Cloud Security Requires New Tools and Mindsets

Mainstream security strategies and controls were already struggling to keep up with the rapidly evolving threat...

Security Fundamentals for DevOps Shops

Applying DevOps principles to security operations is not a one-time practice or a stand-alone process — it’s a whole...

Visibility, Actionability, and Security Automation in the Cloud

October is National Cybersecurity Awareness month, and for more than a decade we have used this designation to help...

AWS re:Invent 2015 Event Recap

 The 4th annual AWS re:Invent conference wrapped up last week. Mirroring the success and growth of the AWS...

Latest AWS Releases Drive Cloud Security Innovation

Last week’s AWS re:Invent conference in Las Vegas saw the release of several new AWS services for security. Some of...

AWS Security Best Practice #9: Do Not Allow 0.0.0.0/0 Unless You Mean It

In the last post, John Martinez wrote about how Autoscaling can help an application deployed on AWS survive an attack....

AWS Security Best Practice #8: Use AutoScaling to Dampen DDoS Effects

 We’re switching the series up a little bit and going to pay some attention to the network layer for a couple of...

Not Heading to AWS re:Invent 2015? You’re Missing Out!

As David Linthicum pointed out in a recent article in InfoWord, AWS Re:Invent (October 6-9, 2015,...

Security Teams Lack Visibility Into Business-Critical Cloud Infrastructure

Organizations are increasingly leveraging innovative Security-as-a-Service (SecaaS) tools and implementing automation to...

Orchestrating Security in the Cloud: A SANS Webinar

Organizations are increasingly migrating to cloud-based services to handle sensitive data and business processes,...

AWS Security Best Practice #7: Use IAM Roles with STS AssumeRole

We are more than half way through the top ten, so let's finish up the IAM discussion before jumping into some of the top...

Ten Ways to Develop a Rugged DevOps Approach to Cloud Security

There is no single path to a Rugged DevOps approach that works for every organization, but there are key principles and...