Advanced Techniques for Defending AWS ExternalIDs and Cross-Account AssumeRole Access Last month Kesten Broughton at Praetorian Security released some great research on third party cloud security products using Amazon’s preferred cross-account connection technique - [...]
AWS Security Management with SecurityHub Security has been a top concern with cloud adoption since its inception and as a result, security has been a top concern of cloud vendors as well. To help customers [...]
Easy Does It — Understanding Object Storage Public Data Exposure One thing I’d like to avoid in narrating this journey through common Cloud Attack Killchains is the implication that cloud platform providers are doing [...]
What You Need to Know About AWS Security Monitoring, Logging, and Alerting In terms of AWS security, first the good news: Amazon Web Services offers an impressive collection of security monitoring and logging capabilities. Now the bad news: these [...]
Configuration mistakes. This is not a new issue. IT and Security Operations teams have been struggling with managing configurations for as long as they have existed. As organizations start down the cloud path, the problem becomes more acute. There are simply too [...]
Over the past year I’ve seen a huge uptick in interest for concrete advice on handling security incidents inside the cloud, with cloud native techniques. As organizations move their production workloads to the cloud, it doesn’t take long [...]
One of my favorite movie quotes of all time is from Cool Hand Luke: “What we’ve got here… is failure to communicate.” It’s so apropos because better communication could help avoid a majority of problems -- at work and in life. Alas, a [...]
As we return to our Cloud Security Center of Excellence series, we talked about the need for a CoE structure as well as our preferred organizational model. Now let's dig in a bit more and discuss a bit more specifically [...]
One of the most difficult problems in cloud security is building comprehensive multi-account/multi-cloud security monitoring and alerting. I’d say maybe 1 out of 10 organizations I assess or work with have something effective in place when I first show [...]
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.