Foundra Blog
Practical articles on digital sovereignty, security & governance—for teams building and operating platforms in regulated environments.
Blog · Cloud Compliance
BSI Publishes C3A: New Sovereignty Criteria for Cloud Services
With the Criteria enabling Cloud Computing Autonomy (C3A), the BSI provides a framework for evaluating the sovereignty characteristics of cloud services.
Blog · Application Security
OWASP Top 10 (2025) and AWS WAF: Putting Managed Rules in Context
This blog post provides a pragmatic mapping of the OWASP Top 10 (2025) to the managed rule groups of AWS WAF, including anti-DDoS rules. We explain what the WAF can enforce, where its limitations lie, and how it can be operated in an auditable manner.
Blog · Governance Automation
IAM Auto-Remediation: Enforcing Least Privilege Automatically
Technical guide: detect over-privileged IAM roles (e.g., AdministratorAccess) and remediate automatically-using CloudTrail, EventBridge, Access Analyzer (ValidatePolicy), and CDK.
Blog · Digital Sovereignty
The Three Pillars of Digital Sovereignty
Why true digital sovereignty is an architectural outcome: technological independence, security & governance, and auditability & explainability - designed as one system.
Blog · AI Governance
AI-TRiSM: Trustworthy AI as an Architectural Principle
AI-TRiSM unifies trust, risk, and security: explainability & monitoring, ModelOps, AI application security, and privacy-treated as one system for regulated AI.