What is purple team security → OWASP Top 10 mapped to cloud infrastructure → Cloud security breaches 2020–2025 → Broken access control in AWS → MFA fatigue attacks → CI/CD secrets exposure → SSRF to cloud metadata → Kubernetes container escape → Supply Chain Attacks
TL;DR
- Supply chain attack detection is OWASP A06 + A08: attackers compromise the software build or distribution chain so that legitimate, signed artifacts deliver malicious payloads — standard vulnerability scanning misses this entirely
- SolarWinds (December 2020): threat actors compromised the Orion build system in March 2020, waited eight months, inserted the SUNBURST backdoor into a digitally signed update, and reached 18,000+ organizations including the U.S. Treasury, DHS, and DoD
- XZ Utils (CVE-2024-3094, March 2024): the “Jia Tan” persona spent two years building open-source credibility before inserting a backdoor into release tarballs — the backdoor was not in the git repo, only in the distributed tarball (release tarball = the compressed archive that Linux distributions download to build the package — separate from the git source tree)
- The XZ backdoor targeted
liblzma, which is linked intosshdviasystemdon affected distros — a compromised SSH daemon on every major Linux distribution was days away from shipping - Detection relied on human observation: Andres Freund noticed a 500ms SSH connection delay during unrelated benchmarking, traced it with
strace, and foundsshdmaking unexpected calls intoliblzma - The structural fix is a pipeline: pin dependencies with hashes + private artifact registry + SBOM generation + image signing with Sigstore/cosign — each layer catches a different attack class
OWASP Mapping: A06 Vulnerable and Outdated Components — compromised upstream dependencies. A08 Software and Data Integrity Failures — build artifacts not signed or verified; release tarball content not validated against source.
The Big Picture
┌──────────────────────────────────────────────────────────────────────────┐
│ SUPPLY CHAIN ATTACK SURFACE │
│ │
│ SOURCE REPO BUILD SYSTEM ARTIFACT REGISTRY │
│ github.com/org ──▶ CI/CD pipeline ──▶ container registry / PyPI │
│ │ │ │ │
│ │ │ │ │
│ ATTACK POINT 1: ATTACK POINT 2: ATTACK POINT 3: │
│ Social engineer Compromise the Typosquatting / │
│ maintainer trust build host dependency confusion │
│ (XZ model) (SolarWinds model) (public registry model) │
│ │ │ │ │
│ └────────────────────┴──────────────────────┘ │
│ │ │
│ COMPROMISED ARTIFACT │
│ (signed, valid, ships with legitimate release) │
│ │ │
│ ▼ │
│ PRODUCTION SYSTEMS (18,000 orgs / every major Linux distro) │
│ │
│ ═══════════════════════════════════════════════════════════════ │
│ DETECTION PIPELINE │
│ Hash pinning + SBOM + Sigstore verify + tarball ≠ git diff check │
│ Each layer catches a different attack class │
└──────────────────────────────────────────────────────────────────────────┘
Supply chain attack detection is hard because the artifact being delivered is legitimate by every traditional check: it is signed by the vendor, it passes antivirus, it resolves from the correct registry. The attack happened before the artifact was packaged, inside the trust chain you already approved. SolarWinds and XZ Utils are not anomalies — they are the template.
Two Incidents — Same Attack Surface
SolarWinds (December 2020)
The SolarWinds compromise is the definitive build-system attack. The timeline:
March 2020 Threat actor (UNC2452 / Cozy Bear) gains access to
SolarWinds build environment
October 2020 SUNBURST backdoor code inserted into SolarWinds Orion
build process — not into the source repository
October 2020 Orion 2019.4 through 2020.2.1 builds produced with
SUNBURST included — binaries digitally signed by
SolarWinds with their valid code-signing certificate
October– SUNBURST distributed to ~18,000 customers via the
December 2020 legitimate Orion software update mechanism
December 2020 FireEye detects SUNBURST while investigating their own
breach — reports to SolarWinds and CISA
What made detection almost impossible:
The compiled binary passed every integrity check a customer would run. It was signed with SolarWinds’ legitimate certificate. It installed via the normal software update channel. The SUNBURST code itself was designed for low observability: it dormant for 12–14 days after installation, used legitimate SolarWinds API patterns to blend with normal Orion traffic, and used legitimate cloud infrastructure (Avsvmcloud.com, which resolved to valid cloud provider IPs) for command-and-control.
