We discuss recommendations and tools for credential and permission handling in your code running in AWS to facilitate least-access and least-privilege (including privilege bracketing), before looking into tools and techniques you can build into your CI/CD pipelines for code analysis, integrity assurance and penetration testing, and recommendations for how these pipelines can themselves have security checks incorporated in their automated build. We further examine some techniques used by AWS for modelling and formal verification of code, and how code builds and model validations can be synchronized.
9
Like
Unlike
