John Robel

John Robel is a Principle Solutions Architect for Evident.io with over 20 years experience, and his previous role was as a Senior Technical Account Manager at AWS where he managed customer relationships with some of the largest AWS enterprise customers like Netflix and Adobe. John is an AWS Certified Solutions Architect and has been both Cisco Certified as a Network Associate and ITIL Foundation certified.

All stories by John

Cloud Security Fitness Guide – Exercise #10: Watch World-Readable and Listable S3 Bucket Policies

S3 has been around for quite some time. It may be the oldest Service in the ever expanding Web Services provided by...

Cloud Security Fitness Guide – Exercise #9: Do Not Allow 0.0.0.0/0 Unless You Mean It

In the last post, John Martinez wrote about how Autoscaling can help an application deployed on AWS survive an attack....

Cloud Security Fitness Guide – Exercise #7: Use IAM Roles with STS AssumeRole

We are more than half way through the top ten, so let's finish up the IAM discussion before jumping into some of the top...

Cloud Security Fitness Guide – Exercise #3: Reduce IAM Users with Admin Rights

Based on the last two posts, you have disabled your AWS root user; removed any root keys, assigned an MFA to that user,...

Cloud Security Fitness Guide – Exercise #2: Enable MFA Tokens Everywhere

Here we are, a week later and now following up on to the second installment of our recommended Top Ten Security Best...

Cloud Security Fitness Guide – Exercise #11: CloudTrail and Encryption

Moving your architecture to AWS in whole or part also means that your team reaps the rewards of new changes and services...

Measuring GDPR Compliance in the Cloud

There is a lot of talk these days about what organizations need to do to be GDPR compliant by the deadline next year....

Start Compliant, Stay Compliant

Compliance is no longer a once & done thing. Merriam-Webster definition of “compliance” – the act...

Compliance Automation For Your Cloud

For years, security and operations pros have loathed to be involved in a compliance effort. And for good...

Default VPCs and Unused Resources: Delete or Keep?

Should I delete default VPCs and unused resources? This question comes up so often with both new and seasoned AWS...