I share the five security pillars that every AWS cloud deployment should consider and ultimately implement within each layer of your application/system deployment.
The 5 Security Pillars Required For All AWS Cloud Deployments
Checklist For Securing Your AWS Workloads in The Cloud
In this article today, I provide you with a checklist that you can use to make sure you have processes and programs in place for properly securing your workloads in the cloud.
AWS Web Phonebook Application (Part 2 – AWS Free Account & IAM Basics)
Before we can build the new Web Phonebook Application, you need to have a free AWS account and you need some background information about how AWS IAM works and how it applies to our Web Phonebook Application.
Web Phonebook Application AWS Architecture Overview (Part 1 – Introduction & Overview)
In a brand new series of articles, I walk you through how to build a web-based phonebook application on AWS to help illustrate the basics of cloud computing.
AWS Cloud Security Design Principles Checklist
You should look at each of your AWS workloads and run them through this basic security principles checklist to ensure you are not missing the obvious.
Visual Studio Code is a Good Tool For AWS Cloud Management & DevOps
Visual Studio Code is an IDE tool that developers use to write code to build cloud environments (Infrastructure as Code).
17 IAM Best Practices For AWS Cloud Computing
Use this 17 item IAM best practices checklist as an internal audit for your AWS cloud computing environment.
AWS CloudShell Overview & Why It’s Important
AWS CloudShell is a powerful and safe way to use the command line interface (CLI) in your browser.
Automating Security in AWS is Easier Than You Might Think
The “how” of security has dramatically changed with cloud computing, but the underlying strategies still remain very similar. There are many new opportunities to adopt the power and benefits of the cloud within our security strategies and programs.
AWS Security Fundamentals Training
I recently took the AWS Security Fundamentals Training course and passed the exam. The AWS Security Fundamentals Training course is a great place to start if you are interested in earning your AWS Security Speciality Certification.
Amazon Inspector For Automating Security Assessments & Remediations In AWS
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It assesses applications for vulnerabilities or deviations from best practices developed by AWS. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity that can and should be reviewed by qualified information security professionals.
Understanding Auditing On The AWS Platform
The AWS Management Console, along with the AWS CLI, can produce powerful results for auditors across multiple regulatory, standards, and industry authorities. I am going to cover some of the key sources that produce important and meaningful log information that you can use within your audit and compliance program.
AWS Cloud Practitioner Essentials Training Certificate
I just successfully completed the 6 hour AWS Cloud Practitioner Essentials Training course and I passed the course final exam as well.
AWS Business Professional Certificate
Hi, I wanted to share that I took the AWS Business Professional training course and passed the exam today.
AWS Technical Professional Certificate
Just a quick note to share that I took the AWS Partner Network AWS Technical Professional Training today along with the exam and I passed.
AWS Global Infrastructure 2021 Status Report
The AWS Global Cloud Infrastructure currently offers over 200 fully featured services from data centers globally – more than any other public cloud service provider.
IAM Security Checklist For AWS
Identity and access management (IAM) is the new perimeter in our cloud-based world. IAM is a way to tell who a user is and what they are allowed to do, so it is critical that IAM is implemented correctly and securely.
Checklist For Security Functions in Application Development SDLC Frameworks For Cloud Computing
In this article, I share the type of security functions that should exist with a Secure Software Development Life Cycle (SSDLC) process in any organization that is developing and deploying applications in the cloud.
Secure Software Development Life Cycle (SSDLC) Frameworks For Cloud Computing & Why It Matters
Security is one of the most important aspects of any application, and in the age of cloud computing, it is arguably the most important because if the application isn’t secure, the application may lead to an undesirable and damaging cybersecurity incident.
How Cloud Computing Has Changed Application Security & What You Can Do About It
The public cloud computing model and services has completely changed how we secure our systems and applications. There are several benefits as well as some new challenges.
Orchestration Threats For SD-WAN
I recently wrote an article describing four main threats for SD-WAN that can be used as a checklist for cybersecurity professionals and enterprise stakeholders when reviewing and implementing SD-WAN. In this article today, I am going to dive deeper into Orchestration Layer Threats for SD-WAN and some key points for consideration.
Cloud Service Provider SLA Checklist For Executives
Well-designed Service-Level Agreements (SLAs) can significantly contribute to avoiding conflict and can facilitate the resolution of an issue before it escalates into a dispute.
Why You Should Use Conditional Access Policies With MFA in Microsoft Azure
In Azure, you can use conditional access policies in conjunction with MFA to help add an additional layer of protection to privileged accounts at a minimum. Refer to the diagram below for a conceptional overview.
Security as Code (SaC) is The Future of Cloud Security
The methods and techniques used for information security over the last two decades like firewall rules and log analysis is still a reality in the near term for cloud security, however, templatized design and security as code (SaC) is quickly emerging as the future of cloud security.
SD-WAN Security Threat Checklist
Software Defined Wide Area Networking (SD-WAN) is quickly becoming an enterprise staple to help control costs, reduce application latency, and reduce network downtime. However, with all of those benefits come with new cybersecurity threats and risks that should be considered and evaluated prior to deployment.
Microsoft Azure Bare Minimum Security Checklist
I share the absolute bare minimum Microsoft Azure security recommendations that all organizations should review and consider before launching a new Azure cloud subscription.
Cloud CI/CD Pipeline Security Checklist
CI/CD pipelines are crucial to any team developing cloud-native applications because they are used to manage the software lifecycle end-to-end.
Multi-Factor Authentication (MFA) Isn’t Enough Any More in Cloud Environments
Multi-Factor Authentication (MFA) Isn’t enough any more in cloud environments, especially for privileged accounts.