The C2 communication was disguised as standard Orion telemetry. Exfiltration was slow — the attackers were not bulk-extracting data, they were selecting targets and moving laterally only inside high-value organizations.
The attack vector was the build system, not source code. SolarWinds source repositories did not contain SUNBURST. The attacker modified the compiled output at build time. A code review of the SolarWinds source would have found nothing.
XZ Utils (CVE-2024-3094, March 2024)
The XZ Utils compromise is more instructive because it was social engineering at the package maintainer level, caught before it shipped widely — and the catch was accidental.
Timeline:
November 2021 GitHub user "Jia Tan" (JiaT75) makes first commit to
xz-utils repository
2022–2023 Jia Tan steadily contributes quality patches to xz-utils,
builds trust with maintainer Lasse Collin, is eventually
granted commit access
Early 2024 Jia Tan accelerates commit activity, coordinates social
pressure on Lasse Collin from other fake personas to
push releases faster
February 2024 Jia Tan releases xz 5.6.0 — backdoor code inserted in
the release tarball build process (not in git commits)
March 9, 2024 xz 5.6.1 released with minor obfuscation changes
March 28–29, Andres Freund (PostgreSQL/Microsoft engineer) notices
2024 500ms SSH connection delay on his Debian sid machine
while running unrelated Valgrind benchmarks
March 29, 2024 Freund traces the delay with strace, finds sshd making
unexpected calls into liblzma, reports to oss-security
mailing list
March 30, 2024 CISA advisory published. Fedora 40 beta, Debian unstable,
openSUSE Tumbleweed had all shipped the affected version.
Ubuntu 24.04 LTS was in freeze and had it staged.
What was backdoored and how:
xz-utils provides the liblzma compression library. On systemd-based Linux distributions, sshd links against libsystemd, which links against liblzma. The backdoor hooked into sshd‘s RSA key processing — specifically RSA_public_decrypt — to allow authentication bypass using a specific attacker-controlled private key.
The backdoor was not in the git repository. It was injected during the tarball release process via obfuscated test files in the repository that were assembled and compiled during the build. Comparing the released tarball to the git tree reveals extra files and code that do not appear in any git commit:
xz --version
# 5.6.0 or 5.6.1 = affected; 5.4.x = safe
# How Andres Freund found it
# He was running sshd benchmarks and noticed unexpected latency
strace -p $(pgrep sshd) 2>&1 | head -20
# Saw unexpected calls into liblzma that should not be there
# Normal sshd does not call into liblzma at all
# Verify tarball vs git diff (the forensic check)
# If you have both the tarball and git source:
tar xf xz-5.6.1.tar.gz
git clone https://github.com/tukaani-project/xz.git xz-git
diff -r xz-5.6.1/ xz-git/
# Extra files in the tarball that don't appear in git = compromise indicator
What makes this attack class so dangerous:
The actor ran a multi-year operation. Two years of legitimate contributions, relationship-building with maintainers, and social pressure coordination across multiple fake personas. The code quality was good — Jia Tan’s legitimate commits improved xz-utils. The backdoor code was technically sophisticated enough that it took days of analysis to fully reverse-engineer after Freund’s discovery.
Red Phase: How Supply Chain Attacks Work in Practice
There are three distinct attack surfaces. They require different defenses and catch different attack classes.
1. Build System Compromise (SolarWinds Model)
The attacker gains access to the CI/CD or build host and modifies compiled artifacts. The source code is clean. Git history is clean. Only the build output is poisoned.
What makes it hard to catch: legitimate signing certificate, normal distribution channel, artifact passes all integrity checks that consumers run.
Simulation (safe to run in a test environment):
# Understand your build artifact's provenance
# Can you trace a production binary back to a specific source commit?
# For a Docker image: inspect build metadata
docker inspect your-org/your-image:latest | \
jq '.[0].Config.Labels'
# Look for: org.opencontainers.image.revision (git SHA)
# org.opencontainers.image.source (repo URL)
# If these labels are absent, you cannot verify what source built this image
# For a Go binary: read embedded build info
go version -m /path/to/binary
# Shows: Go version, module path, dependencies with versions and hashes
# If -trimpath was used during build, some info may be stripped
# Check if a container image was built from a known CI workflow
# (assumes SLSA provenance attestation is present)
cosign verify-attestation \
--type slsaprovenance \
--certificate-identity-regexp=".*" \
--certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
your-org/your-image:latest | \
jq -r '.payload | @base64d | fromjson | .predicate.buildType'
2. Dependency Hijacking: Typosquatting and Dependency Confusion
Typosquatting: a malicious package on PyPI/npm with a name close to a popular package (requets vs requests, djano vs django). Developers with a typo in their requirements.txt install the malicious package.
