Back to portfolio
Specialized Expertise
6+ YRS · AWS / AZURE / GCP

Cloud Security

6+ years designing secure cloud architectures and performing penetration tests on cloud workloads.

What I deliver

  • IAM least-privilege reviews
  • CSPM & misconfig hunting
  • Container & Kubernetes hardening
  • Cloud-native attack simulation
⟩ real-world projects

Selected engagements

Sanitized highlights from real client work — approach, the bug we found, and the fix shipped. Names redacted under NDA.

01

AWS multi-account audit for fintech — privilege escalation via iam:PassRole, full SCP redesign

02

Azure tenant assessment — Consent phishing path + over-permissive app registrations cleaned up

03

EKS hardening for SaaS scale-up — kube-bench + Falco rules, removed 9 cluster-admin bindings

04

GCP IaC review with Checkov in CI — 300+ Terraform misconfigs gated pre-merge

⟩ common vulnerabilities & how I find them

Top bugs I hunt — and the steps

The recurring weaknesses I see in this domain, with the repeatable workflow I run from discovery to fix.

01

IAM Privilege Escalation

Critical
  1. STEP 1Enumerate identities, roles, policies with Pacu / Prowler
  2. STEP 2Hunt iam:PassRole, sts:AssumeRole, lambda:* escalation paths
  3. STEP 3Chain via service trust relationships to admin
  4. STEP 4Fix: SCPs, permission boundaries, remove wildcard actions, enable Access Analyzer
02

Publicly Exposed Storage

High
  1. STEP 1Scan S3 / Blob / GCS for public ACLs + bucket policies
  2. STEP 2Validate sensitive data exposure with read tests
  3. STEP 3Check for Object Ownership + Block Public Access flags
  4. STEP 4Fix: enable Block Public Access org-wide, encrypt + log all reads
03

Kubernetes Cluster Misconfig

High
  1. STEP 1Run kube-bench (CIS) + kubescape for RBAC, network, pod-security
  2. STEP 2Hunt cluster-admin bindings, hostPath mounts, privileged pods
  3. STEP 3Test pod-to-metadata escape (IMDSv1)
  4. STEP 4Fix: Pod Security Admission restricted, OPA Gatekeeper, IMDSv2 only
⟩ arsenal

Tools & frameworks

Prowler
Cloud Audit
ScoutSuite
Cloud Audit
Pacu
AWS Exploitation
Kubescape
K8s Security
Trivy
Container Scanner
CloudSploit
Cloud Posture
CloudGoat
AWS CTF Lab
Steampipe
Cloud SQL Query
Checkov
IaC Scanner
Falco
Runtime Security
Terraform
IaC Provisioning
kube-bench
K8s CIS Audit
Docker Bench
Docker Audit
Polaris
K8s Best Practices
⟩ engage

Need cloud security expertise?

Get in touch
⟩ related

More in Specialized Expertise