A practical guide to AWS IAM — least privilege policies, IAM roles vs users, permission boundaries, SCPs, identity federation, and the access control patterns that secure production workloads without slowing teams down.
A practical guide to AWS WAF for production web applications — managed rule groups, custom rules, rate limiting, bot control, and the layered defense strategy that protects without blocking legitimate traffic.
A comprehensive guide to S3 security — bucket policies, encryption, access logging, Block Public Access, and the practices that prevent the data breaches that make headlines.
A practical checklist for building and maintaining HIPAA-compliant infrastructure on AWS — covering the BAA, eligible services, encryption, access controls, and audit requirements.
IAM best practices, GuardDuty, Security Hub, and the layered approach to AWS security that keeps your workloads protected.