Dependency confusion: a private internal package (mycompany-utils) has the same name as a package you upload to the public registry with a higher version number. Package managers that check public registries before private ones will resolve the public (malicious) version.
# Test for dependency confusion: can your private package names be
# resolved from the public registry?
# Do this in a throwaway environment, NOT production
# For Python: check if your internal package name exists on PyPI
pip index versions your-internal-package-name 2>/dev/null
# If it returns versions and you didn't publish it there = confusion risk
# For npm: check if your scoped package exists on the public registry
npm view @your-scope/your-package version 2>/dev/null
# An unscoped internal package with a public registry hit = confusion risk
# For pip: audit your requirements for known-bad packages
pip-audit --requirement requirements.txt
# pip-audit checks against the OSV vulnerability database
# Install: pip install pip-audit
# For npm: audit for both vulnerabilities and signature issues
npm audit
npm audit signatures
# 'npm audit signatures' verifies that packages in node_modules were
# signed with registry-issued keys — catches tampered downloads
3. Maintainer Compromise and Social Engineering (XZ Model)
The hardest attack class to detect from the outside. A trusted maintainer is either compromised or is the attacker. Their commits are signed, their track record is legitimate, the package comes from the canonical repository.
What you can check:
# Verify a PyPI package hash matches what's listed in the index
# The hash listed on PyPI is set at upload time — if the file was
# replaced after upload, the hash would change (PyPI prevents this,
# but private/mirror registries may not)
pip download requests==2.31.0 --no-deps --dest /tmp/pkg-check/
sha256sum /tmp/pkg-check/requests-2.31.0-py3-none-any.whl
# Compare to the hash shown at pypi.org/project/requests/2.31.0/#files
# Check npm package signatures (post-XZ hygiene)
npm audit signatures
# Output shows: verified (good), missing (not signed), invalid (tampered)
# For containers: verify Sigstore signature
cosign verify \
--certificate-identity-regexp=".*" \
--certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
ghcr.io/your-org/your-image:latest
# If this fails: the image was not built by the expected GitHub Actions workflow
Blue Phase: Detection
SLSA: What Level Your Pipeline Should Be At
SLSA (Supply chain Levels for Software Artifacts) is a framework for build pipeline integrity. Four levels:
SLSA Level 1 Build process is scripted/automated, produces provenance
Most teams can reach this today
Catches: accidental modifications, basic auditability
SLSA Level 2 Build runs on a hosted, version-controlled build platform
(GitHub Actions, GitLab CI) — provenance is signed by the
build platform, not just the developer
Catches: developer workstation compromise
SLSA Level 3 Hermetic builds — the build environment is isolated from
the network, cannot pull external resources at build time
Provenance is non-forgeable
Catches: build-time dependency injection, most CI/CD attacks
SLSA Level 4 (deprecated in SLSA v1.0, merged into L3)
Most teams should target SLSA Level 2 now, Level 3 within 6 months.
Level 3 is where SolarWinds-class attacks become detectable.
Container Image Signing with Sigstore/cosign
# Sign a container image after build (in CI, using OIDC — no stored key)
# This runs inside GitHub Actions after the docker push step
cosign sign \
--yes \
ghcr.io/your-org/your-image:${GITHUB_SHA}
# cosign uses the GitHub Actions OIDC token to sign — no private key needed
# The signature is stored in the registry alongside the image
# Verify the signature and check the certificate claims
cosign verify \
--certificate-identity="https://github.com/your-org/your-repo/.github/workflows/build.yml@refs/heads/main" \
--certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
ghcr.io/your-org/your-image:latest | \
jq '.[0] | {
issuer: .optional.Issuer,
workflow: .optional.BuildSignerURI,
repo: .optional.SourceRepositoryURI,
ref: .optional.SourceRepositoryRef
}'
# A passing verification means:
# - Image was built by a specific GitHub Actions workflow
# - In a specific repository, on a specific branch
# - At a specific time (cert has a 10-minute TTL)
SBOM Generation and Vulnerability Scanning
An SBOM (Software Bill of Materials) enumerates every component in a software artifact. Without an SBOM, you cannot answer “are we affected by the XZ backdoor?” across your fleet in under an hour.
