cloud infrastructure security

Cloud Security This Week – October 20, 2017

Everything about cyberattacks are insidious, but two significant attacks reported this week highlight just how hard it...

Cloud Security This Week – October 13, 2017

More stories hit the headlines this week on unprotected AWS S3 buckets and ways for enterprises to protect their cloud...

Cloud Security This Week – September 15, 2017

The impact of the Equifax breach started to sink in among the 143 million people who were affected, and ElasticSearch...

Cloud Security This Week – September 1, 2017

It’s never dull for those trying to keep the cloud safe from harm, but this was a relatively quiet week for cloud...

Cloud Security and Automated Incident Response

Fixing stuff isn’t as interesting as breaking stuff, and this even applies in the realm of the cloud. Perhaps...

Study highlights increase in awareness of cloud benefits and security risks

Some good news on the security front: businesses are growing increasingly aware of the security risks beyond the control...

The AWS Security Fitness Guide: 11 Exercises To Make Your Enterprise CloudFit

My co-workers can attest to the fact that I’m trying – really, really trying – to get fit. No carbs or...

Cloud Security Fitness Guide – Exercise #10: Watch World-Readable and Listable S3 Bucket Policies

S3 has been around for quite some time. It may be the oldest Service in the ever expanding Web Services provided by...

Cloud Security Fitness Guide – Exercise #9: Do Not Allow 0.0.0.0/0 Unless You Mean It

In the last post, John Martinez wrote about how Autoscaling can help an application deployed on AWS survive an attack....

Cloud Security Fitness Guide – Exercise #8: Use AutoScaling to Dampen DDoS Effects

 We’re switching the series up a little bit and going to pay some attention to the network layer for a couple of...

Cloud Security Fitness Guide – Exercise #6: Rotate all the Keys Regularly

In the previous article, we had a pretty deep discussion on how and why to limit privilege in the AWS IAM service....

Cloud Security Fitness Guide – Exercise #7: Use IAM Roles with STS AssumeRole

We are more than half way through the top ten, so let's finish up the IAM discussion before jumping into some of the top...