John Robel

John Robel is a Principle Solutions Architect for Evident.io with over 20 years experience, and his previous role was as a Senior Technical Account Manager at AWS where he managed customer relationships with some of the largest AWS enterprise customers like Netflix and Adobe. John is an AWS Certified Solutions Architect and has been both Cisco Certified as a Network Associate and ITIL Foundation certified.

All stories by John

Start Compliant, Stay Compliant

Compliance is no longer a once & done thing. Merriam-Webster definition of “compliance” – the act...

Compliance Automation For Your Cloud

For years, security and operations pros have loathed to be involved in a compliance effort. And for good...

Default VPCs and Unused Resources: Delete or Keep?

Should I delete default VPCs and unused resources? This question comes up so often with both new and seasoned AWS...

AWS Security Best Practice #0: CloudTrail and Encryption

Moving your architecture to AWS in whole or part also means that your team reaps the rewards of new changes and services...

AWS Security Best Practice #10: Watch World-Readable and Listable S3 Bucket Policies

S3 has been around for quite some time. It may be the oldest Service in the ever expanding Web Services provided by...

AWS Security Best Practice #9: Do Not Allow 0.0.0.0/0 Unless You Mean It

In the last post, John Martinez wrote about how Autoscaling can help an application deployed on AWS survive an attack....

AWS Security Best Practice #7: Use IAM Roles with STS AssumeRole

We are more than half way through the top ten, so let's finish up the IAM discussion before jumping into some of the top...

AWS Security Best Practice #3: Reduce IAM Users with Admin Rights

Based on the last two posts, you have disabled your AWS root user; removed any root keys, assigned an MFA to that user,...

AWS Security Best Practice #2: Enable MFA Tokens Everywhere

Here we are, a week later and now following up on to the second installment of our recommended Top Ten Security Best...