This is awsmatt.com.

I’ve spent the better part of two decades working in cybersecurity — building teams, responding to incidents, designing architectures, and trying to make sense of an ever-expanding cloud attack surface. Most of that work has lived in private reports, internal wikis, and slide decks that nobody reads twice.

This site is an attempt to change that. A place to publish the things I’m researching, the tools I’m building, and the lessons I keep re-learning about securing AWS environments.

What to expect

Research articles — deep dives on AWS misconfigurations, IAM pitfalls, service-specific attack surfaces, and defensive patterns. The kind of detail that doesn’t fit in a LinkedIn post.

Tools — small, focused utilities for AWS security assessment. Open source, practical, and built to solve real problems I encounter in the field.

Guides — step-by-step walkthroughs on hardening, detection, and incident response in AWS. Enough detail to follow along in your own account.

Quick takes — shorter posts covering AWS security news, service updates, and the occasional opinion.

Why now

The cloud security space moves fast. AWS releases new services and features at a pace that makes it genuinely difficult to keep up with the security implications. I’ve found that writing things down — properly, publicly — forces a level of rigour that internal notes don’t demand.

If any of this is useful to you, that’s a bonus.

More soon.