Served fresh every Monday ยท since 2021
Every AWS security change, on one plate.
Blogs, CVEs, Reddit threads, and every single IAM and API change. We diff the whole AWS changelog each week and plate it into one short Monday read, so nothing moves without you noticing.
๐ฅ Palate Cleanser
Promises
The mains, served by humans
chef's pickPalate Cleanser
A sharp take on the week's biggest AWS security story, with the context a headline leaves out.
Chef's selections
The top 3 AWS security reads from across the web, each with a note on why it matters.
AWS security blogs
Every official AWS Security Blog post and security-relevant What's New announcement.
r/aws threads
The security discussions worth reading from r/aws, surfaced and summarized.
The dessert cart, every change tracked by machine
nobody else plates thisIAM permission changes
Every IAM action added or removed across every AWS service, week over week.
API changes
Every change to every AWS API, the signal buried in thousands of SDK updates.
Managed policy changes
Every AWS-managed IAM policy that changed, so a widening blast radius never slips past you.
CloudFormation changes
Every CloudFormation resource that changed, new properties and new risks.
Amazon Linux CVEs
Every published security advisory affecting Amazon Linux, in one list.
Security bulletins
All the AWS security bulletins that matter, collected as they drop.
Doc changes
Documentation edits with real security impact, the quiet changes that bite.
Sponsor shoutout
One relevant tool or service per issue. Clearly labeled, never sneaky.
๐ Sample the back catalog
Taste it before you subscribe.
Every issue is public and archived. No paywall, no premium tier, just five years of AWS security history to browse right now.
๐ข Word from the table
The people who write AWS security keep a seat here.
Nick FrichetteStaff Security Researcher, DatadogIf you're working in the AWS Security space and aren't subscribed, I highly encourage you to check it out.
Christophe Tafani-DereeperCloud Security Research, DatadogIf you're into AWS security, the AWS Security Digest Newsletter is a great way to stay up to date.
Aidan W. SteeleAWS Serverless HeroOne of the few newsletters where I read almost every issue.
๐ฝ๏ธ Before you sit down
Questions, answered.
Who is this for?
Anyone responsible for security in AWS: cloud security engineers, AppSec and platform teams, pentesters, consultants, and CISOs who want the signal without the firehose. If "what changed in IAM this week?" is a question you care about, it is for you.
What makes this different from the AWS What's New feed?
We do the part a feed cannot: a human reads everything, picks what matters, and explains why. Then we layer on machine-tracked changes, every IAM permission, API, managed policy and CloudFormation resource, that no official feed surfaces in one place.
How often does it land?
Once a week, every Monday. No drip sequences, no check-in emails. One digest, then we leave you alone until next Monday.
Can I read past issues without subscribing?
Yes. Every issue is public and archived, plus there is an RSS feed. Subscribe only when you want it delivered.
Who's behind it?
It is made by the team at Plerion, a cloud security platform. The newsletter stands on its own, with no product pitch in your inbox.
The whole week of AWS security,
on a plate every Monday.
6,700+ engineers, builders and CISOs let us diff the AWS changelog every week, so it never lands on their plate as a surprise.