Demystifying Cloud Security
The “how” of security has dramatically changed with cloud computing, but the underlying strategies still remain very similar. There are many new opportunities to adopt the power and benefits of the cloud within our security strategies and programs.
Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS. It assesses applications for vulnerabilities or deviations from best practices developed by AWS. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity that can and should be reviewed by qualified information security professionals.
In this article, I share the type of security functions that should exist with a Secure Software Development Life Cycle (SSDLC) process in any organization that is developing and deploying applications in the cloud.
Security is one of the most important aspects of any application, and in the age of cloud computing, it is arguably the most important because if the application isn’t secure, the application may lead to an undesirable and damaging cybersecurity incident.
The public cloud computing model and services has completely changed how we secure our systems and applications. There are several benefits as well as some new challenges.
I recently wrote an article describing four main threats for SD-WAN that can be used as a checklist for cybersecurity professionals and enterprise stakeholders when reviewing and implementing SD-WAN. In this article today, I am going to dive deeper into Orchestration Layer Threats for SD-WAN and some key points for consideration.
Well-designed Service-Level Agreements (SLAs) can significantly contribute to avoiding conflict and can facilitate the resolution of an issue before it escalates into a dispute.
In Azure, you can use conditional access policies in conjunction with MFA to help add an additional layer of protection to privileged accounts at a minimum. Refer to the diagram below for a conceptional overview.
The methods and techniques used for information security over the last two decades like firewall rules and log analysis is still a reality in the near term for cloud security, however, templatized design and security as code (SaC) is quickly emerging as the future of cloud security.
Software Defined Wide Area Networking (SD-WAN) is quickly becoming an enterprise staple to help control costs, reduce application latency, and reduce network downtime. However, with all of those benefits come with new cybersecurity threats and risks that should be considered and evaluated prior to deployment.
I share the absolute bare minimum Microsoft Azure security recommendations that all organizations should review and consider before launching a new Azure cloud subscription.
CI/CD pipelines are crucial to any team developing cloud-native applications because they are used to manage the software lifecycle end-to-end.