Compliance

ESP @ Work: Holistic Security as part of the Corporate DNA

“We went through several stages, such as development and implementation of a harmonized security strategy across the...

ESP @ Work: HIPAA and NIST Compliance for State and Local Education

“As a publicly funded educational institution and a teaching hospital, we have no shortage of challenges,” –...

Aware and Prepared: The Importance of National Cyber Security Awareness Month

October is National Cyber Security Awareness Month (NCSAM), an effort by the Department of Homeland Security to...

ESP @ Work: Simplifying Compliance at a Regional Bank

“ESP makes it possible for me and my team to move along the maturity model much faster than my peers without relying...

ESP @ Work: Enabling Always-on Compliance for Electronic Health Record Company

“Before ESP, preparing for our annual compliance audit would be an 11 month cycle. With ESP we can view our state of...

Cloud Security This Week – September 1, 2017

It’s never dull for those trying to keep the cloud safe from harm, but this was a relatively quiet week for cloud...

Continuous Compliance and the Art of a Stress-Free Audit

Compliance audits are necessary, but rarely fun. However, enterprises that adhere to compliance best practices and...

ESP @ Work: NIST 800-53 Compliance and GovCloud at a Collaborative Software Company

“The Evident Security Platform (ESP) and the NIST Compliance Report provides practitioners, executives and auditors...

Cloud Security Fitness Guide – Exercise #10: Watch World-Readable and Listable S3 Bucket Policies

S3 has been around for quite some time. It may be the oldest Service in the ever expanding Web Services provided by...

Cloud Security Fitness Guide – Exercise #9: Do Not Allow 0.0.0.0/0 Unless You Mean It

In the last post, John Martinez wrote about how Autoscaling can help an application deployed on AWS survive an attack....

Cloud Security Fitness Guide – Exercise #8: Use AutoScaling to Dampen DDoS Effects

 We’re switching the series up a little bit and going to pay some attention to the network layer for a couple of...

Cloud Security Fitness Guide – Exercise #6: Rotate all the Keys Regularly

In the previous article, we had a pretty deep discussion on how and why to limit privilege in the AWS IAM service....