Blink blog

Adopting AWS Security Controls to Achieve SOC 2 Compliance

SOC 2 compliance for Amazon Web Services (AWS) is a widely recognized cybersecurity standard for data privacy. In this guide, we'll show you how to perform compliance checks to maintain AWS SOC 2 standards.

10 Best Practices for Enforcing SaaS Security on GitHub for Enterprises

There are many settings and best practices you can follow to maintain a secure GitHub organization. In this guide, we walk through 10 rules you can enforce to reduce your security risk.

Applying the NIST Cybersecurity Framework to AWS Environments

The NIST Cybersecurity Framework provides guidance to help organization follow security best practices. In this guide, we'll show how you can apply the NIST CSF standards to your AWS environment.

Securing Your GCP Account Using Forseti Security Controls

Forseti Security, a collection of open source tools for GCP, helps companies maintain a strong security posture by providing guidance on which controls should be enabled. In this guide, we'll show how you can check your GCP environment to identify gaps.

Aligning Your AWS Account with the FFIEC Cybersecurity Standards

The Federal Financial Institutions Examination Council (FFIEC) have established cybersecurity standards, which require certain controls to be enabled in AWS. In this guide, we'll show you how to check your AWS environment for compliance.

Detecting and Remediating Okta Impossible Traveler Alerts

If the same Okta user logs in from different places so far apart it would be impossible, this suspicious activity should be investigated. In this guide, we'll show you how to detect and remediate "impossible traveler" alerts.

How to Check if All Azure Users Have MFA Enabled

If your organization is using multi-factor authentication to secure your Azure account, it's important that all users have this security setting enabled. In this guide, we'll show you how to find any users without MFA enabled.

How to Validate that All Azure Storage Accounts are Encrypted

If you are using Azure Storage Accounts, it's important to verify that they are all encrypted properly. In this guide, we'll explain how to check the encryption status and remediate non-compliant storage accounts.

Securing Google Drive Files with Excessive Permissions

Publicly-exposed or overly-permissive files in Google Drive accounts at your organization could be big security risk. In this guide, we'll show you how to maintain a secure Google Drive posture.

Checking Your Azure Account Against the CIS Benchmarks

The CIS benchmarks for Azure are a comprehensive collection of security best practices for the platform. In this guide, we'll explain how to use the benchmarks report to check these controls in your Azure account.

How to Find and Update Public EC2 AMIs in AWS

If you have public AMIs in your AWS account, they might be exposing sensitive information about your applications. In this guide, we'll show you how to find and update public AMIs to private.

Investigating Suspicious Events in Okta

Suspicious events in Okta could be harmless false alerts or early indicators of a malicious attack. In this guide, we'll explain a bit about the types of suspicious events and show how security teams can respond to them.

Copying an Azure VM Instance to Another Region

If you encounter computing issues in a certain area, it's helpful to have backup instances ready. In this guide, we'll show you how to prepare by copying Azure VM instances from one region to another.

How to Get User Activity From Your GCP Logs

If one of your employees has their account compromised, being able to quickly see their GCP user activity can help you assess the threat. In this guide, we'll show you how to quickly get a user's activity logs from GCP.

How to Search for an IOC Across Devices in CrowdStrike

If malware is detected on one device at your organization, it might not be the only one. In this guide, we'll show you how to search whether any other devices have encountered the same IOCs.

How to Contain an Endpoint with CrowdStrike

When malware is detected on a device, you can contain that endpoint with CrowdStrike to reduce your risk. In this guide, we'll show you how to take these containment steps.

How to Find and Remove Inactive CrowdStrike Falcon Sensors

Cleaning up inactive sensors in CrowdStrike ensures that you aren't paying for resources you are not using. In this guide, we'll show you how to identify and clean up inactive sensors.

How to Get User Activity From Your Azure Logs

When dealing with a security incident, getting relevant activity logs can help your team understand the scope of the threat. In this guide, we'll show you how to get the activity logs for a given user in Azure.

How to Rollback Your Kubernetes Deployment

If a new Deployment to your Kubernetes cluster is not stable, you may want to rollback to a prior version. In this guide, we'll show you how to do this with kubectl commands.

