TrustOnCloud

66% of your cloud controls aren't covered by default Wiz rules. we know because we mapped every single one across AWS S3, Azure Storage, and GCP BigQuery. then we open-sourced 50+ custom rules to close it. used by 4 global systemic banks. free on Github: trustoncloud.com/blog/wiz-custo… #cloudsecurity #CNAPP #infosec #Cloudcontrols

5/ Each package includes: mapping of default Wiz rules → our controls + Rego CCRs for every gap. All open-source. Learn more: trustoncloud.com/blog/wiz-custo…

4/ GCP #BigQuery: 3% covered. 34 of 35 controls missing. Most are medium severity: IAM entity access, row-level security, authorized encryption.

1/ We just open-sourced @wiz_io CCR packages for AWS S3, Azure Storage & GCP BigQuery. Default Wiz coverage: ~34% for these services. Here's what's missing and why it matters for regulated enterprises 🧵

We learned the hard way: RSS isn't reliable for cloud change monitoring. AWS API + pagination + completeness checks = table stakes now. #CloudSecurity #AWS #DevSecOps #ThreatIntelligence

Before the next re:Invent: ✅ Pull daily during burst weeks ✅ Use the API, not just RSS ✅ Add completeness checks: make "missing updates" an alert, not an accident (4/5)

🚨 Using AWS "What's New" #RSS feed for cloud monitoring? You might be missing critical updates. A few years back, our dashboards stayed green while we went blind to changes. Here's what happened 🧵

This is exactly why at TrustOnCloud, we don't just read documentation. Real cloud security comes from validating how services actually behave, not how they’re described. #CloudSecurity #Cloud #ThreatResearch #Governance #CISO #TrustOnCloud

If you rely on release notes alone, you assume a clean transition. Instead, you get a period of hybrid behavior where: • Attack surfaces emerge in the gap between old and new service identities • New functionality may not inherit security controls in the way teams expect

Docs say one thing. The #API does another. This is why we test everything by hand. During a recent deep-dive into Amazon Q in Connect, our researcher Hafsa Hafeez found a discrepancy that most tools miss.

“We have the AI. We just can’t get GRC to say yes.” Most AI projects don’t stall in development. They stall in security review. Security wants certainty. GRC wants an audit trail. Engineering wants to ship. TrustOnCloud helps align all three by turning control requirements into clear, testable Jira tasks with implementation and validation steps. 🚀 Get AI tech secured and approved: trustoncloud.com/get-ai-tech-se… #CloudSecurity #GRC #AI #DevSecOps #CloudGovernance #CloudSecurity

𝗕𝗿𝗶𝗻𝗴 𝗰𝗼𝗻𝘀𝗶𝘀𝘁𝗲𝗻𝗰𝘆, 𝘀𝗽𝗲𝗲𝗱, 𝗮𝗻𝗱 𝗰𝗹𝗮𝗿𝗶𝘁𝘆 𝘁𝗼 𝗲𝘃𝗲𝗿𝘆 𝗻𝗲𝘄 𝗰𝗹𝗼𝘂𝗱 𝘆𝗼𝘂 𝗼𝗻𝗯𝗼𝗮𝗿𝗱. When you’re asked to support a new cloud provider, the challenges stack up quickly. Each platform has its own controls, compliance rules, and unfamiliar workflows. Without a consistent framework, security work becomes manual, repetitive, and slow. 𝗛𝗶𝗴𝗵-𝗽𝗲𝗿𝗳𝗼𝗿𝗺𝗶𝗻𝗴 𝗰𝗹𝗼𝘂𝗱 𝘁𝗲𝗮𝗺𝘀 𝗳𝗼𝗰𝘂𝘀 𝗼𝗻 𝘁𝗵𝗿𝗲𝗲 𝘁𝗵𝗶𝗻𝗴𝘀: ✔️ Standardizing every cloud with a single control library across AWS, Azure, and Google Cloud. ✔️ Onboarding new services fast with repeatable, audit-ready workflows ✔️ Giving engineers instant clarity with platform-specific guidance Learn more: trustoncloud.com/support-your-c… #CloudSecurity #MultiCloud #Compliance #DevSecOps #TrustOnCloud