Blog

GOING TO RSA? HERE’S YOUR PRE-SHOW CHECKLIST (FOR AWS SECURITY)!

First, develop a clear picture of what you have – and don’t have – for AWS security today. The NIST Cybersecurity Framework is a good way to think this through: Identify: Do you have a clear picture of what your organization has deployed on AWS? Do you know how many AWS Accounts are active at your […]

Read More…

Cloud Computing

WHAT ARE THE NEW ATTACK VECTORS IN AWS?

By 2021, Cisco expects 94 percent of workloads and compute instances to be processed by cloud data centers. Attackers are already starting to focus and targeting cloud accounts, moving away from traditional data centers. […]

Read More…

Why Use a Host-Based IDS in AWS  

Does this image look familiar to you?  You’ve probably seen the AWS Shared Security Responsibility model over and over in conferences, tech talks, white papers, and AWS Summits, making it clear that Amazon only protects the infrastructure layer. Your data running in the application layer is your responsibility to secure. This sounds easy to implement […]

Read More…

Driving Towards Least Privilege in AWS: A Baker’s Dozen 

I have learned a lot in the past few years about running and securing public cloud infrastructure and thought I would share some areas that I believe are important. This SlideShare presentation is meant to be a self-read narrative of 13 things to think about AWS security and the move towards least privileged systems. Enjoy, […]

Read More…

Survey Highlights Top Four Trends in Cloud Security Adoption

Lacework worked with Hurwitz and Associates to survey the market and learn about the current state of cloud security, challenges and learnings from early adopters of the cloud. The results (and Hurwitz’s expert analysis) paint a picture of an industry that’s rapidly moving beyond its initial growing pains – even if there are still a […]

Read More…