Episodios

  • Less Alerts, More Impact: Stephen Kuenzli on Winning at AWS Security

    Less Alerts, More Impact: Stephen Kuenzli on Winning at AWS Security
    Apr 10 2026
    Stephen Kuenzli, founder of k9 Security, joins us to talk about his journey from AWS consultant to SaaS builder — and why IAM is still the hardest part of cloud security. We dig into practical advice for achieving least privilege, how to deal with the flood of security alerts from tools like AWS Security Hub and Wiz, and why your team's attention budget matters more than fixing every finding. Plus, Stephen plays a quick-fire round rating Security Hub controls as "critical" or "distraction."
    Más Menos
    57 m
  • #096 AWS European Sovereign Cloud: Sovereignty or Just Marketing?

    #096 AWS European Sovereign Cloud: Sovereignty or Just Marketing?
    Mar 19 2026
    In this episode, Andreas introduces his long-time friend Thorsten Höger, with whom he shares a history going back to school and later working together on an AWS-powered online banking platform. Thorsten has spent over 10 years helping SMB customers in regulated industries build compliant AWS infrastructures, specializing in networking, security, Serverless, and CDK. He talks about his current consulting work and his upcoming product Deploymon. A major topic is the AWS European Sovereign Cloud (EUSC), where Andreas shares a field report and the hosts debate whether EUSC is genuine sovereignty or just "sovereign washing" given concerns around the US Cloud Act. They also discuss how small businesses can benefit from AI tools. Andreas uses AI to review blog posts, find bugs, and update dependencies, while Thorsten relies on it for customer offers, software development, planning, and research.
    Más Menos
    48 m
  • #095 AWS costs are like fingernails ...

    #095 AWS costs are like fingernails ...
    Aug 25 2025
    Michael shares a trick to reduce AWS Config costs for volatile workloads. Andreas talks about EC2 instance families and their availability in the different AWS regions. On top of that, the Wittig brothers share insights into their work and business.
    Más Menos
    37 m
  • #094 It's the small improvements that make us smile

    #094 It's the small improvements that make us smile
    Jul 24 2025
    This episode covers a month of record growth and strategic shifts, celebrating new customer wins and diving into our marketing strategies. We share project updates, including bucketAV's multi-engine scan, and highlight key AWS topics: simplified AMI deletion and generating SDKs for API Gateway. Tune in for insights, wins, and fails!
    Más Menos
    33 m
  • #093 Getting ISO 27001 certified as a 2-person company

    #093 Getting ISO 27001 certified as a 2-person company
    Apr 10 2025
    Getting ISO 27001 certified is not just boring paperwork. We discuss what we've learned and how we improved information security for our customers. Also, Michael shares how to run Amazon Linux 2023 on small machines like t3.nano.
    Más Menos
    35 m
  • #092 The Cloud Control API came a long way

    #092 The Cloud Control API came a long way
    Oct 11 2024
    Learn how to work around missing resources in Terraform by using the Cloud Control API and the awscc Terraform provider. Also, Michael shares what he learned from migrating a workload from Amazon Linux 2 to Amazon Linux 2023. Last but not least, Andreas reviews the fwd:cloudsec Europe conference. ☁️ Cloud Control API + Terraform awscc ☁️ Migrating to Amazon Linux 2023 ☁️ fwd:cloudsec Europe in Review
    Más Menos
    36 m
  • #091 Cloudflare R2 Same Same But Different

    #091 Cloudflare R2 Same Same But Different
    Jul 25 2024
    Look behind the curtains of releasing two new products: bucketAV for Cloudflare R2 and attachmentAV Virus and Malware Scan API. Andreas and Michael discuss what they learned about Cloudflare, S3, and API Gateway. Besides that, the brothers rant about new security controls added to Security Hub recently.
    Más Menos
    34 m
  • #090 AWS Testing Awesomeness

    #090 AWS Testing Awesomeness
    Jun 13 2024
    Andreas and Michael Wittig were pretty jazzed about writing unit tests using mocks for the AWS SDK v3 in JavaScript. They broke down Amazon's new GuardDuty malware protection for S3 and how it compares to their own product bucketAV. The duo also covered testing Terraform modules and using aws-nuke to clean up leftover resources from failed tests. They gave their two cents on some recent AWS service announcements too - CloudWatch, Fargate, CloudFormation and more!
    Más Menos
    29 m