Schwarzenberger is a Cloud Security Architect and DevSecOps specialist