Blog2020-03-08T12:55:55-05:00

Has the Cloud changed Software Development for Good?

Has the Cloud changed Software Development for Good? One of two concepts might have popped into your head when reading the title of this blog. Has software development improved? [...]

By |March 9th, 2021|

Supercharging Security Hub: Part 4, Taking Action

In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. Today I want to dive into one of the best parts of Security Hub — taking actions on events and findings.

By |September 4th, 2020|

Supercharging AWS Security Hub: Part 3, Taming the Console

In our last post we covered getting started with Security Hub and how to set up an optimized configuration, including prepping forward findings for alerting or remediation. Now although we’ve introduced the core capabilities, in this post we’ll walk through the different parts of the console...

By |August 25th, 2020|

Supercharging AWS Security Hub: Part 2, Get a Running Start

Continuing our dive into AWS Security hub let’s jump into setting up. Don’t worry, I won’t just rehash the AWS documentation; this post will cover our recommended configuration, how to push findings and events back into your security infrastructure...

By |August 20th, 2020|

Supercharging AWS Security Hub: Part 1, the Secret Weapon

Like many AWS services, Security Hub is one of those products that sneaks up on you. Security Hub was pretty anemic when it first launched; it appeared to just collect the results from a few AWS products and a dozen partners into some basic dashboards so Amazon could say they had a “security center”.

By |August 18th, 2020|

DisruptOps Welcomes Security Executive Matt Eberhart as Chief Operating Officer

DisruptOps Welcomes Security Executive Matt Eberhart as COO The cloud security automation platform player strengthens the executive team as growth accelerates. KANSAS CITY, Aug. 1, 2020 -- DisruptOps, a [...]

By |August 3rd, 2020|

Advanced Techniques for Defending AWS ExternalID and Cross-Account AssumeRole Access

Advanced Techniques for Defending AWS ExternalIDs and Cross-Account AssumeRole Access Last month Kesten Broughton at Praetorian Security released some great research on third party cloud security products using Amazon’s [...]

By |July 14th, 2020|

Easy Does It – Understanding Object Storage Public Data Exposure

Easy Does It — Understanding Object Storage Public Data Exposure One thing I’d like to avoid in narrating this journey through common Cloud Attack Killchains is the implication that [...]

By |May 6th, 2020|

Hitting PaaS on Inadvertent Cloud Database Exposure

Hitting PaaS on Inadvertent Cloud Database Exposure As we hit the third installment in our Top 10 Cloud Attack Killchains series you’re probably starting to notice that none of these attacks [...]

By |April 27th, 2020|

Unseen Exposure – Tackling the Pervasive Server Remote Access Issue

Unseen Exposure – Tackling the Pervasive Server Remote Access Issue One of my philosophies regarding the proliferation of relatively straightforward cloud security issues – those that are basically uncomplicated, [...]

By |April 2nd, 2020|

Don’t Start Static – Mitigating Cloud API Credential Exposure

Don’t Start Static – Mitigating Cloud API Credential Exposure And away we go! Here’s the first in our recently announced series on the Top 10 Cloud Attack Killchains [...]

By |March 23rd, 2020|
Go to Top