Real-world security,
no fluff.
Practical guides, deep-dives, and hard-won lessons on securing modern infrastructure — AWS, DevSecOps, and beyond.
Security knowledge, applied.
Secure Working is a technical blog covering the practical side of cloud security, infrastructure hardening, and DevSecOps — written by practitioners, for practitioners.
No vendor marketing. No recycled top-10 lists. Just detailed, hands-on content from real-world experience.
Learn more about this siteTrust
Topics & Focus Areas
Deep technical content across the security landscape
Cloud Security
AWS GuardDuty, Security Hub, IAM, and multi-account security at scale.
Security Tooling
Evaluating and deploying the tools that actually move the needle on your security posture.
Infrastructure as Code
Secure Terraform patterns, CDK constructs, and policy-as-code strategies.
Identity & Access
IAM roles, certificate management, SSO, and least-privilege at scale.
DevSecOps
Shifting security left — integrating controls into CI/CD pipelines without slowing teams down.
Detection & Response
Building detection coverage, managing alerts at scale, and effective incident response.