Automating Cloud Governance As You Go-Go
Automating Cloud Governance As You Go-Go What does cloud governance have in common with George Michael? Sometimes it comes at you like – wham! (Thank you, I’ll see myself out.) [...]
Setting the Right Pace to Embrace Automation
Setting the Right Pace to Embrace Automation I’ve rewritten this intro countless times. Not because what follows isn’t important, but because I’m breaking my own rule – don’t have people [...]
Sending Events from Cloudwatch to Lambda
Sending CloudWatch/EventBridge Events (Like Guard Duty) to Lambda Someone pointed me to a Reddit post asking how to send and access the JSON from a GuardDuty finding into Lambda. [...]
Security in the Age of DevOps
Security in the Age of DevOps We're in the fight for the soul of... I'm not going to get political, but the reality is we’ve got a challenging road [...]
Has the Cloud changed Software Development for Good?
Has the Cloud changed Software Development for Good? One of two concepts might have popped into your head when reading the title of this blog. Has software development improved? [...]
Security Operations is Not Dead
Security Operations is Not Dead I remember when an admin ran security operations (SecOps) by logging into a console and doing something. Ah, the good ol’ days. Now, we [...]
Fashion App’s Faux Pas: Open Buckets of (21) Buttons
Fashion App’s Faux Pas: Open Buckets of (21) Buttons TL; DR: Leaving their S3 buckets exposed, fashion-focused social app, 21 Buttons, is caught with their pants down. Because it [...]
Your 2021 Cloud Security Recommendations
Your 2021 Cloud Security Recommendations (Assuming 2020 Ever Ends) 2020. So THAT just happened. When it comes to cloud security, 2020 was like pouring rocket fuel onto a gasoline fire; [...]
ALERT to FIX in a MINUTE
ALERT to FIX in a MINUTE As Rich and I have been talking about for years, the ability to move to automated cloud security operations remains one of the most compelling [...]
Supercharging Security Hub: Part 4, Taking Action
In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. Today I want to dive into one of the best parts of Security Hub — taking actions on events and findings.
Security Ops Waiting Game
Security Ops Waiting Game Remember in the olden days, when central IT ruled the land? If an application required fixes or new capabilities, the business put in a change [...]
Supercharging AWS Security Hub: Part 3, Taming the Console
In our last post we covered getting started with Security Hub and how to set up an optimized configuration, including prepping forward findings for alerting or remediation. Now although we’ve introduced the core capabilities, in this post we’ll walk through the different parts of the console...
Supercharging AWS Security Hub: Part 2, Get a Running Start
Continuing our dive into AWS Security hub let’s jump into setting up. Don’t worry, I won’t just rehash the AWS documentation; this post will cover our recommended configuration, how to push findings and events back into your security infrastructure...
Supercharging AWS Security Hub: Part 1, the Secret Weapon
Like many AWS services, Security Hub is one of those products that sneaks up on you. Security Hub was pretty anemic when it first launched; it appeared to just collect the results from a few AWS products and a dozen partners into some basic dashboards so Amazon could say they had a “security center”.
The Tragedy of Security Dies on the Crucible of DevOps
The Tragedy of Security Dies on the Crucible of DevOps Security ain’t what it used to be. Or perhaps it’s always been this way and it merely seems different [...]
DisruptOps Welcomes Security Executive Matt Eberhart as Chief Operating Officer
DisruptOps Welcomes Security Executive Matt Eberhart as COO The cloud security automation platform player strengthens the executive team as growth accelerates. KANSAS CITY, Aug. 1, 2020 -- DisruptOps, a [...]
ElectricEye v2.0
ElectricEye v2.0 We are thrilled to share the news that version 2.0 of ElectricEye has been published. You can check it out here: https://github.com/jonrau1/ElectricEye Over the past couple of months, [...]
Advanced Techniques for Defending AWS ExternalID and Cross-Account AssumeRole Access
Advanced Techniques for Defending AWS ExternalIDs and Cross-Account AssumeRole Access Last month Kesten Broughton at Praetorian Security released some great research on third party cloud security products using Amazon’s [...]
AWS Security Management with SecurityHub
AWS Security Management with SecurityHub Security has been a top concern with cloud adoption since its inception and as a result, security has been a top concern of cloud vendors [...]
Easy Does It – Understanding Object Storage Public Data Exposure
Easy Does It — Understanding Object Storage Public Data Exposure One thing I’d like to avoid in narrating this journey through common Cloud Attack Killchains is the implication that [...]
Hitting PaaS on Inadvertent Cloud Database Exposure
Hitting PaaS on Inadvertent Cloud Database Exposure As we hit the third installment in our Top 10 Cloud Attack Killchains series you’re probably starting to notice that none of these attacks [...]
Unseen Exposure – Tackling the Pervasive Server Remote Access Issue
Unseen Exposure – Tackling the Pervasive Server Remote Access Issue One of my philosophies regarding the proliferation of relatively straightforward cloud security issues – those that are basically uncomplicated, [...]
Don’t Start Static – Mitigating Cloud API Credential Exposure
Don’t Start Static – Mitigating Cloud API Credential Exposure And away we go! Here’s the first in our recently announced series on the Top 10 Cloud Attack Killchains [...]
COVID-19, the Cloud, and Cloud Security
COVID-19, the Cloud, and Cloud Security COVID-19, social distancing, work from home…these are our current realities. How we got here and how we get past it are beyond [...]
Stop Today’s Top 10 Cloud Attack Killchains
Stop Today’s Top 10 Cloud Attack Killchains Everyone knows that cloud-driven exposures and related cloud attack killchains are emerging at a furious pace. These are the top 10 [...]