How to Check Your GCP Account for Compliance with the CIS v2 Benchmark

The CIS Benchmarks for GCP are a collection of 400 security best practices. In this guide, we'll explain the basics of the latest version of CIS Benchmark for GCP and how you can check for compliance with Blink.

How to Block Project Access for a Given User or Group in GCP

If you are dealing with a security event, you may want to block a user or group's access to a GCP project. In this guide, we'll show you how to block access using the GCP Console and CLI.

How to Remove a Member from Your Organization in GitHub

If someone's account is compromised or if they are leaving your organization, it's important to remove them from your GitHub organization in a timely manner. In this guide, we show you the steps to take action fast.

How to Verify IOCs and Enrich Your Incident Response with VirusTotal

When malware is detected, you can use tools like VirusTotal to get more information. In this guide, we'll show you how to get more information on IOCs using VirusTotal.

Giving a New Repository Access to an Organization Secret in GitHub

If you have organization-level secrets in GitHub, you may need to update the secret settings when you create a new repository that needs access. In this guide, we'll show you the steps for updating your secrets.

How to Find and Remove Unused Security Groups in AWS

It's important to regularly identify and remove any security groups in your AWS account that are not being used. In this guide, we'll show you how to find and delete unused security groups.

How to Find Unused Network Access Control Lists (ACLs) in AWS

If you have network access control lists that you are not using, it's a best practice to clean them up. In this guide, we'll show you how to find and delete unused ACLs in AWS.

How to Ensure Public Access is Disabled On Your EKS Cluster

New AWS EKS clusters, by default, have a publicly-accessible endpoint. In this guide, we'll show you how to secure your EKS cluster by removing public access.

How to Launch Spot Instances with Your AWS EC2 Auto Scaling Group

Incorporating Spot Instances into your EC2 Auto Scaling strategy can help you significantly lower your costs. In this guide, we'll show how you can launch Spot Instances with your EC2 Auto Scaling group.

How to Migrate from AWS EC2 Launch Configurations to Launch Templates

Starting in 2023, AWS launch configurations are no longer supporting newly-released EC2 instance types. In this guide, we'll show you how to migrate your launch configurations to launch templates.

How to Create AWS EC2 Launch Templates with Public IP Address Assignment Disabled

By default, launch templates will assign a public IP address to new instances. In this guide, we show how you can block public access by configuring your launch template settings.

How to Find and Delete Unused AWS Secrets

If you have unused AWS secrets in your account, you are paying a monthly charge for no reason. In this guide, we'll show you how to detect and remove unused AWS secrets to lower your cloud costs.

How to Boost Performance with EBS-Optimized Instances in AWS

By enabling EBS-optimization, you can guarantee a certain level of performance between your EBS volumes and EC2 instances. In this guide, we'll show you how to find instances without it enabled so you can update them.

How to Upgrade Your GKE Cluster to the Latest Version

Upgrading your GKE clusters is an important way to ensure that you have the most secure, efficient cluster possible. In this guide, we'll show you how to manually upgrade GKE clusters.

How to Add Collaborators to Your GitHub Repository

You may have projects where you need to add outside collaborators to your GitHub repositories. In this guide, we'll show you how to add collaborators with the GitHub UI and the GitHub API.

How to Enable Autoscaling for a GKE Cluster

When autoscaling is enabled, your GKE cluster will be more responsive as workloads change and scale down to lower costs when it can. In this guide, we'll show you how to enable autoscaling.

How to Block Public Access to an Individual S3 Bucket

Publicly accessible S3 buckets could pose a security risk for your organization. In this guide, we'll show you how you can block public access at the bucket-level in AWS.

Setting Up Automatic Key Rotation in GCP

Automatic key rotation in GCP is useful way to reduce your security risk. In this guide, we'll show you how to set up automation key rotation.

How to Manually Rotate Keys in GCP

If there's a chance a key in your GCP account has become compromised, you'll want to manually rotate keys right away. In this guide, we'll show you the steps to rotating keys manually in GCP.

Syncing User Groups Across Platforms with Blink Automation

When you adjust user groups in one platform, how do you ensure those changes are reflected in other tools? In this post, we share how the team at Non-Fungible Labs went about solving this problem using Blink automations.

