Preventing the Next CapitalOne Cloud Breach
Configuration mistakes. This is not a new issue. IT and Security Operations teams have been struggling with managing configurations for as long as they have existed. As organizations start down the cloud
Breaking Attacker Kill Chains in AWS: IAM Roles
Over the past year I’ve seen a huge uptick in interest for concrete advice on handling security incidents inside the cloud, with cloud native techniques. As organizations move
Dev, Sec and Ops: Communications Breakdown
One of my favorite movie quotes of all time is from Cool Hand Luke: “What we’ve got here… is failure to communicate.” It’s so apropos because better communication could help avoid a majority
Cloud Security CoE Shared Services
As we return to our Cloud Security Center of Excellence series, we talked about the need for a CoE structure as well as our preferred organizational model. Now let's dig
Build Your Own Multi-Cloud Security Monitoring in 30 Minutes or Less with StreamAlert
One of the most difficult problems in cloud security is building comprehensive multi-account/multi-cloud security monitoring and alerting. I’d say maybe 1 out of 10 organizations I assess or work with
The 3-Step Process to Start Monitoring Your AWS Cloud Environments
The 3-Step Process to Start Monitoring Your AWS Cloud Environments The following recommendations will help you outline a path to setting up a proper monitoring program for your AWS instances
AWS vs. Azure vs. GCP: A Security Pro’s Quick Cloud Comparison
The Security Pro's Quick Cloud Comparison: AWS, Azure, or GCP? Over the past year I've noticed a very large uptick in production workloads, often from large organizations, moving beyond AWS
So, You Want to Start Monitoring Your AWS Account?
So, You Want to Start Monitoring Your AWS Account? Before implementing an AWS monitoring solution, address “What” and “Why”. Before we jump into our recommendations for best practices for monitoring
The Top 3 Reasons for Utilizing a Cloud Management Platform
The Top 3 Reasons for Utilizing a Cloud Management Platform Before implementing an AWS monitoring solution, address the “Whats” and “Whys”. An IT department gains many advantages by using the
The Top 10 Most Commonly Used Guardrails for Automating Routine Monitoring Tasks
The Top 10 Most Commonly Used Guardrails for Automating Routine Monitoring Tasks These are our top 10 most requested or frequently run ops that help our customers automate the routine
Cloud Security CoE Organizational Models
In the first post of our Cloud Security Center of Excellence series we covered the two critical aspects of being successful at cloud security: accountability and empowerment. Without accepting accountability to secure
Forming the Cloud Security Center of Excellence
We spend a lot of time talking to cloud security professionals, basically trying to figure out the best ways to get their jobs done in largely uncharted territory. Cloud
DisruptOps Product Update for February 25th, 2019
Hi everyone, We are in serious crunch time as we prepare to compete as a finalist in the RSA Security Conference Innovation Sandbox. For a startup like ourselves it doesn’t
DisruptOps Product Update for February 18, 2019
Before we get into this week’s details I want to thank all our beta testers for the great feedback. One of the harder parts of building a product is
DisruptOps Product Update for February 11th, 2019
Hi everyone, Welcome to our first official product update! Now that we are deep into our Beta testing we plan to publish these updates on a regular basis to
DisruptOps Selected as Finalist for 2019 RSA Conference Innovation Sandbox Contest
DisruptOps recognized for providing automated guardrails for multi-cloud infrastructures through its security operations platform. KANSAS CITY, MISSOURI – February 5, 2019 – DisruptOps today has been named one of
Something You Probably Should Include When Building Your Next Threat Models
We are working on our threat models here at DisruptOps, so I decided to refresh my knowledge of different approaches. One thing that quickly stood out is that nearly none
Three of the Most Crucial Sections That Make Up the DevSecOps Roadmap
As I mentioned in our (DevSec)Ops vs. Dev(SecOps) post, we’ve been traveling around to a couple of DevOpsDays conferences presenting our Quick and Dirty DevSecOps talk. One of the things I tend to start with
The 4 Phases to Automating Cloud Management
A Security Pro’s Cloud Automation Journey Catch me at a conference and the odds are you will overhear my saying “cloud security starts with architecture and ends with automation.” I
Consolidating Config Guardrails with Aggregators
In Quick and Dirty: Building an S3 guardrail with Config we highlighted one of the big problems with Config: you need to set it up in each region of each account.
Quick and Dirty: Building an S3 Guardrail with Config
In How S3 Buckets Become Public, and the Fastest Way to Find Yours we reviewed the myriad of ways S3 buckets become public and where to look for them. Today
DisruptOps Introduces Cloud Management Platform for Automated Security and Operations
Company secures $2.5 million seed round investment led by Rally Ventures Kansas City, MO — October 17, 2018 DisruptOPS Inc. today introduces its SaaS-based cloud management platform to implement automated
How S3 Buckets Become Public, and the Fastest Way to Find Yours
In What Security Managers Need to Know About Amazon S3 Exposures we mentioned that one of the reasons finding your public S3 buckets is so darn difficult is because there
Why Everyone Automates in Cloud
If you see me speaking about cloud it’s pretty much guaranteed I’ll eventually say “Cloud security starts with architecture and ends with automation.” I’m nothing if not repetitive. This isn’t
(DevSec)Ops vs. Dev(SecOps)
I just got back from the Boston DevOps Days. I really enjoy hanging around DevOps and cloud people. The energy of these conferences is great, and they are genuinely excited