Matt Dean2019-09-10T15:16:50-05:00September 9th, 2019|
Yes, Finding Public S3 Buckets Is Automated and Easy Attackers are automating the discovery of public AWS S3 buckets. Are you automating your security defense? We found a list of over 60,000 public S3 buckets.
What You Need to Know About AWS Security Monitoring, Logging, and Alerting In terms of AWS security, first the good news: Amazon Web Services offers an impressive collection of security monitoring and logging capabilities.
DisruptOps recognized for providing automated guardrails for multi-cloud infrastructures through its security operations platform. KANSAS CITY, MISSOURI – February 5, 2019 – DisruptOps today has been named one of 10 finalists for the RSA® Conference 2019 Innovation Sandbox Contest
We are working on our threat models here at DisruptOps, so I decided to refresh my knowledge of different approaches. One thing that quickly stood out is that nearly none of the threat modeling documentation or tools I’ve seen covers
As I mentioned in our (DevSec)Ops vs. Dev(SecOps) post, we’ve been traveling around to a couple of DevOpsDays conferences presenting our Quick and Dirty DevSecOps talk. One of the things I tend to start with early in the talk is the fact that, like DevOps,
A Security Pro’s Cloud Automation Journey Catch me at a conference and the odds are you will overhear my saying “cloud security starts with architecture and ends with automation.” I quickly follow with how important it is to adopt a
In Quick and Dirty: Building an S3 guardrail with Config we highlighted one of the big problems with Config: you need to set it up in each region of each account. Your best bet to make that manageable is to use infrastructure
In How S3 Buckets Become Public, and the Fastest Way to Find Yours we reviewed the myriad of ways S3 buckets become public and where to look for them. Today I'll show the easiest way to continuously monitor for public