# Generate an SBOM for a container image using syft
syft your-org/your-image:latest -o cyclonedx-json > sbom.json
# syft walks the image layers and catalogs every package,
# including OS packages (rpm/deb), language packages (pip/npm/go),
# and their versions
# Inspect what syft found
cat sbom.json | jq '.components[] | select(.name == "xz-libs") | {name, version, purl}'
# Example output:
# {
# "name": "xz-libs",
# "version": "5.4.4-1.el9", ← 5.4.x = safe; 5.6.0/5.6.1 = backdoored
# "purl": "pkg:rpm/redhat/[email protected]?arch=x86_64"
# }
# Scan the SBOM for known vulnerabilities
grype sbom:./sbom.json
# grype checks each component against Grype's vulnerability database
# (CVE, GHSA, OSV) — would have flagged CVE-2024-3094 once published
# Automate: generate SBOM and scan in CI, fail build if critical CVEs found
grype sbom:./sbom.json --fail-on critical
Build Provenance with GitHub Actions (SLSA Level 2/3)
# .github/workflows/build.yml
# Adds SLSA provenance attestation to every release artifact
name: Build and attest
on:
push:
tags: ["v*"]
permissions:
contents: write
id-token: write # Required for OIDC signing
attestations: write # Required for GitHub attestation API
jobs:
build:
runs-on: ubuntu-latest
outputs:
image-digest: ${{ steps.push.outputs.digest }}
steps:
- uses: actions/checkout@v4
- name: Build and push container image
id: push
uses: docker/build-push-action@v5
with:
push: true
tags: ghcr.io/${{ github.repository }}:${{ github.ref_name }}
- name: Generate SLSA provenance attestation
uses: actions/attest-build-provenance@v1
with:
subject-name: ghcr.io/${{ github.repository }}
subject-digest: ${{ steps.push.outputs.digest }}
push-to-registry: true
# This generates a signed SLSA provenance statement that records:
# - Which workflow built this artifact
# - The git SHA it was built from
# - The trigger event
# Stored alongside the image in the registry
# Verify the attestation against an image
gh attestation verify \
oci://ghcr.io/your-org/your-image:latest \
--owner your-org
# Passes: image provenance is traceable to a specific workflow run
# Fails: image was built and pushed outside any attested workflow
What Anomaly Detection Catches
Sigstore and SBOM scanning catch known-bad artifacts. Anomaly detection catches behavior that hasn’t been classified yet:
- Unexpected external connections during build: a hermetic build should make zero network calls after dependency fetch. Any egress during the build phase is a signal — a compromised build tool phoning home, a dependency pulling a secondary payload at install time
- Artifact hash drift: if the same source commit produces different binary output on two consecutive builds, the build environment is non-deterministic at best, compromised at worst. Reproducible builds produce identical byte-for-byte output from identical inputs — hash drift indicates something in the build environment changed
- New dependency additions without PR: any dependency that appears in a build artifact but was not added via a reviewed pull request is an anomaly. SBOMs make this comparison possible; without them it is invisible
# Check for unexpected network connections during a build
# Run this on the build host during a CI job
ss -tnp | grep -E "(ESTABLISHED|SYN_SENT)"
# Any connection to an IP outside your artifact registry and SCM = investigate
# Compare artifact hashes across two builds of the same commit
# (tests build reproducibility)
docker pull ghcr.io/your-org/your-image@sha256:<first-build-digest>
docker pull ghcr.io/your-org/your-image@sha256:<second-build-digest>
# If the digests differ for the same source commit, investigate
Purple Phase: Structural Fixes
1. Pin Dependencies with Hashes — Not Just Versions
Version pinning (requests==2.31.0) pins the version number. The package maintainer can yank and re-upload that version with different content on some registries. Hash pinning locks the exact file bytes:
# requirements.txt — hash-pinned
requests==2.31.0 \
--hash=sha256:58cd2187423839e4e2d07f6f16c9cd680e74d6066237a4e1e88f06fc4a3e2e56 \
--hash=sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1
