cloudonaut

96 episodes — Page 1 of 2

Ep 97Less Alerts, More Impact: Stephen Kuenzli on Winning at AWS Security

Stephen Kuenzli, founder of k9 Security, joins us to talk about his journey from AWS consultant to SaaS builder — and why IAM is still the hardest part of cloud security. We dig into practical advice for achieving least privilege, how to deal with the flood of security alerts from tools like AWS Security Hub and Wiz, and why your team's attention budget matters more than fixing every finding. Plus, Stephen plays a quick-fire round rating Security Hub controls as "critical" or "distraction."

Apr 10, 202656 min

Ep 96#096 AWS European Sovereign Cloud: Sovereignty or Just Marketing?

In this episode, Andreas introduces his long-time friend Thorsten Höger, with whom he shares a history going back to school and later working together on an AWS-powered online banking platform. Thorsten has spent over 10 years helping SMB customers in regulated industries build compliant AWS infrastructures, specializing in networking, security, Serverless, and CDK. He talks about his current consulting work and his upcoming product Deploymon. A major topic is the AWS European Sovereign Cloud (EUSC), where Andreas shares a field report and the hosts debate whether EUSC is genuine sovereignty or just "sovereign washing" given concerns around the US Cloud Act. They also discuss how small businesses can benefit from AI tools. Andreas uses AI to review blog posts, find bugs, and update dependencies, while Thorsten relies on it for customer offers, software development, planning, and research.

Mar 19, 202647 min

Ep 95#095 AWS costs are like fingernails ...

Michael shares a trick to reduce AWS Config costs for volatile workloads. Andreas talks about EC2 instance families and their availability in the different AWS regions. On top of that, the Wittig brothers share insights into their work and business.

Aug 25, 202537 min

Ep 94#094 It's the small improvements that make us smile

This episode covers a month of record growth and strategic shifts, celebrating new customer wins and diving into our marketing strategies. We share project updates, including bucketAV's multi-engine scan, and highlight key AWS topics: simplified AMI deletion and generating SDKs for API Gateway. Tune in for insights, wins, and fails!

Jul 24, 202533 min

Ep 93#093 Getting ISO 27001 certified as a 2-person company

Getting ISO 27001 certified is not just boring paperwork. We discuss what we've learned and how we improved information security for our customers. Also, Michael shares how to run Amazon Linux 2023 on small machines like t3.nano.

Apr 10, 202535 min

Ep 92#092 The Cloud Control API came a long way

Learn how to work around missing resources in Terraform by using the Cloud Control API and the awscc Terraform provider. Also, Michael shares what he learned from migrating a workload from Amazon Linux 2 to Amazon Linux 2023. Last but not least, Andreas reviews the fwd:cloudsec Europe conference. ☁️ Cloud Control API + Terraform awscc ☁️ Migrating to Amazon Linux 2023 ☁️ fwd:cloudsec Europe in Review

Oct 11, 202435 min

Ep 91#091 Cloudflare R2 Same Same But Different

Look behind the curtains of releasing two new products: bucketAV for Cloudflare R2 and attachmentAV Virus and Malware Scan API. Andreas and Michael discuss what they learned about Cloudflare, S3, and API Gateway. Besides that, the brothers rant about new security controls added to Security Hub recently.

Jul 25, 202433 min

Ep 90#090 AWS Testing Awesomeness

Andreas and Michael Wittig were pretty jazzed about writing unit tests using mocks for the AWS SDK v3 in JavaScript. They broke down Amazon's new GuardDuty malware protection for S3 and how it compares to their own product bucketAV. The duo also covered testing Terraform modules and using aws-nuke to clean up leftover resources from failed tests. They gave their two cents on some recent AWS service announcements too - CloudWatch, Fargate, CloudFormation and more!

Jun 13, 202429 min

Ep 89#089 Copying 5 TB in 15 minutes

Andreas and Michael are sharing their learning while building on AWS. This episode is about cost-efficient networking on AWS. Besides that, Andreas and Michael discuss how to speed up infrastructure tests by parallelization and multiple AWS accounts. Last but not least, Andreas asks Michael about his thoughts on the latest AWS announcements.

Apr 18, 202437 min

Ep 88#088 AWS networking without burning money?

Mar 15, 202432 min

Ep 87#087 Automate all the release processes!

Andreas and Michael are sharing their learning while building on AWS. This episode is about automating the release process of bucketAV, a software product sold on the AWS Marketplace. Besides that, Andreas and Michael discuss how to reduce costs for GitHub Actions. Last but not least, Andreas asks Michael about his thoughts on the latest AWS announcements.

Feb 29, 202431 min

Ep 86#086 Overwhelmed by Security Hub

Andreas and Michael are sharing their learning while building on AWS. This episode is about AWS Security Hub and how to get any value out of the predefined security controls. Besides that, Andreas and Michael celebrate their 9th company anniversary by giving insights into their story. Last but not least, Andreas asks Michael about his thoughts on the latest AWS announcements.

Feb 13, 202432 min

Ep 85#085 Losing trust in KMS

Feb 1, 202432 min

Ep 84#084 Aurora Serverless is dead, long live Aurora Serverless!

Jan 11, 202433 min

Ep 83#083 One region to rule them all

Which EC2 instance families are available in which region? How protect agents connected through Amazon Connect from malware uploaded by customers? What is S3 Object Lock all about?

Nov 16, 202327 min

Ep 82#082 Generating boring CloudFormation templates with the CDK

Should you upgrade to Terraform 1.6 already? How to avoid blind spots when monitoring Lambda functions? An unusual way to utilize the CDK.

Oct 12, 202325 min

Ep 81#081 AWS JavaScript SDK v3 + CloudWatch Dashboard Custom Widgets

Andreas and Michael Wittig are building on AWS since 2009. Follow their journey of developing products like bucketAV, marbot, and HyperEnv and learn from practice.

Sep 30, 202329 min