Given the wide the adoption of Agentic AI, I have found have that you can adopt those aspects you learn from the Josh's project that you can actually utilize what you learned across all popular cloud providers. I am planing on utilizing something similar, but instead of claude code I am utilizing N8N which is a great alternative that you can apply to something like this. Otherwise, they are both great tools for your purposes in cloud security. I am also using the GCP Cli to integrate with this as well with wazuh, firewalls, virus total api, and self healing for the host machine. I give credit to Josh is community and I think he is an excellent resource to learn on your cyber security journeys you embark on towards cloud security. 🙂 Thank you

Air Canada's chatbot invented a bereavement refund policy. A tribunal made them honor it. A Chevy dealer's bot got prompt-injected into appearing to agree to sell a Tahoe for $1, and the screenshots were on every tech feed by dinner. Those were the public ones. The customer-facing ones. The ones we laughed at. The agents getting wired into your cloud right now have a much bigger blast radius: – A Slack bot with read access to S3 that summarizes "any file a teammate drops in #ops" – A Jira agent with an IAM role that can spin up infra to "help triage tickets" – A Copilot-style assistant with Graph API scopes across SharePoint, Outlook, and Teams – An IR copilot reading raw CloudTrail and GuardDuty findings into its context window Every one of those is a prompt-injection sink. And the version that bites cloud teams isn't the direct kind — it's indirect injection: the attacker never talks to your agent. They leave a string somewhere your agent will read. A malicious filename in a bucket. A poisoned Jira description. A calendar invite with hidden instructions. A log line crafted to look like a system prompt. Microsoft already shipped a CVE this year for exactly this — EchoLeak / CVE-2025-32711, zero-click data exfil out of Microsoft 365 Copilot. That's the category, not an outlier. The control surface most people skip: the agent's IAM role and OAuth scopes are the actual blast radius — the prompt layer is just where the attacker pulls the trigger. If you're a Terraform shop, that means scoped roles, tight trust policies (ExternalId, condition keys, session tags), no * on the resource side, and tool allowlists that are deny-by-default with an audit log on every call. The prompt-side filters are a backstop, not the perimeter. This is what "we'll figure out AI security later" actually costs in a cloud shop: – An agent with an over-scoped IAM role does something that lights up a SOC 2 CC6.1 finding – Customer data leaves through a model context window instead of an S3 bucket policy – Your detection stack never fires because the "attack" is just text.

If you’re feeling overwhelmed choosing a path… this will help. You don’t need to decide everything yet. 👉 You just need to narrow it down. 🔹 The 3 Core Categories 🛠️ Builders For people who like: - Coding - Automation - Building systems Example roles: - Cloud Security Engineer - Security Automation Engineer - AppSec Engineer 🚨 Defenders For people who like: - Investigating incidents - Threat hunting - Fast-paced environments Example roles: - Detection Engineer - Incident Response - Threat Intelligence - Cloud Pen Tester 🧭 Strategists / Frontier For people who like: - Big picture thinking - Risk & compliance - Designing systems Example roles: - GRC Analyst - Cloud Security Architect - AI Security Specialist 🔎 How to Use This Don’t treat this like a final decision. Use it as a filter: ✔ Pick 2–3 paths ✔ Explore those deeper ✔ Ignore everything else (for now) ⚡ Clarity comes from focusing — not from trying to learn everything.

Your CFO pastes a forecast into ChatGPT. Your PM runs customer tickets through Claude. Your engineer drops code into a coding assistant with an API key still in the config. None of it is malicious. All of it is happening. What we want to know from you: – Are you trying to detect it, block it, or govern it? – What's actually working? – What question keeps coming back that nobody has answered well? Drop it here and I'll bring the sharpest ones into the next session: https://pillar-security.notion.site/39b698e30aae46419df70838da036cd9?pvs=105

Get started building in the cloud! This is your gateway to a lot of amazing things... ☁️ 🔗 Notion Walkthrough Page