Ryan CantyCloud KMS Fundamentals for Enterprise: Part 2What we really want to control about our keys is generally, who can use them, for what purposes, and with what configuration.Feb 22, 20212Feb 22, 20212
Ryan CantyKMS Fundamentals for Enterprises moving to the Cloud: Part 1As a Cloud Security Engineer at Google Cloud, I get asked questions about Key Management Service (KMS) all the time as clients are…Feb 10, 2021Feb 10, 2021
Ryan CantyUse Google’s Tink for Asymmetric EncryptionIn this tutorial, we’ll implement a common solution to a problem that GPG typically solves, but do it all with Tink.Sep 30, 2020Sep 30, 2020
Ryan CantyStop downloading Google Cloud service account keys!TL;DR: Downloading service account keys poses a serious security risk to your organization because they are long lived and not…Jul 27, 202011Jul 27, 202011
Ryan CantyOkta Authentication in Vault using OpenID Connect (OIDC)A long time ago in an internet far far away, the Okta plugin for Vault was the only way to use your Okta credentials to get into Vault. It…Jul 16, 20201Jul 16, 20201
Ryan CantyUnderstanding Cryptography with RSARSA is an asymmetric cryptographic algorithm that you are probably using right now to view this article over HTTPS. It was designed by Ron…Apr 22, 2020Apr 22, 2020
Ryan CantyProtection from Container Malware with AnthosTL;DR there is a fairly new attack campaign using the Kinsing malware targeted at container platforms like Docker and GKE. This post will…Apr 7, 2020Apr 7, 2020
Ryan CantyHashiCorp Vault and Terraform on Google Cloud — Security Best PracticesDeploy HashiCorp Vault with Terraform on Google Cloud adhering to security best practices and least privilegeOct 22, 20191Oct 22, 20191
Ryan CantyinScaleSecPractical, Proactive Amazon S3 SecurityBefore you go shopping, let’s take a look at what you already have at your disposal to protect your data in the cloud.Jul 31, 2019Jul 31, 2019
Ryan CantyinScaleSecProtecting GCP Services with VPC Service Controls and TerraformAutomate Google Cloud VPC Service Controls to protect your cloud workloadsApr 11, 2019Apr 11, 2019