# Two hashes because the package ships both a wheel and a source tarball
# pip verifies the downloaded file matches one of these hashes before installing
# Generate hash-pinned requirements from a working environment
pip-compile --generate-hashes requirements.in --output-file requirements.txt
# pip-compile resolves the full dependency tree and writes pinned+hashed output
For containers, pin base images by digest, not by tag:
# Vulnerable: mutable tag
FROM python:3.11-slim
# Secure: pinned digest
FROM python:3.11-slim@sha256:6a37af1bde8be89040f70b9e93f2f61b5f14e99d7e49f9ea3dc7ded2e1c82f7b
# The digest is immutable — this exact image layer will always be fetched,
# regardless of what the 3.11-slim tag points to in the future
2. Private Artifact Registry — No Direct PyPI or npm in Production CI
A private registry (Artifactory, Nexus, AWS CodeArtifact, Google Artifact Registry) proxies upstream registries and caches approved packages. Benefits:
- Dependency confusion protection: your CI resolves
mycompany-utilsfrom your private registry first, never from public PyPI - Availability independence: a PyPI outage does not break your builds
- Audit trail: every package version pulled in every build is logged
- Policy enforcement: you can block packages with unacceptable licenses or CVE scores
# Configure pip to use a private registry proxy exclusively
# In ci/pip.conf or as environment variable
export PIP_INDEX_URL="https://your-artifactory.company.com/artifactory/api/pypi/pypi-virtual/simple/"
export PIP_TRUSTED_HOST="your-artifactory.company.com"
# No direct PyPI access — all packages go through your registry proxy
# For npm: configure registry in .npmrc
echo "registry=https://your-artifactory.company.com/artifactory/api/npm/npm-virtual/" > .npmrc
echo "always-auth=true" >> .npmrc
3. Reproducible Builds — Same Input Produces Same Output
Reproducible builds allow independent verification: a third party can take the same source and build environment and produce a byte-for-byte identical artifact. If the published artifact does not match, something changed between source and distribution.
This is exactly how the XZ tarball compromise would have been caught earlier with proper tooling: the release tarball did not match what would be produced by checking out the git tag and running the build.
# For Go: builds are reproducible by default in Go 1.13+
# Verify by building twice and comparing
go build -o binary-1 ./cmd/...
go build -o binary-2 ./cmd/...
sha256sum binary-1 binary-2
# Identical hashes = reproducible
# For containers with BuildKit: use --no-cache and compare digests
DOCKER_BUILDKIT=1 docker build --no-cache -t test-1 .
DOCKER_BUILDKIT=1 docker build --no-cache -t test-2 .
docker inspect test-1 test-2 | jq '.[].Id'
# Identical IDs = reproducible build environment
# SOURCE_DATE_EPOCH forces reproducible timestamps (common reproducibility blocker)
export SOURCE_DATE_EPOCH=$(git log -1 --format=%ct)
make # or whatever your build command is
4. Separate Build and Release Environments
SolarWinds built and signed in the same compromised environment. The build environment had signing keys. An attacker who owns the build host owns the signing operation.
INSECURE: SECURE:
Build host ──▶ compile Build host ──▶ compile
──▶ sign artifact ──▶ output unsigned artifact
──▶ publish │
▼
Separate signing host (air-gapped or HSM)
──▶ verify artifact hash
──▶ sign with HSM key
──▶ publish signed artifact
In practice: signing keys should live in a hardware security module (HSM) or KMS, not on the build host. The build produces an artifact hash; the signing service receives only the hash, not the full artifact, and signs it with the HSM-protected key. Build host compromise does not yield the signing key.
5. SBOM in Every Release — Non-Negotiable
If you cannot enumerate what is in your artifact, you cannot answer supply chain compromise questions. When CVE-2024-3094 dropped, every organization with an SBOM could query it in minutes. Organizations without one had to manually inspect every container image and every deployed system.
