---
title: "Security Model Citizen Development"
id: "12617"
type: "podcast"
slug: "security-model-citizen-development"
published_at: "2022-05-26T10:00:00+00:00"
modified_at: "2026-05-17T00:04:57+00:00"
url: "https://www.lastweekinaws.com/podcast/last-week-in-aws-podcast/security-model-citizen-development/"
markdown_url: "https://www.lastweekinaws.com/podcast/last-week-in-aws-podcast/security-model-citizen-development.md"
taxonomy_shows:
  - "Last Week In AWS Podcast"
---

About the Author Corey is the Chief Cloud Economist at Duckbill, where he specializes in helping companies improve their AWS bills by making them smaller and less horrifying. He also hosts the "Screaming in the Cloud" and "AWS Morning Brief" podcasts; and curates "Last Week in AWS," a weekly newsletter summarizing the latest in AWS news, blogs, and tools, sprinkled with snark and thoughtful analysis in roughly equal measure.

[https://podcasts.apple.com/us/podcast/aws-morning-brief/id1466344305](https://podcasts.apple.com/us/podcast/aws-morning-brief/id1466344305)

[https://overcast.fm/itunes1466344305/aws-morning-brief](https://overcast.fm/itunes1466344305/aws-morning-brief)

[https://pca.st/AKs0](https://pca.st/AKs0)

[https://podcastaddict.com/podcast/2382583](https://podcastaddict.com/podcast/2382583)

[https://open.spotify.com/show/3A04JNrNAcZMvn8cvDWpWU](https://open.spotify.com/show/3A04JNrNAcZMvn8cvDWpWU)

[https://feeds.transistor.fm/aws-morning-brief](https://feeds.transistor.fm/aws-morning-brief)

## Episode Summary

Last week in security news: a deep dive into Google Cloud Build, Andrea Brancaleoni found an ELB header security issue, AWS Security Maturity Model is a little controversial, and more!

## Episode Show Notes & Transcript

**Links:**

- [Google Cloud Build](https://irsl.medium.com/google-cloud-build-under-the-hood-bc00c68ad9de) deep dive
- [Andrea Brancaleoni](https://twitter.com/njoyneer/status/1526593840928411650?s=12&t=ZtHBuiAyHnB3cwaVR5w52w) found an ELB header security issue
- An article on [You Can't Opt Out of Citizen Development](https://www.darkreading.com/edge-articles/you-can-t-opt-out-of-citizen-development)
- [DOJ Announces It Won’t Prosecute White Hat Security Researchers](https://www.vice.com/en/article/v7d9nb/department-of-justice-security-researchers-new-cfaa-policy)
- [Choosing the right certificate revocation method in ACM Private CA](https://aws.amazon.com/blogs/security/choosing-the-right-certificate-revocation-method-in-acm-private-ca/)
- a somewhat... controversial [AWS Security Maturity Model](https://maturitymodel.security.aws.dev/en/model/)
- [AWS API calls that return credentials](https://gist.github.com/kmcquade/33860a617e651104d243c324ddf7992a) on GitHub

 View Full Transcript  Hide Full Transcript

## You might also like

[More Podcast Episodes](https://www.lastweekinaws.com/podcast/last-week-in-aws-podcast/)

### [M3 Ultra Macs, Claude Platform, and 619 New APIs Walk Into a Bar](https://www.lastweekinaws.com/podcast/last-week-in-aws-podcast/m3-ultra-macs-claude-platform-and-619-new-apis-walk-into-a-bar/)

Last Week In AWS Podcast

05.18.2026

7 Minutes

[Listen Now](https://www.lastweekinaws.com/podcast/last-week-in-aws-podcast/m3-ultra-macs-claude-platform-and-619-new-apis-walk-into-a-bar/)

### [AI-Native Foundations and the CVEs That Love Them](https://www.lastweekinaws.com/podcast/last-week-in-aws-podcast/ai-native-foundations-and-the-cves-that-love-them/)

Last Week In AWS Podcast

05.11.2026

7 Minutes

[Listen Now](https://www.lastweekinaws.com/podcast/last-week-in-aws-podcast/ai-native-foundations-and-the-cves-that-love-them/)

### [Bedrock Bags OpenAI, Q Developer Bags Groceries](https://www.lastweekinaws.com/podcast/last-week-in-aws-podcast/bedrock-bags-openai-q-developer-bags-groceries/)

Last Week In AWS Podcast

05.04.2026

9 Minutes

[Listen Now](https://www.lastweekinaws.com/podcast/last-week-in-aws-podcast/bedrock-bags-openai-q-developer-bags-groceries/)