How to Find and Remove Unused AWS Passwords

If you have more AWS login profiles than you need, those unused passwords could become a security liability. In this guide, we'll show you how to find and delete unused passwords in AWS.

How to Find and Remove Unused AWS Access Keys

It's a good security practice to keep AWS access keys to a minimum. In this guide, we'll show you how to find unused access keys in AWS and remove them.

Rotating Access Keys for Your Azure Storage Account

It's a good security practice to regularly rotate the access keys for your Azure storage accounts. In this guide, we'll show you how to do it with the Azure portal and Azure CLI.

Finding and Deleting Unused AWS IAM Roles

If you have IAM roles in your AWS account that are not being used, they could be a security liability. In this guide, we'll show you how to find unused IAM roles and remove them.

How to Rotate Access Keys for AWS IAM Users

Rotating access keys is an important security practice to mitigate against compromised credentials. In this guide, we'll show you how to manually rotate access keys for IAM users in AWS.

How to Enable Additional Context for Microsoft Authenticator MFA Notifications

Strong MFA settings are an important way to boost your organization's security posture. In this guide, we'll show you how to enable additional context to show up on all MFA notifications.

Using a HashiCorp Terraform Cloud Run Task Webhook Trigger in Blink: Event-Based Approvals Flows

HashiCorp Terraform Cloud Run Tasks help you integrate external services into your IaC workflows. Now, you can trigger Blink automations with events from Terraform using run tasks.

How to Enable MFA Number Matching for All Azure Users

One way to strengthen your organization's security posture is by enabling MFA number matching for all Azure users. In this guide, we'll show you how to set it up for Microsoft Authenticator.

How to Create On-Demand and Automatic Backups of Cloud SQL Instances

Backing up your Cloud SQL instances is an important practice to ensuring you don't lose data if something goes wrong. In this guide, we'll show you how to create manual and automatic Cloud SQL backups.

Creating and Adding Labels to GitHub Pull Requests and Issues

Labels in GitHub are a helpful way to organize and communicate the status of your pull requests. In this guide, we'll show you different ways to create labels and add them to your pull requests.

How to Deactivate a Lost MFA Device for an AWS IAM User

If one of your AWS users loses their multi-factor authentication device, it's important to deactivate it right away. In this guide, we'll show you how to identify and remove lost MFA devices.

Troubleshooting Your NGINX Ingress Controller

If you are running into issues with your NGINX Ingress controller, it could be due to one of several potential causes. In this guide, we'll walk you through the troubleshooting steps to identify your issue.

Troubleshooting the Ingress for Your Kubernetes Cluster

If you have an issue with your Kubernetes cluster, and you have already checked your Pods and Service, the issue might be the Ingress. In this guide, we'll show you how to troubleshoot at the Ingress level.

Switching from gp2 Volumes to gp3 Volumes to Lower AWS EBS Costs

If you are using gp2 volumes in AWS, you could achieve 20% cost savings by switching over to newer gp3 volumes. In this guide, we'll show you how to make this change to lower your EBS costs.

How to Scale Down AWS EKS Clusters Nightly to Lower EC2 Costs

Are you running non-production EKS clusters on EC2 instances? In this guide, we'll show you how you can scale them down nightly to lower your cloud costs.

Getting a List of "AccessDenied" Events with Users and Source IP Addresses

Tracking "AccessDenied" errors in your AWS account is a useful way to identify security threats and optimize your IAM permissions. In this guide, we'll show you how to get a list of these recent events.

Copying an Existing EC2 Instance to Another Region

Copying EC2 instances from one region to another is one way to increase resilience in case of a resource failure. In this guide, we'll walk through how to copy an EC2 instance from one region to another.

Checking that Enhanced Monitoring is Enabled on Your RDS Instances

Enhanced Monitoring lets you view real-time performance metrics and catch issues earlier. In this guide, we'll find any RDS instances that don't Enhanced Monitoring enabled and turn it on.

How to Create GCP Disk Snapshots and Snapshot Schedules

Snapshots in GCP are an important tool for backing up data and ensuring resilience. In this guide, we outline the steps for creating snapshots and snapshot schedules for GCP disks.

How to Find and Remove Old EBS Snapshots

Cleaning up old EBS snapshots is a good way of reducing clutter and lowering your storage costs. In this guide, we'll show you how to find certain EBS snapshots and delete them.

