How to get started in cybersecurity?

This is the first question I get from many students attending Null Bangalore meetups, security conferences, and more.

AWS WAF service is an L7 firewall service offered by AWS. It’s easy to set up, seamlessly integrates with other AWS services (ALB, API Gateway, etc.), and comes with a handful of managed WAF rulesets and rate limit features.

The much-awaited AWS re:Inforce 2023 videos have finally landed on YouTube. You can now pick your favorite track and watch the sessions at your own pace here - https://www.youtube.com/@AWSEventsChannel/playlists?view=50&sort=dd&shelf_id=2.

AWS SES is used in multiple ways - automated reminders, marketing emails, security automation & alerts, etc. There’s a risk with the domain verified on SES; often overlooked. A risk that falls at the intersection of Cloud and Enterprise risk.

I’m a huge fan of the Cloud Custodian tool. If you hear the name for the first time - it’s an open-source rules engine for cloud security, cost optimization, and governance.

GitHub’s Dependabot feature allows you to detect and fix vulnerabilities in code dependencies for all your repositories (public and private). Despite being a handy tool in securing software supply chain, it’s missing a very important feature.