Matt Dean2019-09-10T15:16:50+00:00September 9th, 2019|
Yes, Finding Public S3 Buckets Is Automated and Easy Attackers are automating the discovery of public AWS S3 buckets. Are you automating your security defense? We found a list of over 60,000 public S3 buckets.
What You Need to Know About AWS Security Monitoring, Logging, and Alerting In terms of AWS security, first the good news: Amazon Web Services offers an impressive collection of security monitoring and logging capabilities.
Configuration mistakes. This is not a new issue. IT and Security Operations teams have been struggling with managing configurations for as long as they have existed. As organizations start down the cloud path, the problem becomes more acute. There are simply too
Over the past year I’ve seen a huge uptick in interest for concrete advice on handling security incidents inside the cloud, with cloud native techniques. As organizations move their production workloads to the cloud, it doesn’t take long
One of my favorite movie quotes of all time is from Cool Hand Luke: “What we’ve got here… is failure to communicate.” It’s so apropos because better communication could help avoid a majority of problems -- at work and in life. Alas, a
As we return to our Cloud Security Center of Excellence series, we talked about the need for a CoE structure as well as our preferred organizational model. Now let's dig in a bit more and discuss a bit more specifically
One of the most difficult problems in cloud security is building comprehensive multi-account/multi-cloud security monitoring and alerting. I’d say maybe 1 out of 10 organizations I assess or work with have something effective in place when I first show up.
The 3-Step Process to Start Monitoring Your AWS Cloud Environments The following recommendations will help you outline a path to setting up a proper monitoring program for your AWS instances or cloud environments. Before we jump into our best practices