How to Pause Your AKS Clusters Nightly

If you are running non-production AKS clusters, you might not need them operating 24 hours per day. In this guide, we'll show you how to stop your clusters at night and restart them in the morning to lower your Azure costs.

Finding and Removing Unused Azure Virtual Network Gateways

If you have unused Azure virtual network gateways, it's important to remove them to lower your cloud costs. In this guide, we'll show you how to find and remove them.

Creating an Approval Process for Helm Charts on your Kubernetes Clusters

Before you install Helm Charts on your Kubernetes clusters, you should make sure that the chart has been checked for quality and security gaps. In this guide, we talk through how to set up an approval process for Helm Charts.

How to Find and Remove Old Azure Snapshots

If you have Azure snapshots in your account that are outdated, you can clean them up to lower your monthly cloud costs. In this guide, we'll show you how to find and delete these snapshots.

How to Find and Remove Old GCP Disk Snapshots

If you have GCP snapshots you no longer need, removing them is a great way to lower your cloud costs. Here's a guide on how to find and remove old GCP snapshots.

Using Okta to Validate VMware Workspace ONE Installation Compliance

If your organization is using VMware Workspace ONE for device management, you need to validate that all active users in your organization have it installed. Here are the steps to do that using Okta.

Optimizing Costs for Long Running Azure VMs with Reserved Instances

One way to optimize your Azure cloud costs is by finding long running Azure VMs and utilizing Reserved Instances instead. In this guide, we'll show you how.

Lowering Costs for Long Running GCP Instances with Committed Use Discounts

The costs for long running GCP Instances can be high. In this guide, we show you how to find long running instances and apply committed use discounts to lower your cloud costs.

Lowering Costs on Long Running AWS EC2 Instances

If you have long running Amazon EC2 instances, you may want to consider applying Reserved Instances to lower your cloud costs. Here are the steps.

Finding and Resizing Amazon EC2 Instances with Low CPU Usage

If your EC2 instances are averaging a low max CPU utilization, you may be able to save costs by resizing them. Here are the steps to finding and resizing low CPU usage EC2 instances.

Finding and Removing Unattached GCP External IP Addresses

Unattached external IP Addresses in GCP are a recurring charge on your monthly bill. Here's how you can find and remove them so you can lower your cloud costs.

Finding and Resizing Azure Virtual Machines with Low CPU Usage

If your Azure Virtual Machines are operating at a low usage rate, you might be able to resize them and lower your cloud costs. Here are the steps for finding and resizing low CPU usage VMs.

Finding and Resizing GCP Compute Instances with Low CPU Usage

Monitoring your GCP instances is critical to ensuring that you are optimizing your cloud resources. If you have instances with consistently low CPU usage, you may be able to resize them and reduce your costs.

How to Pause Your GKE Cluster Nightly

If you have non-production GKE clusters, you might be able to reduce your cloud costs by pausing them at night and restarting them the next morning. In this guide, we show you the steps to do it.

Finding and Removing Unattached AWS Elastic IP addresses

Unattached Elastic IP Addresses can add extra costs to your monthly AWS bill. In this guide, we'll show you how to find and remove unneeded Elastic IP addresses.

Detaching an AWS EC2 Instance from its Auto Scaling Group and Load Balancer

To perform routine maintenance and testing on an EC2 instance, you'll want to detach it from its Auto Scaling group and load balancer first. Here is how.

How to Detect and Remove Unattached Azure Public IP Addresses

For each Azure public IP address your organization uses, there is a small hourly cost. In this guide, we'll show you how to find and remove unused public IP addresses.

Checking that Google Workspace Users Have JumpCloud Installed on Work Devices

In this guide, we'll show you how to run a compliance check to validate that your Google Workspace users have installed JumpCloud on at least one of their devices.

Using Okta to Validate JumpCloud Installation Compliance

JumpCloud helps ensure that all employees keep their devices secure and updated. In this guide, we'll show you how to find users in your Okta directory who have not installed JumpCloud yet on one of their devices.

Troubleshooting Your Kubernetes Service Deployment

If you run into issues with your Kubernetes deployment, you might have a problem with your Service configuration. In this guide, we'll show you the steps to troubleshoot your Service.

