Skip to main content
HashnodeLeast PrivilegeLeast Privilege

Command Palette

Search for a command to run...

About

The blog

Least Privilege documents real AWS security patterns: what works, what breaks, and why it keeps breaking.

The name is deliberate. Least privilege is the most fundamental principle in AWS security and, consistently, the most ignored one in production. That gap between what we know and what we actually build is what this blog is about.

Who writes it

I'm Mario Gongora, a Cloud Security Architect with 12+ years in cybersecurity. I currently lead cloud security architecture for organizations across Latin America, working with AWS managed cloud services at scale.

My background spans Panama's national CSIRT, two years within the United Nations system (IOM), and enterprise cloud security across regulated industries. I also teach Security Incident Management at graduate level.

What I focus on:

  • AWS IAM, SCPs, and multi-account governance
  • SIEM/SOAR engineering on AWS native services
  • Incident response in multi-account environments
  • DevSecOps practices for teams under real constraints
  • Cloud governance for regulated industries

Why in English

The AWS security community is global. Writing in English lets these patterns reach beyond Latin America. But the problems, constraints, and context behind every article come from this region.