Cloud Security (29)

Compliance Challenges in the Cloud

Each cloud service provides a different amount of environmental control in IaaS, PaaS, and SaaS models thus creating compliance issues for business operating in the cloud. This blog post will give you an insight into compliance challenges in the cloud.

Securing Network Assets in the Cloud

We have switches, routers, subnets, load balancers, and so on on-premises. In the cloud, their counterparts are called network assets and they perform similar tasks such as facilitating interaction between our resources and the rest of the world and protecting resources. Let’s take a look at each of them individually. In this blog page, we will take a look at how to manage network assets securely

Securing Data in IaaS, PaaS and SaaS

In this blog post, we will take a look at the best practices for securing your 3 states of data in the cloud which are data at rest, data in transit, and data in use.

Pillars of Zero Trust Architecture

This blog post will provide you with components of Zero Trust architecture and how these foundational elements work together in the cloud.

Understanding GCP Identity and Access Management

GCP IAM is a fine-grained identity and access management service powered by Google Cloud. You may use this utility to restrict which users have access to which resources.

Secure Your Docker Containers for Peace of Mind

Programmers mostly encapsulate and deliver the source code in containers, often Docker containers. Now that we have learned what is Docker and its benefits let’s leverage this with a security focus. In this blog post, we will learn how to harden docker containers.

Hands-on with Google Cloud Key Management Service (KMS)

In this blog post we will learn what a KMS, how we can secure our application keys with it and finally create our first keys.

Enumerating and Exploiting AWS S3 Buckets with S3Scanner and

Now that we are done with enumerating S3 buckets in our previous article: S3 Bucket URL Enumeration. We are ready to dump the publicly available files. We will start with S3Scanner.

Azure Sentinel: Comprehensive Security Management for the Azure Cloud Platform

Azure Sentinel is a system that runs on the Azure cloud platform used for security and information management. It combines threat detection with the ability to see potential threats, which it employs to give a threat response. It’s a comprehensive security management system. It also gives users information about their systems’ health, finds vulnerabilities, and prevents harmful software from running. Essential components of Azure Sentinel are patch management, vulnerability scanning, endpoint monitoring, performance analysis, and configuration consolidation.

S3 Bucket URL Enumeration

A storage service is a standard facility that cloud service providers often give to clients. And Simple Storage Service is the name of AWS’s storage facility (which is also abbreviated as S3).

Additional Security with Amazon EMR

AWS offers web-based analytical services to assist you in processing and analyzing large quantities of data, regardless of whether you require controlled Hadoop clusters, live streaming, massive data warehousing, or orchestrating. In this blog article, we will introduce Amazon EMR which is formerly known as Elastic MapReduce, and examine its security benefits.

Understanding User Roles and IAM in AWS

IAM stands for “Identity and Access Management”, it allows you to restrict who and what applications may access the AWS environment which is also referred to as entities or principals. Today, in this article we will explore fundamental principals in IAM.

Custom Security Groups on Aws: Regulate Traffic and Keep Your Resources Safe

A security group functions as a cloud-based firewall, regulating the communications that can reach and exit the resources with which it is linked. Let’s say you don’t want to use the built-in security groups. What should you do? AWS offers custom security groups for this purpose, which is the topic of today’s blog post.

A Brief Overview into Containers and the Challenges they Address

This blog article will provide you with an overview of containers and how they affect the overall information technology environment.

Improving DevOps Pipeline Security

DevOps is more than tools. It is also securing our environment from the very start. In this blog article, we will discuss how we can secure our DevOps pipeline.

General Security Risks when Applying DevOps

Applying DevOps without considering security would undoubtedly lead to an increased risk of cyberattacks by growing the attack surface of organizations. This blog post will give you a strong understanding of general security risks in DevOps and how to address them.

Shared Security Responsibilities in AWS: Easing Your Administrative Strain

AWS provides a flexible cloud computing technology offering high availability and reliability, as well as the resources needed to operate a broad spectrum of applications. These resources help you safeguard the secrecy, authenticity, and accessibility of your infrastructure. But what are the boundaries of different security responsibilities between a cloud tenant and a cloud provider? This article answers this question in Amazon Web Services particular.

Secure Your Containers Today for a Safer Tomorrow

There are various ways to attack a containerized operation. In this article we will discuss a few basic vulnerabilities that could be present within a container.

Security Measures to Protect your AWS Simple Storage Service (S3)

Amazon S3 is a web storage service offered by Amazon. It provides customers with secure access to their data from anywhere at anytime. The service is designed to provide reliable storage and retrieval of large amounts of data. There are numerous ways to manage security for an S3 bucket. In this blog post we will take a look at these methods. Let’s start with defining objects.

Zero-Trust: The Foundation of Modern Network Security

Zero Trust is a security model that aims to eliminate vulnerabilities by reducing unnecessary access points. In other words, zero trust means no single point of failure. In this blog post, we are going to define certain methods to achieve this in our cloud-based business to improve security.

AWS Elastic Load Balancing (ELB) - Improving Your Security

This blog post will provide you with the security perks of an Elastic Load Balancing (ELB) service.

A Brief Introduction to AWS Key Management Service

In this blog post, we will deep dive into the Key Management Service offered by AWS.

AWS Password Policies: Know Your Options

Most of the time, you will need a password to complete your actions in AWS. The password is set when you register the account, and you may modify it at any time by visiting the Security Credentials page. Let’s learn what are your different password policy options.

A Quick Start Guide to Network Monitoring and Security features in AWS

Amazon web services offer strong protection against standard network security vulnerabilities. In this blog post you’ll find some of the network management and defense services and functionalities that AWS offers for clients.

Compliance and Security in Amazon Web Services (AWS)

Information security is crucial for enterprises operating critical workloads, whether on-premises or in any cloud provider’s data centers. Security is a fundamental need that protects vital data from unintentional or intentional stealing, disclosure, breach, and removal. Here is a basic overview of AWS’s security and compliance strategy.

Improve Your Cloud's Resilience With Business Impact Analysis

A successful Business Impact Analysis allows us to ensure the resilience and sustainability of cloud operations during and after an interruption, which is also known as Disaster Recovery (DR) and Business Continuity (BC). In this blog, we will discuss major business impact analysis issues in the cloud. Let’s start by defining what a BIA is.

Improve Security and Trust With Cloud-based Key Control

How safe are your cloud-stored keys? Where and how secret keys are kept can have a substantial impact on the overall security of the data.

Enumerating AWS S3 Buckets

S3 buckets are one of the most important aspects of Amazon Web Services (AWS). They are used to store and retrieve data and can be accessed from anywhere in the world. S3 buckets are also used to host static websites. In this article, we will look into different techniques attackers use to identify AWS S3 Buckets.

Secure Your AWS Root Account with 5 Best Practices

Your AWS root account is the most important account in your AWS environment, and it’s critical that you take steps to secure it. This article proposes five best practices to follow.