Sign in

Cloud Security Engineer 🙋🏻‍♂️ | Python 🐍 | CyberSecurity 👾 | Fan of Soccer ⚽

Engineering teams that build, scale, and manage cloud-based applications on AWS know that at some point in time, their applications and infrastructure will be under attack. But as applications expand and new features are added, securing workloads in AWS becomes an increasingly complex task.

To add visibility and audibility, AWS CloudTrail tracks the who, what, where, and when of activity that occurs in your AWS environment and records this activity in the form of audit logs. …

Hackers love AWS Keys, It gives access to an entire cloud. It’s the most valuable treasure that an attacker could find inside a compromised server.

In this post I will show how we can use fake access keys, to detect compromised instances in our production environment.


We will talk about how to detect intruders early on systems, with real-time alerts. We won’t discuss mitigations or protections to prevent this kind of attack.

Before we talk about the solution proposed, we will see some concepts related to security.

My servers have never been hacked…

¿yes? ¿100% sure?

Even though a system could be secure, ever it’s feasible to be hacked, and in most cases, it’s probable that has been attacked and you haven’t ever noticed about that.

Hackers are experts in infiltrating…

Leandro Mantovani

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store