Cloud Security Partners Blog Cloud Security Partners Blog
  • Website
  • News
  • About
  • Twitter
  • LinkedIn
Sign in Subscribe
Your First Cloud Security Assessment: A Complete Guide & Checklist

Your First Cloud Security Assessment: A Complete Guide & Checklist

How good is your organization’s cloud security? Sounds like a simple question, but it can be tough to answer. With so many competing business priorities, it’s often difficult to know what is running in cloud environments, let alone how or where. However, not knowing the answer could lead
CSP Team Jun 3, 2025
This Month in Security: May 2025

This Month in Security: May 2025

May was another whirlwind month for cybersecurity, characterized by a surge in actively exploited zero-day vulnerabilities, large-scale ransomware attacks, data breaches, and sophisticated malware campaigns. Artificial Intelligence (AI) also continued its expansion, proving that it can be a powerful tool for both attackers and defenders, adding complexities to an already
CSP Team May 30, 2025
CSP Inaugural Quarterly Newsletter

CSP Inaugural Quarterly Newsletter

Hey friends, we’re coming to you once a quarter with our latest content plus some good stuff we’ve seen from the security-sphere.  First, our favorite meme of the quarter: Jordan’s cat, Rosa, is not impressed.  Our Blogs From This Quarter  Happy AppSec New Year - 2024 Recap
CSP Team May 28, 2025
WordPress Security Cheatsheet

WordPress Security Cheatsheet

Over the years, Cloud Security Partners has offered a wide range of security consultancy services. One unfortunate responsibility we frequently handle is incident response. This response work often takes place in custom applications, but we also carry out these tasks on WordPress installations regularly. These incidents can vary widely in
CSP Team May 21, 2025
This Month in Security: April 2025

This Month in Security: April 2025

“Cyber Security at the Ministry of Defence” by Defence Imagery is licensed under CC BY-NC 2.0 Keeping up with cybersecurity can sometimes feel like a full-time job, but we have broken down the latest updates and emerging threats for April into bite-sized pieces; full details can be found in
CSP Team Apr 30, 2025
Red Team Reloaded: Hacking AI Applications

Red Team Reloaded: Hacking AI Applications

Generative Artificial Intelligence is everywhere these days— from customer service chatbots all the way up to autonomous agents writing code on behalf of users. However, as these AI models are given more power and agency, they also become a much larger target for adversarial attacks. How can we ensure that
CSP Team Apr 22, 2025
Breaking Into AppSec: Hack Your Way Into Cybersecurity!

Breaking Into AppSec: Hack Your Way Into Cybersecurity!

Introduction Breaking into Application Security can feel overwhelming at first. However, it's one of the most rewarding and dynamic fields in cybersecurity. You might be a newcomer to the industry, a software engineer or product manager looking to make a career pivot, or an existing AppSec engineer looking
CSP Team Feb 27, 2025
Happy AppSec New Year - 2024 Recap

Happy AppSec New Year - 2024 Recap

What a year 2024 was for Application Security! New technologies, new incidents, new attack patterns, and so much more! The landscape of Application Security has undergone significant shifts over the past year. Artificial Intelligence continues to become a larger part of the cybersecurity scene, both on offense and defense. While
CSP Team Feb 4, 2025
Analyzing access to S3 buckets

Analyzing access to S3 buckets

A robust AWS incident response plan tends to begin with CloudTrail. CloudTrail is a tool that enables insight into events that occur within the AWS account. It is the first step in investigating a breached account and generally provides a wealth of information. In many cases, however, CloudTrail will not
CSP Team Nov 21, 2024
Software Bill of Materials: Understanding What You’re Actually Running

Software Bill of Materials: Understanding What You’re Actually Running

Software increasingly becomes more complicated. We regularly import libraries for complex or tedious tasks that we would rather not do ourselves to speed up the development of new applications or features. Database connectors, web application frameworks, serialization libraries. The list goes on for tools we need to remain highly productive.
CSP Team Oct 8, 2024
Preventing Overreliance: Proper Ways to Use LLMs

Preventing Overreliance: Proper Ways to Use LLMs

LLMs have a very uncanny ability of being able to solve problems in a wide variety of domains. Unfortunately, they also have a tendency to fail catastrophically. While an LLM may be able to provide accurate responses 90% of the time, due to nondeterministic behavior, one must be prepared for
CSP Team Aug 8, 2024
Ignore Previous Instruction: The Persistent Challenge of Prompt Injection in Language Models

Ignore Previous Instruction: The Persistent Challenge of Prompt Injection in Language Models

Prompt injections are an interesting class of emergent vulnerability in LLM systems. It arises because LLMs are unable to differentiate between system prompts, which are created by engineers to configure the LLM’s behavior, and user prompts, which are created by the user to query the LLM. Unfortunately, at the
CSP Team Apr 24, 2024
Introduction to LLM Security

Introduction to LLM Security

In the dynamic world of AI today, Large Language Models (LLMs) stand out as one of the most interesting and capable technologies. The ability to answer arbitrary prompts has numerous business use cases. As such, they are rapidly being integrated into a variety of different applications. Unfortunately, there are many
CSP Team Mar 6, 2024
The Security Benefits of Infrastructure as Code

The Security Benefits of Infrastructure as Code

We have developed and delivered new ways to deliver infrastructure quickly and without these misconfigurations. Prevention is the only cure; we’ll talk about how you can implement this today.
Mike McCabe Feb 22, 2024

Subscribe to Cloud Security Partners Blog

Don't miss out on the latest news. Sign up now to get access to the library of members-only articles.
Cloud Security Partners Blog © 2025.