Blocking SHA-2 and MD5 Hashes with CrowdStrike Falcon

If your team is using CrowdStrike Falcon for endpoint detection and response, you'll want to keep an up-to-date list of blocked hashes. In this guide, we'll show you how.

Managing IAM Policies with the Google Cloud CLI

IAM policies are a critical aspect of managing access to your resources in Google Cloud. In this guide, we'll show how you can add and remove IAM policies using the Google Cloud CLI.

Updating and Managing User Permissions with the Google Cloud CLI

There are many ways to use the Google Cloud CLI tool to script common activities. In this guide, we show how to assign roles to a new user and add them to a group.

Finding and Disabling Non-Active Users in Azure

Non-active users in your Azure account might be costing your organization money and introducing security risks. In this guide, we'll show you how to find and delete non-active users.

Identifying Azure Users with Non-Compliant Password Expiration Settings

Many organizations have a security requirement that user passwords must expire and be changed after a certain period. Here is how you can find Azure users with non-compliant password settings.

Managing Policies with the Azure CLI

Policies are an important aspect of managing your Azure cloud and governing your resources intelligently. In this guide, we'll show how you can use the Azure CLI to make quick updates to policies.

Getting and Deleting Orphaned Secrets with Kubectl

Orphaned Secrets can be a security liability and waste memory and storage in your cluster. In this guide, we'll show you how to locate and delete orphaned Secrets using kubectl commands.

Finding and Deleting Orphaned ConfigMaps

Orphaned resources like ConfigMaps can add clutter to your Kubernetes cluster. In this post, we'll show you how to find and remove unused ConfigMaps using kubectl commands.

Using the Azure CLI To Update and Manage User Permissions

The Azure CLI is a great tool for scripting updates to user permissions. In this guide, we'll walk through the basics of roles and groups and the common commands.

How to Build a Multi-Workspace Slack Application in Go

This hands-on article documents my experience building a Slack integration application. You can use this post as a general how-to guide for building a similar Slack application.

Detecting AWS DynamoDB Tables With Stale Data

If you are using Amazon DynamoDB, stale data might be costing your organization money. In this post, we'll explain how to find and handle stale data.

Run Containers Securely with gVisor on EKS

At Blink, we needed a solution for running Pods on EKS cluster in full isolation, not just for the network, but for system calls as well. This blog post describes how we used gVisor to create a solution.

Ensuring AWS CloudWatch Log Groups Have Set Retention Periods

If your log groups don't have the right rules in place, you could be paying unnecessary storage costs. In this guide, we'll show how you can find and fix AWS CloudWatch log groups without retention policies.

Following the Best Practices for Kubernetes Pod Security

Is your organization following the best practices when it comes to Kubernetes? In this post, we'll outline security practices that can keep your clusters safe.

Tracking Down Amazon Load Balancers With No Target

AWS load balancers with no targets might quietly be costing your organization money. In this guide, we'll show you how to find and delete unused load balancers.

Lowering AWS CloudTrail Costs by Removing Redundant Trails

Redundant trails can inflate how much your organization has to spend for AWS CloudTrail. In this post, we'll show you how to find and remove unneeded trails.

How to Find EC2 Instances Scheduled To Retire Soon

To avoid unexpected interruptions, it's a good practice to check to see if you have any EC2 instances scheduled to retire. Here are the steps for locating and handling these EC2 instances.

Using Git Sizer to Inform Your Git Repository Management

To avoid unexpected delays and performance issues, it's important to track the size of your repos. In this post, we'll share how the open-source tool Git Sizer can help.

Checking S3 Bucket Encryption Compliance Across Your AWS Account

S3 encryption is critical for keeping your data safe. In this guide, we'll show you how to check and implement S3 encryption best practices.

Securing Publicly Accessible Amazon RDS Snapshots

If you're using Amazon RDS, you need to ensure that RDS instances and RDS snapshots are both not publicly accessible. In this guide, we'll show you how to secure your RDS snapshots.

Tracking Down Amazon RDS Instances That Are Publicly Accessible

Are your Amazon RDS instances vulnerable? In this post, we show you how to check that your RDS instances are not publicly available and vulnerable.