Experimented to fork AWS infra graph and simulate what breaks before you deploy
A new approach to cloud security is being explored that flips the traditional deploy-detect-respond workflow. By forking the AWS infrastructure graph, the method allows for simulation of potential security issues before deployment. This technique aims to enhance CI/CD workflows by integrating infrastructure consequence simulations.
- ▪The method connects to an AWS account and builds a topology graph of the infrastructure.
- ▪It keeps two copies of the infrastructure state: one real and one for mutations.
- ▪The simulation identifies new attack paths and security consequences before code merges.
Opening excerpt (first ~120 words) tap to expand
try { if(localStorage) { let currentUser = localStorage.getItem('current_user'); if (currentUser) { currentUser = JSON.parse(currentUser); if (currentUser.id === 3953551) { document.getElementById('article-show-container').classList.add('current-user-is-article-author'); } } } } catch (e) { console.error(e); } Ansh Sonkar Posted on May 27 Experimented to fork AWS infra graph and simulate what breaks before you deploy #aws #security #devops #cloud Cloud security still feels heavily deploy → detect → respond, so I wanted to try flipping the workflow. You connect an AWS account, Emfirge pulls infrastructure state across 18+ AWS services and builds a topology graph: SG → EC2 → IAM Role → S3 → RDS etc.
…
Excerpt limited to ~120 words for fair-use compliance. The full article is at DEV.to (Top).