Resources
Threat intelligence, security research, and practitioner insights from the Cloud Cape team.
S3 Bucket Security: Best Practices Against Cloud Storage Misconfigurations
Open cloud storage buckets are among the most common and most damaging data leaks. Five principles to prevent misconfigurations instead of cleaning up after them.
How Much Does a Penetration Test Cost? Day Rates, Cost Factors and Realistic Ranges
There's no flat price — but there are understandable factors. What makes a pentest expensive or cheap, which day rates and ranges to expect, and how to spot a mislabelled offering.
What Is a Vulnerability Scan? And How It Differs From a Penetration Test
Scan, assessment, pentest, management — four terms constantly confused, often deliberately. What a vulnerability scan really is, and where its limits lie.
Penetration Testing in the Public Cloud: Shared Responsibility, Rules and Limits
In the cloud the infrastructure isn't yours — but your configuration is. What you may test in AWS, Azure and GCP, where the limits are, and why cloud pentests follow their own rules.
How Often Should Companies Conduct Penetration Tests?
"Once a year" is a rule of thumb, not a strategy. How to build a pentest programme that matches your company's risk, compliance and pace of change.
Cloud Patch Management: How Automated Patching Raises Your IT Security
Unpatched vulnerabilities are one of the most common causes of security incidents — and one of the most avoidable. How cloud-based patch management solves the problem automatically.
Zscaler Internet Access & Microsoft 365: 5 Benefits of the Integration
Zscaler Internet Access is the Secure Web Gateway of the Zero Trust Exchange — and pairing it with Microsoft 365 is the foundation of a modern SSE architecture. Five benefits from the field.
What Is a Managed Public Cloud? When Experts Run Your Cloud
The hyperscalers deliver infrastructure — not operations. What a managed public cloud delivers, which tasks an MPCP takes on, and how to recognise a good partner.
Security and Compliance in Microsoft 365: What Microsoft Protects — and What You Must Do Yourself
Microsoft secures the platform — you secure your data. Which protection and compliance tools Microsoft 365 provides, and why the default configuration isn't enough.
Security in Azure Kubernetes Service (AKS): What Actually Matters
AKS takes the control plane off your hands — but not the job of securing the cluster. The levers that actually decide container security in Azure.
Breach and Attack Simulation (BAS): Test Continuously Instead of Hoping Once a Year
You invest in security tools — but do they hold up against a real attack? Breach and Attack Simulation tests your controls continuously and automatically, instead of hoping once a year.
What Is a Red Team? Realistic Attacks Instead of Checklist Security
A red team doesn't measure whether your controls exist — it measures whether they survive a real attack. What separates a red team operation from a pentest, and when it's worth it.
AWS vs. Azure: Comparing the Two Major Cloud Providers
Two providers, nearly half the IaaS market. AWS and Azure compared across six criteria — and why the right choice depends less on the winner than on your requirements.
Crowdsourced Ethical Hacking: Bug Bounty vs. Dedicated Penetration Testing
Bug bounty platforms promise the swarm intelligence of thousands of hackers. Where that holds up — and where a dedicated red team with context and repeatability wins.
IT-as-a-Service (ITaaS): The Operating Model for IT Without Your Own Data Centre
IT as a catalogue, not a cost centre: what IT-as-a-Service delivers, where the consumption model wins — and where the lock-in effect becomes a trap.
Implementing Microsoft Teams Successfully: Adoption, Governance and Security
Rolling Teams out is easy. Adopting it successfully isn't. Three success factors — awareness, governance, pilot — and why the default settings are a security risk.
STACKIT: The European Cloud Alternative From Heilbronn
Data sovereignty instead of US hyperscaler dependence: what STACKIT from the Schwarz Group delivers, where its strengths lie — and which companies should take a closer look.
Desktop-as-a-Service (DaaS): Virtual Workstations From the Cloud
Workstations from the cloud instead of VDI in your own basement: what Desktop-as-a-Service delivers, where the limits are, and what to watch for in provider choice, security and cost.
Azure Virtual Desktop (Formerly Windows Virtual Desktop): The Windows Desktop From the Cloud
A full Windows desktop from Azure — anywhere, on any device. What Azure Virtual Desktop can do, how licensing works, and what matters when securing it.
GET THE DISPATCH.
Get threat intelligence and research delivered to your inbox. No noise — just signal from the Cloud Cape team.
You're on the list. The first briefing will reach your inbox the moment it drops.