# Attach SBOM to a container image as an attestation (stored in registry)
syft ghcr.io/your-org/your-image:latest -o cyclonedx-json | \
cosign attest \
--predicate /dev/stdin \
--type cyclonedx \
ghcr.io/your-org/your-image:latest
# The SBOM is now stored alongside the image and signed with OIDC credentials
# Later: retrieve and search the SBOM
cosign verify-attestation \
--type cyclonedx \
--certificate-identity-regexp=".*" \
--certificate-oidc-issuer="https://token.actions.githubusercontent.com" \
ghcr.io/your-org/your-image:latest | \
jq -r '.payload | @base64d | fromjson | .predicate.components[] |
select(.name == "xz-libs") | {name, version}'
⚠ Production Gotchas
Hash pinning breaks automated dependency update workflows. When you pin with hashes, tools like Dependabot and Renovate still open PRs, but they must also update the hashes. This works — both tools support hash pinning — but you must configure them explicitly. Without hash update support in your automation, developers will remove pinning to unblock themselves.
SLSA Level 3 requires hermetic builds — most teams are not ready. Hermetic means the build process makes no network calls during compilation (all dependencies fetched in a prior, logged step). Most existing CI pipelines fetch dependencies during the build step. Reaching SLSA Level 3 requires restructuring your pipeline into explicit fetch → build phases. Start at Level 2 (hosted, signed provenance) and treat Level 3 as a 6-month target.
SBOMs without a query workflow are paperwork. Generating an SBOM with syft and storing it somewhere is the easy part. The useful part is having a process to query all SBOMs across your fleet within minutes of a new CVE. Without that query infrastructure, you have documentation, not detection capability.
Cosign verify fails silently if no signature exists. By default, if an image has no cosign signature, cosign verify returns an error — which is correct. But in a Kubernetes admission webhook that enforces signing (e.g., Kyverno, OPA/Gatekeeper), an unsigned image must be an explicit policy violation, not a webhook error that gets bypassed by a fail-open configuration. Always run admission webhooks in fail-closed mode.
Tarball vs git diff requires automation. Manually diffing every release tarball against its git tag is not sustainable. The XZ compromise would have been caught earlier if distributions had automated this check as part of their packaging workflow. Tools like diffoscope can automate the comparison; integrating it into your package intake process is the structural fix.
Quick Reference
| Attack Vector | Detection Signal | Fix |
|---|---|---|
| Build system compromise (SolarWinds) | Artifact hash drift; unexpected egress during build; tarball ≠ git diff | SLSA Level 3 hermetic builds; separate signing environment |
| Maintainer social engineering (XZ) | Tarball ≠ git diff; SBOM shows unexpected dependency; anomalous sshd syscalls | Reproducible builds; tarball verification in package intake |
| Dependency confusion | Package resolves from public registry instead of private | Private artifact registry with scoped package names |
| Typosquatting | pip-audit / npm audit signatures findings |
Private registry; automated dependency scanning in CI |
| Unsigned container image | cosign verify fails; no attestation in registry |
Sigstore/cosign in CI; fail-closed admission webhook |
Key Takeaways
- Supply chain attacks bypass perimeter security entirely — the attacker delivers malware through a channel you already trust, signed by a certificate you already trust, via an update mechanism you already approve
- SolarWinds was caught by a downstream victim (FireEye), not by SolarWinds’ own security team — the build environment had no integrity monitoring that could detect modification of compiled artifacts
- XZ Utils was caught by an engineer noticing a 500ms latency anomaly during unrelated performance work, not by any security tooling — this was within days of the backdoor shipping in multiple stable Linux distribution releases
- The detection pipeline has five layers, each catching a different attack class: hash pinning (dependency hijacking), SBOM (enumeration and CVE correlation), Sigstore signing (artifact integrity), SLSA provenance (build traceability), tarball vs git diff (source/distribution divergence)
- Start with what you can implement this week:
pip-auditornpm audit signaturesin CI,syftSBOM generation on every image build, and cosign signing for any container image that reaches production — these three steps cover the most common attack classes with minimal pipeline restructuring
What’s Next
SolarWinds showed that attackers can own your build system and reach your customers’ production networks through a single trusted update. Once they have a foothold in a cloud account — whether via a compromised build artifact or any other initial access vector — the next move is lateral: cross-account IAM role chaining to escalate from a single compromised resource to your entire cloud organization. EP10 covers what that lateral movement looks like, how to detect trust relationship abuse in CloudTrail, and how to structure cross-account access so that a single compromise cannot pivot to every account you own.
Get EP10 in your inbox when it publishes → subscribe at linuxcent.com