Blog

Refocus on What Matters: Risks vs Threats

After visiting the RSA Conference (yes I walked the infamous show floor) I decided to zoom out on what I saw and think about where we are spending our time, resources, and investments as an industry. The one thing that came to me is that we certainly spend a lot of time talking about threats. […]

Read More…

Containers in the Cloud: From Top Hazards to First-Class Cloud Security Citizen

Originally published in TechSpective on April 24, 2018. Microservices have been touted as a revolutionary way of building applications in the cloud which in turn is fueling the demand for containers. This symbiotic relationship between application portability and containers for delivering a single function makes for an ideal platform. At scale, this distribution of discrete jobs, when […]

Read More…

AVOIDING HOLES IN YOUR AWS BUCKETS

Originally published in InfoSec Island on April 12, 2018.  Enterprises are moving to the cloud at a breathtaking pace, and they’re taking valuable data with them. Hackers are right behind them, hot on the trail of as much data as they can steal. The cloud upends traditional notions of networks and hosts, and it topples […]

Read More…

GOING TO RSA? HERE’S YOUR PRE-SHOW CHECKLIST (FOR AWS SECURITY)!

First, develop a clear picture of what you have – and don’t have – for AWS security today. The NIST Cybersecurity Framework is a good way to think this through: Identify: Do you have a clear picture of what your organization has deployed on AWS? Do you know how many AWS Accounts are active at your […]

Read More…

Cloud Computing

WHAT ARE THE NEW ATTACK VECTORS IN AWS?

By 2021, Cisco expects 94 percent of workloads and compute instances to be processed by cloud data centers. Attackers are already starting to focus and targeting cloud accounts, moving away from traditional data centers. […]

Read More…