I share the five security pillars that every AWS cloud deployment should consider and ultimately implement within each layer of your application/system deployment.
In this article today, I provide you with a checklist that you can use to make sure you have processes and programs in place for properly securing your workloads in the cloud.
Before we can build the new Web Phonebook Application, you need to have a free AWS account and you need some background information about how AWS IAM works and how it applies to our Web Phonebook Application.
In a brand new series of articles, I walk you through how to build a web-based phonebook application on AWS to help illustrate the basics of cloud computing.
You should look at each of your AWS workloads and run them through this basic security principles checklist to ensure you are not missing the obvious.
Visual Studio Code is an IDE tool that developers use to write code to build cloud environments (Infrastructure as Code).
Use this 17 item IAM best practices checklist as an internal audit for your AWS cloud computing environment.
AWS CloudShell is a powerful and safe way to use the command line interface (CLI) in your browser.
The “how” of security has dramatically changed with cloud computing, but the underlying strategies still remain very similar. There are many new opportunities to adopt the power and benefits of the cloud within our security strategies and programs.
I recently took the AWS Security Fundamentals Training course and passed the exam. The AWS Security Fundamentals Training course is a great place to start if you are interested in earning your AWS Security Speciality Certification.
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It assesses applications for vulnerabilities or deviations from best practices developed by AWS. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity that can and should be reviewed by qualified information security professionals.
The AWS Management Console, along with the AWS CLI, can produce powerful results for auditors across multiple regulatory, standards, and industry authorities. I am going to cover some of the key sources that produce important and meaningful log information that you can use within your audit and compliance program.
I just successfully completed the 6 hour AWS Cloud Practitioner Essentials Training course and I passed the course final exam as well.
Hi, I wanted to share that I took the AWS Business Professional training course and passed the exam today.
Just a quick note to share that I took the AWS Partner Network AWS Technical Professional Training today along with the exam and I passed.
The AWS Global Cloud Infrastructure currently offers over 200 fully featured services from data centers globally – more than any other public cloud service provider.
Identity and access management (IAM) is the new perimeter in our cloud-based world. IAM is a way to tell who a user is and what they are allowed to do, so it is critical that IAM is implemented correctly and securely.
In this article, I share the type of security functions that should exist with a Secure Software Development Life Cycle (SSDLC) process in any organization that is developing and deploying applications in the cloud.
Security is one of the most important aspects of any application, and in the age of cloud computing, it is arguably the most important because if the application isn’t secure, the application may lead to an undesirable and damaging cybersecurity incident.
The public cloud computing model and services has completely changed how we secure our systems and applications. There are several benefits as well as some new challenges.
I recently wrote an article describing four main threats for SD-WAN that can be used as a checklist for cybersecurity professionals and enterprise stakeholders when reviewing and implementing SD-WAN. In this article today, I am going to dive deeper into Orchestration Layer Threats for SD-WAN and some key points for consideration.
Well-designed Service-Level Agreements (SLAs) can significantly contribute to avoiding conflict and can facilitate the resolution of an issue before it escalates into a dispute.
In Azure, you can use conditional access policies in conjunction with MFA to help add an additional layer of protection to privileged accounts at a minimum. Refer to the diagram below for a conceptional overview.
The methods and techniques used for information security over the last two decades like firewall rules and log analysis is still a reality in the near term for cloud security, however, templatized design and security as code (SaC) is quickly emerging as the future of cloud security.
Software Defined Wide Area Networking (SD-WAN) is quickly becoming an enterprise staple to help control costs, reduce application latency, and reduce network downtime. However, with all of those benefits come with new cybersecurity threats and risks that should be considered and evaluated prior to deployment.
I share the absolute bare minimum Microsoft Azure security recommendations that all organizations should review and consider before launching a new Azure cloud subscription.
CI/CD pipelines are crucial to any team developing cloud-native applications because they are used to manage the software lifecycle end-to-end.
Multi-Factor Authentication (MFA) Isn’t enough any more in cloud environments, especially for privileged accounts.