k9 Security Blog
Secure your cloud infrastructure quickly and confidently
How to Systematically Convert Cloud Security Assessments into Client Outreach
Running assessments is familiar territory for most cloud security consultants. However, many consultants lack a standardized process for how they package findings, position their value, and follow up with clients. By creating such a system, consultants can turn...
Export Findings from Security Hub in OCSF Format: A Complete Guide
Security teams have long been challenged by security findings scattered across many tools in proprietary formats that don't play well together. If you're managing AWS Security Hub findings and need to analyze them alongside data from other security tools, you've...
k9 Security launches initial support for automated IAM security review with findings in OCSF format
k9 Security introduces automated IAM security review for AWS, delivering findings in OCSF format. This release detects excess IAM admins and stale API access keys, saving hours of manual review while improving security and compliance. Results are available in JSON, Excel, and CSV to simplify analysis and remediation.
AWS IAM Users vs. Identity Center & JIT: Is Your Cloud Access Strategy Secure or Stalling?
This article was originally written by Cloudanix Introduction The way we manage access in AWS has changed IAM dramatically. When many organizations first ventured into the cloud, creating individual AWS IAM users directly within each account was standard practice....
Effective IAM News – 2025-05-16
NCC Group's AI Red Team recently published key findings after penetration testing dozens of AI applications. Analyzing Secure AI Architectures reveals that major AI vulnerabilities stem not from model flaws, but from misunderstanding how AI systems interact with...
Effective IAM News – 2025-05-02
PowerUserAccess: The Hidden Path to Admin Control Ever wonder how attackers see the AWS permissions you grant? This week, we gain a critical perspective from the trenches with PowerUserAccess vs. AdministratorAccess from an attacker's perspective by Eduard Agavriloae,...
Effective IAM News – 2025-04-18
If you're responsible for securing Azure, you should know about Azure's Apex Permissions: Elevate Access & The Logs Security Teams Overlook because it exposes a critical security blindspot affecting virtually every Azure environment. Nathan Eades and the Permiso...
Effective IAM News – 2025-04-04
This Week’s Featured IAM Resource This week we are highlighting The Director's Guide: IAM Security at Scale by Kyle Chrzanowski (Mandiant | Google Cloud) because it offers a concise, implementation-focused guide to architecting IAM at scale. The article defines...
Effective IAM News – 2025-03-21
Welcome to The Effective IAM Newsletter! Our mission is simple: curate high-impact resources that address real-world cloud IAM challenges for busy security professionals. Each edition features an industry trend, expert insight, or practical tool that you can use. You...
Scaling IAM Security For Major Cloud Platforms: Insights from the ScaleToZero Podcast
In a recent episode of the ScaleToZero podcast powered by Cloudanix, k9 Security’s founder, Stephen Kuenzli, broke down one of the most persistent challenges in cloud security: how to scale identity and access management (IAM) in large, fast-moving engineering...
Get k9 News
Get k9 Security technical articles & release updates, at most weekly.