Hitting PaaS on Inadvertent Cloud Database Exposure As we hit the third installment in our Top 10 Cloud Attack Killchains series you’re probably starting to notice that none of these attacks take a rocket scientist to
Unseen Exposure – Tackling the Pervasive Server Remote Access Issue One of my philosophies regarding the proliferation of relatively straightforward cloud security issues – those that are basically uncomplicated, yet challenging to address based
One of my favorite movie quotes of all time is from Cool Hand Luke: “What we’ve got here… is failure to communicate.” It’s so apropos because better communication could help avoid a majority of problems -- at work and in life. Alas, a
As we return to our Cloud Security Center of Excellence series, we talked about the need for a CoE structure as well as our preferred organizational model. Now let's dig in a bit more and discuss a bit more specifically
One of the most difficult problems in cloud security is building comprehensive multi-account/multi-cloud security monitoring and alerting. I’d say maybe 1 out of 10 organizations I assess or work with have something effective in place when I first show
The 3-Step Process to Start Monitoring Your AWS Cloud Environments The following recommendations will help you outline a path to setting up a proper monitoring program for your AWS instances or cloud environments. Before we jump into our best practices
The Security Pro's Quick Cloud Comparison: AWS, Azure, or GCP? Over the past year I've noticed a very large uptick in production workloads, often from large organizations, moving beyond AWS and into Azure and GCP. This isn't necessarily real
So, You Want to Start Monitoring Your AWS Account? Before implementing an AWS monitoring solution, address “What” and “Why”. Before we jump into our recommendations for best practices for monitoring AWS accounts, we need a 30,000′ view of why we
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.