Sign in Subscribe

CSP Inaugural Quarterly Newsletter

Hey friends, we’re coming to you once a quarter with our latest content plus some good stuff we’ve seen from the security-sphere. 

First, our favorite meme of the quarter:

Jordan’s cat, Rosa, is not impressed. 

Our Blogs From This Quarter 

Happy AppSec New Year - 2024 Recap

In 2024, AI took center stage in Application Security, fueling both novel vulnerabilities (e.g., Prompt Injection) and new AI-powered defensive tools (e.g., XBOW, DryRun Security). Meanwhile, supply chain exploits like the xz-utils compromise and large-scale incidents such as Crowdstrike’s faulty driver update reinforced the need for stronger security strategies heading into 2025.

Full post: https://cloudsecuritypartners.com/blog/happy-appsec-new-year-2024-recap

Breaking Into AppSec: Hack Your Way Into Cybersecurity!

This blog post introduces Application Security and the core technical skills—secure coding, threat modeling, and penetration testing—needed to break into the field. It also covers practical ways to build a reputation, from open-source contributions and bug bounties to attending conferences and earning certifications, so you can confidently launch your AppSec career.

Full post: https://cloudsecuritypartners.com/blog/breaking-into-appsec-hack-your-way-into-cybersecurity

Everyone loves a good podcast, right? 

Episode 76: ShmooBalls & Open Source Brawls: DevSecOps, Risk, and the Final ShmooCon

From no resolutions to the bittersweet final ShmooCon, Ken and Mike cover hardware hacking highlights, open source vs. enterprise tools, and the Semgrep licensing saga (with the OpenGrep fork mirroring the Terraform/OpenTofu controversy). They also tackle cyber risk from an insurance angle, noting how mailing breach notifications alone could bankrupt you.

Watch the full episode at https://www.youtube.com/watch?v=UwBhKZ0DXwg&t=174s

Episode 77: Is Google Eating the Cloud? 🔥 Wiz.io Acquisition Hot Takes

Ken Toler and Mike McCabe dissect Google’s $32B acquisition of Wiz.io, debating whether it will remain the security industry’s rising star or disappear into Google Cloud’s sprawling product lineup. They also weigh in on multi-cloud strategies, platform fatigue, and how this move stacks up against Google’s previous high-profile acquisitions like Mandiant and Chronicle.

Watch the full episode at https://www.youtube.com/watch?v=nrrwi1XLhKA

Cocktails & Cloud Episode #8

In this episode of Cocktails & Cloud, John trades his usual beverage for a cozy Kinder Punch in honor of Dry January and dives into ransomware threats targeting AWS S3. You’ll learn about attacker-controlled encryption keys, why least privilege matters, and how offline backups can save the day—hot punch optional!

Watch the full episode of Cocktails & Cloud Episode #8 at https://www.youtube.com/watch?v=Wp9fHnYvDvY

Meet Our New Teammates 

Brian Henderson 

We welcomed Brian to Cloud Security Partners as a Principal Engineer in March. Brian has dedicated his 20-year career to cybersecurity, gaining expertise across offensive and defensive security. 

He began with a focus on application and penetration testing before transitioning to securing cloud infrastructures for both startups and enterprises.

3 fun facts about Brian:

💻 He worked as a software engineer developing enterprise cloud security solutions and has lead engineering teams

♥️ Spending time with his family is a priority

🥾 🎲 Hiking and playing board games are a couple of his favorite activities

Webinars

Infrastructure as Remote Code Execution

Mike McCabe shined a spotlight on Terraform—everyone’s favorite Infrastructure as Code tool and, unfortunately, a huge target for attackers.

In this talk, Mike:

  • Explores why Terraform’s popularity makes it a magnet for bad actors.
  • Shows how these bad guys can exploit vulnerabilities for remote code execution and privilege escalation.
  • Provides proven best practices to protect your Terraform environment and keep your cloud infra safe.

Whether you’re new to Terraform or practically wrote the manual, if you’re all about maintaining a secure (and drama-free) Terraform setup, you’re gonna love this!

We’re so proud! 🥲

John Poulin and Sean Lyford win OWASP Maine Secure Coding Tournament

🎉🎉 We're doubly proud—two of our own, John Poulin and Sean Lyford, win 1st and 2nd place OWASP Maine Secure Coding Tournament! 🎉🎉

Favorite Blogs We’ve Read

We’re big fans of everything Chris Farris publishes, here are two great blogs from him!

https://www.chrisfarris.com/post/threat-model-2025/

https://www.chrisfarris.com/post/three-laws

Trail of Bits does some great analysis of MCP security

https://blog.trailofbits.com/2025/04/23/how-mcp-servers-can-steal-your-conversation-history/

Important Updates in the Security Sphere

Microsoft Defender for Cloud: Change to the recommendation severity levels

Microsoft Defender for Cloud has enhanced severity levels of recommendations to improve risk assessment and prioritization.

The projected change took place on March 25, 2025.

With this update, there are four distinct levels: Low, Medium, High, and Critical, providing a more granular risk evaluation to help customers focus on the most urgent security issues.

Read the full update: https://learn.microsoft.com/en-us/azure/defender-for-cloud/release-notes#upcoming-change-to-the-recommendation-severity-levels

Guest Appearances

Modern Cyber

Mike joined Jeremy Snyder on another special breach episode of ModernCyber. Jeremy interviewed Mike about an incident that unfolded due to a compromised G Suite admin account. They walk through the attack chain—from a simple phishing email to full database exfiltration via a Jenkins server exploit. Then they break down the critical security missteps, how the breach was ultimately detected, and the key lessons for securing cloud environments.

Watch the full episode here: https://www.youtube.com/watch?v=aUB06PT2z6o&t=1s

The Security Repo

John Poulin joins the Security Repo Podcast to break down Defense In Depth, audit logs, and why security headers are the new "bank-grade encryption." 🔐

Plus, John recounts the day GitHub logged out all users due to a security bug and offers advice on avoiding over-reliance on web application firewalls.

Watch the full episode: https://youtu.be/lCQ-fqAP1uQ?si=4jKEQHbeahDoUv1V

Security Poll

What security tips would you like to see more of? 

Take the Survey

We hope you enjoyed the newsletter! Follow us on LinkedIn to stay up to date on the latest news. 

See you next time,

—Cloud Security Partners