This gives a great overview of when to build, buy, or adopt an open source solution for a few different common cloud security challenges.
The talk can be seen here: https://youtu.be/JCphc30kFSw?t=2140
Normally I wouldn't recommend a vendor based podcast, but Wiz is doing really cool stuff in the cloud security space so I'm inclined to give them a chance!
"This allowed us to completely bypass the application’s tenant isolation and access data from any tenant in the system"
Official announcement from AWS: https://aws.amazon.com/blogs/security/removing-header-remapping-from-amazon-api-gateway-and-notes-about-our-work-with-security-researchers/
fwd:cloudsec is by far ny favorite cloud security conference. Day one has already passed (sessions are recorded) and day 2 is about to start.
See schedule at: https://fwdcloudsec.org/schedule.html