Sending Events (Like GuardDuty) from CloudWatch to Lambda Someone [...]
ALERT to FIX in a MINUTE As Rich and I have [...]
In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. Today I want to dive into one of the best parts of Security Hub — taking actions on events and findings.
In our last post we covered getting started with Security Hub and how to set up an optimized configuration, including prepping forward findings for alerting or remediation. Now although we’ve introduced the core capabilities, in this post we’ll walk through the different parts of the console...
Continuing our dive into AWS Security hub let’s jump into setting up. Don’t worry, I won’t just rehash the AWS documentation; this post will cover our recommended configuration, how to push findings and events back into your security infrastructure...
Advanced Techniques for Defending AWS ExternalIDs and Cross-Account AssumeRole [...]
Easy Does It — Understanding Object Storage Public Data [...]
Hitting PaaS on Inadvertent Cloud Database Exposure As we [...]
Unseen Exposure – Tackling the Pervasive Server Remote Access [...]
Don’t Start Static – Mitigating Cloud API Credential [...]