Profile avatar
scottpiper.bsky.social
Cloud security historian. Developed http://flaws.cloud, CloudMapper, and Parliament. Founding team for fwdcloudsec.org Principal Cloud Security Researcher at Wiz.
126 posts 1,732 followers 74 following
Prolific Poster
Conversation Starter
Posts 34 Comments 16

Mark your calendar: fwd:cloudsec Europe 2025 lights up Berlin on September 15-16! This two-day event is a non-profit cloud security conference, and we expect over 350 attendees this year!

submitted 3 days ago • 1 comment

Ben Evans posted a new (or rather updated) presentation: "AI eats the world" www.ben-evans.com/presentations

submitted 2 days ago • 0 comments

This is great to see AWS centralizing info about their end of life products in one place! Hopefully I'll eventually be able to retire github.com/SummitRoute/... aws.amazon.com/blogs/aws/in...

submitted 8 days ago • 0 comments

If you'd like to learn more about this type of misconfiguration, how it can be exploited, and how to prevent it, @danielleaminov.bsky.social from my team at Wiz wrote a great introduction to this topic here: www.wiz.io/blog/spring-...

submitted 10 days ago • 0 comments

Check out the talks that have been accepted for fwd:cloudsec! Also, there are still tickets available for the conference! It's happening June 30-July 1 in Denver. fwdcloudsec.org/conference/n...

submitted 13 days ago • 0 comments

Today's thread is about something I'm rather experienced with... How to Get Fired With Both Grace and Aplomb

submitted 14 days ago • 4 comments

The "aws" account id is an interesting thing. For example, arn:aws:iam::aws:policy/PowerUserAccess, note the ARN format is arn:partition:service:region:account-id:resource-id so the first ":aws:" is a partition, but the second ":aws:" is an account id. It shows up in a few other rare places. 1/2

submitted 16 days ago • 1 comment

AWS VPC endpoint interface support for AZs is chaos. Of the 392 services these endpoints support, 75 services are not available in all AZs in us-east-1. You think, ok use1-az3 is probably missing support for some, because of course it is, because it's cursed and you'd be right, it's the worst, but

submitted 16 days ago • 1 comment

If you're a cloud practitioner based in Europe, definitely submit to fwd:cloudsec Berlin happening in September! We're actively seeking submissions from first time speakers and non-security folks. In that case, you can submit by May 30th and get initial feedback on your submission!

submitted 21 days ago • 1 comment

🔍IT'S HERE: #ExfilCola, our cloud IR security CTF challenge!🥤 Your mission: - Investigate the cloud environment logs - Research the compromised machines - Secure the files and save the day ⏰ The Cloud Hunting Games are live >> www.cloudhuntinggames.com

submitted 23 days ago • 0 comments

The final round of tickets for fwd:cloudsec in Denver on June 30-July 1 are now available!

submitted 22 days ago • 0 comments

AWS quarterly revenue was $29.3 billion vs. the $29.42 billion expected, because you people finally started listening to me.

submitted 27 days ago • 7 comments

Finally read and implemented the AWS Delegated Management - @scottpiper.bsky.social’s article hits the nail on challebges - we built and maintained an internal API to access this information for automation purposes, which I would do again if it wasn’t for this feature www.wiz.io/blog/use-cas...

submitted 27 days ago • 0 comments

The last round of tickets for fwd:cloudsec North America go on sale May 6 at 9:59am Denver time. www.eventbrite.com/e/fwdcloudse...

submitted 29 days ago • 0 comments

Your Lambdas Function (yes that’s how we pluralize it) are about to get more expensive, as AWS begins charging for the INIT phase. aws.amazon.com/blogs/comput...

submitted 29 days ago • 3 comments

Awesome that Project Kuiper finally has satellites up so we can get competition for home satellite internet. www.cnbc.com/2025/04/28/a...

