As a Cloud Security Engineer, there's a set of tools I always install when setting up a new device—usually a MacBook, though most of these tools are OS-agnostic.

Just a heads-up: I won’t be including Tmux, Sublime, Python AWS CLI, and VSCode. If you're new to Cloud Security, consider these the essentials, the ones you'd automatically install.

Homebrew: The Missing Package Manager for macOS. The first thing I do on a shiny new MacBook is install Homebrew; it makes installing 99% of other software easier using the command line.

Bitwarden: My go-to password manager. Remembering passwords is so 1999, and who doesn’t love open source? Honestly, I don’t really trust any password manager, but Bitwarden is the one I trust the most.

Amphetamine: Keeps my MacBook awake longer than I am. Handy for maintaining a docker build or anything that requires a network connection.

AWS Vault: Like having a Swiss bank vault for your AWS credentials. If you're constantly hopping between AWS roles, it makes life much easier and much more secure.

GPG Keychain: Essential for anyone new to Cyber Security to learn about asymmetric encryption. GPG Keychain is what I use when I need to seal my digital letters (usually a sensitive file) with a wax seal, ensuring only the intended recipient can read my musings. The GUI makes local key management much easier.

Docker: I've recently started a new job and have been using Docker for every proof of concept and new app I try. It's accelerated my learning, and hey, tidy tools lead to tidy minds. Combining Docker images with AWS ECS is a win for automation.

Terraform: Lets me play god with my cloud infrastructure, until I'm brought back down to earth when a plan fails because I haven't declared something correctly. Seriously though, Infrastructure as Code (IaC) is the foundation of infrastructure security. I implore you to learn it.

Little Snitch: "Makes these Internet connections visible and puts you back in control!" By monitoring your network traffic, Little Snitch ensures nothing sneaks by without your permission. Think of it like a local firewall.

Scout Suite: An old colleague introduced me to Scout Suite early on, and honestly, it's just so handy for cataloging your cloud estate—not even its intended purpose, but a happy accident.

Okay, but where do I get started with some of these tools?

My eBook - It includes several tools, simply broken down into bite-size chunks.

Tech One Twenty

“A Practical Breakdown: Understanding Cloud & Security with simple Projects you can do at home.”

Thank you for reading: Keep it secure, keep it light-hearted!

WJPearce - CyberBrew