But please don’t take the errors too seriously; sometimes they’re normal and expected behaviour from AWS.
Happy to read your feedback on this.
mamip.zoph.io/findings/
Just added a new section to the MAMIP webapp to review findings from AWS IAM Access Analyzer on ALL AWS Managed Policies.
These capabilities can sometimes yield interesting results and may even spoil upcoming AWS capabilities, etc.
Just added a new feature to MAMIP.
You can now search for known AWS accounts from the fwdcloudsec dataset.
Single webapp to look up AWS managed policy history, search known AWS account IDs, and more.
Give it a try.
It detects waste, low-signal assets, zombie infrastructure, incorrect sizing, forgotten volumes, idle load balancers, unused IPs, and more.
Same mission as day one: make cloud waste visible early, and keep AWS accounts under cost control over time.
- Weekly or daily scans in all regions
- AI-generated management reports for decision makers
- AI-Chatbot to discuss with your CSP bill
- A read-only IAM role, no agents, no risk
It no longer just lists resources.
The goal was simple: give ops teams visibility on what is actually running, and spot the unusual before the end of month AWS bill does.
7 years later, unusd.cloud has grown into a real FinOps SaaS:
- 700+ users
- 560+ connected AWS accounts
- 30+ detection types across 20+ AWS services
A few days ago, I found the very first commit of unusd.cloud.
Back then it was called Instance-Watcher.
The whole logic fit in one screenshot. A simple Python function using boto3 to send a daily HTML table of running EC2 instances across all AWS regions.
Red-armored toy soldier with skull emblem, holding a blaster and green vial, standing on a fiery stone fortress floor.
Coding in 2026 is like:
- Playing Starcraft with "Show me the money".
- \devmap q3tourney2 + \god in Q3.
- DNKROZ in Duke Nukem.
- IDDQD for Doom.
Your turn.
Next Stops in 2026:
- Multi-Cloud Support with Azure and GCP.
- Better historical comparison.
- New detections of unused services.
- CUR Deep Analysis.
- Keep on chasing. 🧡
5. Amazon SNS Integration to let you automate remediations.
6. Unused AWS Transfer Family detection.
7. Revamped WebApp and Landing Page.
Lately, we've added many new features to unusd, thanks to customers' feedback.
1. Navi - Our AI assistant to better understand your cloud spend.
2. Management Reports - C-Level reports (Org Wide).
3. Support of Savings Plans and RIs.
4. Drift Detection with advanced Algorithms.
Final Word
- Mimic: Choose when you need to evade blocking/detection
- WireGuard: Choose when you want speed and aren't worried about being blocked
WireGuard
- Fast, lightweight VPN protocol with strong encryption
- Easy to detect by network monitoring systems
- Excellent speed and battery efficiency on mobile
- Built into many modern VPN services
I knew about WireGuard, but what is Mimic (Avast)?
Mimic
- Disguises VPN traffic to look like normal web browsing
- Designed to bypass firewalls and censorship systems
- Slower performance due to traffic disguising techniques
- Better for accessing blocked social media in restrictive countries
December is generally a good time for gifts, and I have a special one for you.
We are glad to announce fwd:cloudsec Europe 2026: September 7th and 8th - London, UK 🇬🇧
More info to come early 2026. Stay tuned, folks.
Link: mamip.zoph.io
I've put a focus on brand new policies shipped by AWS (VersionId = "v1").
Just shipped a compagnon website for MAMIP, the tool that detects change made by AWS on IAM Managed Policy.
Let me know what do you think of this first version. I'm considering adding many new features in the next upcoming weeks.
Check out the full schedule here: fwdcloudsec.org/conference/...
Not in Berlin? No worries, you can join us live on YouTube: www.youtube.com/live/-a9Ts7...
It's going to be a packed day of sharp insights and real-world lessons for cloud security l33ts.
Just 2 hours to go before fwd:cloudsec Europe kicks off here in Berlin! 🇩🇪
We’ve got an incredible lineup of speakers this year covering the latest in cloud security, from IAM and supply chain risks to practical defense strategies.
Next move: Found a budget running watch. Any recommendations?
Keep moving, folks! 🏃
Links in the first comment.
- Statistics for Strava, a self-hosted (On Synology) container with tons of stats, dashboards, everything well presented, and Private. (See screenshots)
- As a previous NRC (Nike Running Club) user, I wanted to import my history of runs since 2011, and found on Reddit the perfect tool: Claim-NRC.
Since January, I've resumed running. It's part of my New Year's resolution: new gear and a more challenging routine after a seven-year pause and passing the 40-year milestone.
I'm now using Strava only to record my activities, and I've found a few cool FOSS initiatives that are game changers.
The lineup for fwd:cloudsec Europe is revealed, presenting a two-day event filled with top-tier presentations on a single track, alongside engaging "Birds of a Feather" discussion sessions. Sponsorship slots remain open.
fwdcloudsec.org/conference/...
See you there, folks! 🇩🇪
We need an always-on wearable device for this "assistant" use case. It's most useful when your hands are occupied, like when driving or doing DIY tasks.
My most-used assistant: Perplexity voice mode. What's yours?
We all agree that Alexa, Siri, and Google aren't yet equipped to handle these cases, and, with the rise of LLM, these assistants seem even less intelligent.
We are living in a unique time where core software technology is ready, but the hardware or device component is lacking.
Several times a day, I use an LLM for work-related questions, and at home, I often rely on voice interaction for personal queries.
Sometimes, stats are very painful to read.
You're sharing engaging content and OSS AWS projects, yet your blog's most popular post is an eight-year-old paper on interacting with the JIRA API using PowerShell.
Rude.