submitted 30 days ago • 1 comment

It's kinda been raised, but its nuts that (according to Mandiant/M-Trends) in 2025: - vulnerabilities/exploits are the most frequently observed initial vector; - the top 4 exploited vulns belong to security vendors. What are we doing here? 🤯😱

submitted 31 days ago • 3 comments

us-east-1 will now have 7 AZs. The other regions with more than 3 AZs are us-west-2 (Oregon), ap-northeast-1 (Tokyo), and ap-northeast-2 (Seoul), each with 4.

submitted 34 days ago • 3 comments

Nigeria is getting their first cloud region, and it's from Huawei. Neither AWS, GCP, or Azure have regions in Africa outside of South Africa. Nigeria has a GDP similar to South Africa, and a population 3.5x the size. Strategic things happening. www.huaweicloud.com/intl/en-us/n...

submitted 34 days ago • 0 comments

This is the only AWS managed policy that references a vendor solution in the name. I want one. 🙏

submitted 42 days ago • 0 comments

You can catch @dugsong.com talking about the security industry, building companies and shaping cultures on the latest episode of “Inside the Network” - insidethenetwork.co/episodes/dug... Dug is always considered and always worth listening to..

submitted 46 days ago • 0 comments

The CFP for fwd:cloudsec closes this Friday (11:59 pm Mountain Daylight Time)! This is a conference for practitioners, which means that if you work in cloud security, you have something to say that we're interested in! fwdcloudsec.org/conference/n...

submitted 50 days ago • 0 comments

Interesting supply chain related idea from Eduard Agavriloae to typosquat libraries, and then to compromise blog posts of tutorials to use that library. www.linkedin.com/posts/ugcPos...

submitted 54 days ago • 0 comments

"I fought a DDoS and lived to tell the tale" is one of my favourite blog posts. It's been many months since I read it, but I remember it whenever I think of WAF. Give it a read; I promise it will be worth it. open.substack.com/pub/funkbyte...

submitted 60 days ago • 0 comments

Every cloud cost program seems to start with "Let's buy RIs and Savings Plans!" That's backwards. When you lock in discounts, you're also locking in your architectural decisions - good or bad. Start understanding your architecture, then the discounts.

submitted 61 days ago • 0 comments

Something something…bandwagon…something something. Hey did you know the CFP for @fwdcloudsec.org is open now? Submit your innovative cloud security talks now through April 11th!!

submitted 63 days ago • 0 comments

#IngressNightmare: Wiz Research uncovers a critical vulnerability in Ingress-NGINX 🚨 Wiz Research found a novel attack vector in one of Kubernetes's most fundamental projects, Ingress-NGINX, which is rated CVSS 9.8.

submitted 65 days ago • 2 comments

I'll be keynoting BSidesSLC on April 10-11, where I will discuss my lessons learned from getting other teams to fix things, both inside and outside your company. Register now! www.bsidesslc.org

submitted 65 days ago • 1 comment

We’re thrilled to announce that the second edition of fwd:cloudsec Europe will take place on September 15-16 in Berlin! fwdcloudsec.org/conference/e...

submitted 66 days ago • 2 comments

This post is amazingly done, full stop. It’s more impressive when you get to the end and realize it’s the author’s first post.

submitted 69 days ago • 1 comment

It's been awesome getting to team up with @ramimac.me to dig into a new AWS feature! Read our thoughts on AWS's new CloudTrail network activity events (aka VPC endpoint logs): www.wiz.io/blog/aws-vpc...

submitted 70 days ago • 0 comments

Turns out when you investigate a compromised Github Actions you ... find another compromised Github Action: www.wiz.io/blog/new-git...

submitted 72 days ago • 1 comment

submitted 73 days ago • 0 comments

Do you know someone in college looking to get a head start on their career? Tell them about the fwd:cloudsec scholarship! This provides a conference ticket and stipend to help cover travel costs for a conference that I strongly believe would be very helpful. fwdcloudsec.org/conference/n...

submitted 79 days ago • 0 comments