ESP @ Work: Improving the Big Picture at a Fortune 100 Healthcare Company

“With ESP, we can stop hassling over the less important IT stuff and start focusing on improving the big picture for...

The Auditor From the Black Lagoon

“A haze rested on the low shores that ran out to sea in vanishing flatness. The air was dark above Gravesend, and...

Despite Data Breaches, Healthcare Orgs Not Keeping Pace With Cybersecurity Needs

Despite record number of attacks plaguing the healthcare industry, there is hesitancy to invest in the cybersecurity...

ESP @ Work: NIST 800-53 Compliance and GovCloud at a Collaborative Software Company

“The Evident Security Platform (ESP) and the NIST Compliance Report provides practitioners, executives and auditors...

Study highlights increase in awareness of cloud benefits and security risks

Some good news on the security front: businesses are growing increasingly aware of the security risks beyond the control...

The AWS Security Fitness Guide: 11 Exercises To Make Your Enterprise CloudFit

My co-workers can attest to the fact that I’m trying – really, really trying – to get fit. No carbs or...

Dawn of the Dead Accounts

Unused access credentials can threaten the security of your cloud infrastructure. The modern workplace sees it’s fair...

Cloud Security Fitness Guide – Exercise #10: Watch World-Readable and Listable S3 Bucket Policies

S3 has been around for quite some time. It may be the oldest Service in the ever expanding Web Services provided by...

Cloud Security Fitness Guide – Exercise #9: Do Not Allow 0.0.0.0/0 Unless You Mean It

In the last post, John Martinez wrote about how Autoscaling can help an application deployed on AWS survive an attack....

Cloud Security Fitness Guide – Exercise #8: Use AutoScaling to Dampen DDoS Effects

 We’re switching the series up a little bit and going to pay some attention to the network layer for a couple of...

Cloud Security Fitness Guide – Exercise #6: Rotate all the Keys Regularly

In the previous article, we had a pretty deep discussion on how and why to limit privilege in the AWS IAM service....

Cloud Security Fitness Guide – Exercise #7: Use IAM Roles with STS AssumeRole

We are more than half way through the top ten, so let's finish up the IAM discussion before jumping into some of the top...