FireMon Blogs
Latest Blog
Firewall Monitoring: The Only Guide You’ll Ever Need
Security solutions provide a crucial layer of protection, but maintaining their ongoing effectiveness presents significant challenges. Without continuous oversight, organizations risk vulnerabilities that could lead to data breaches and operational…
Read More
Navigating the Complexities of Firewall Security Policies in Telecommunications
The telecommunications industry is one of the most complex and regulated sectors when it comes to cybersecurity. With millions of users and vast, interconnected networks, and heavy reliance on cloud…
Read More
Continuous Compliance Monitoring: Why Is It So Important?
Compliance monitoring is vital to ensure organizations maintain adherence to regulatory standards and internal policies in real time, helping avoid data breaches, legal penalties, and reputational harm. Regulations are constantly…
Read More
How to Ace Your Retail Cybersecurity Strategy
Cybersecurity for retail is more critical than ever. Retailers face unique challenges due to the sensitive nature of customer data, payment systems, and supply chains. Additionally, the rise of e-commerce,…
Read More
The Top 8 Benefits of Network Segmentation
Segmentation is crucial in cybersecurity, helping organizations safeguard their assets, comply with regulations, and optimize performance. In this article, we’ll explore the top 8 benefits of network segmentation, providing a…
Read More
What Is Risk Assessment In Network Security?
A risk assessment in network security systematically identifies, evaluates, and prioritizes potential threats to your infrastructure. By understanding these risks, you can implement tailored security measures that protect sensitive data,…
Read More
10 Network Segmentation Best Practices
The security of your network is critical, and segmenting it is one of the most effective strategies to enhance your posture. This technique reduces your attack surface and improves overall…
Read More
Firewall Policy Management for NIS2 and DORA Compliance
What Is Attack Surface Management? What Are the Different Types of Attack Surfaces? Top Enterprise Attack Surface Management Tools Selecting the Right Tool to Manage Your Attack Surface Enhance Your…
Read More
Everything You Need to Know about NIST Security Compliance
What Is NIST? What Is NIST Compliance? Importance of Being NIST Compliant The Benefits of Meeting NIST Cybersecurity Standards Five Main NIST Frameworks Achieve Continuous NIST Compliance with FireMon Frequently…
Read More
How to Set up Firewall Rules
How to Set up Firewall Rules What Are Firewall Rules? Types of Firewall Rules How to Create Firewall Rules for Your Enterprise Firewall Rule Management Best Practices Streamline the Management…
Read More
How Asset Discovery Tools Work
As organizations grow, their IT assets grow exponentially. According to Technavio, the global IT asset management software market size is estimated to grow by $456.14 million between 2024 and 2028,…
Read More
10 Best Attack Surface Management Tools
What Is Attack Surface Management? What Are the Different Types of Attack Surfaces? Top Enterprise Attack Surface Management Tools Selecting the Right Tool to Manage Your Attack Surface Enhance Your…
Read More
The Top 7 AlgoSec Alternatives
The Top 7 AlgoSec Alternatives Can AlgoSec Security Management Suite Keep Up with Your Enterprise? Top Enterprise AlgoSec Alternatives What to Look for in an AlgoSec Competitor Enhance Your Enterprise…
Read More
Top 5 Enterprise Tufin Competitors
Top 5 Enterprise Tufin Competitors Is Tufin Software the Right Fit for Your Environment? Top Enterprise Tufin Alternatives What to Look for in a Tufin Competitor Enhance Your Enterprise Security…
Read More
Network Security Policies
Network Security Policies: The Definitive Guide What Are Network Security Policies? Types of Network Security Policies Importance of a Well-Designed Network Security Policy How to Implement Network Security Policies The…
Read More
Financial Services Cybersecurity: The Roadmap
Financial Services Cybersecurity: The Roadmap Importance of Cybersecurity in Financial Services Get a Demo From names and addresses to credit card details, account numbers, and transaction histories, financial services institutions…
Read More
What Is Attack Surface Management (ASM)?
What Is Attack Surface Management (ASM)? What Is an Attack Surface? Why Is Managing Your Attack Surface Important? Types of Attack Surfaces Key Attack Surface Management Functions ASM Challenges How…
Read More
Four Common Firewall Misconfigurations That Give Access To Bad Actors
Four Common Firewall Misconfigurations That Give Access To Bad Actors Four Common Firewall Misconfigurations Security Team Silos Cause Misconfigurations Automated Security Policy Management Solves For Misconfiguration In Summary Get a…
Read More
Asset Discovery: A Must Have for Understanding Your Complete Attack Surface
Asset Discovery: A Must Have for Understanding Your Complete Attack Surface Asset Discovery, a.k.a. You Can’t Manage What You Can’t See Why Speed is Important to Asset Discovery In Summary…
Read More
A Practical History of the Firewall – Part 4: The Next Generation
The Next-Generation Firewall Market Penetration of the Next-Gen Firewall The Platform The Future of the Firewall Book a DemoJody Brazil CEO at FireMon As hardware and software performance improved, the…
Read More
A Practical History of the Firewall – Part 3: Performance Takes Center Stage
The Rise of the ASIC The Appliance Becomes the Standard Security Goes Mainstream Book a DemoJody Brazil CEO at FireMon By the early 2000s, proxies had lost, and stateful inspection…
Read More
A Practical History of the Firewall – Part 2: The Value of Management
The Check Point Policy Editor The Check Point Central Object Repository Central Logging Multi-Domain Management and OPSEC Cisco and the CLI were a Dominant Player Book a DemoJody Brazil CEO…
Read More
A Practical History of the Firewall – Part 1: Early Days
Jody Brazil CEO at FireMon This is not a primer on firewalls, nor is it meant to represent a comprehensive picture of the history of the firewall. There are plenty…
Read More
FireMon’s Focus on Financial Services
FireMon’s Focus on Financial Services The Network Security Policy Management Your Institution Needs Compliance Made Convenient Cut Risks, Keep Confident Automate, Save, Secure Solutions That Evolve with Your Business Your…
Read More
Fueling Efficiency and Safety with FireMon
Fueling Efficiency and Safety with FireMon The High Stakes of Network Security in Oil & Gas The FireMon Approach: Fortifying Oil & Gas Cyber Networks Why FireMon Excels in Oil…
Read More
Retail Cybersecurity: The Importance of Compliance and Risk Management
Retail Cybersecurity A Shift in Retail IT Security What's at Stake? The Role of FireMon in Retail Cybersecurity Why Choose FireMon? FireMon: Built for Compliance Reporting Real-Time Compliance Management at…
Read More
Network Security: A Top Priority for Healthcare Organizations
Why Act Now? Why Choose FireMon? How is FireMon Better Book a Demo Healthcare companies have a responsibility to protect sensitive patient data and ensure compliance with regulations like HIPAA.…
Read More
Building a Privacy-Centric Organization with FireMon
How FireMon Can Help You Integrate Privacy into Your Business Foundation As organizations increasingly rely on technology to streamline operations and connect with customers, the need for robust privacy measures…
Read More
Empower Incident Response with Real-Time, Just-in-Time Alerts and Access
Here at FireMon we have a bit of a different take on Cloud Security Posture Management. Cloud Defense was built from the ground up to support real-time security operations. Our…
Read More
Securing Australia’s Critical Infrastructure: The Role of Asset Visibility in Meeting SOCI Obligations
As Australia has grown increasingly connected, the security of critical infrastructure has never been more paramount. In response to the evolving threat landscape, the Australian government enacted the Security of…
Read More
Improving the Grand Unified Theory of Cloud Governance
A smidge over a year ago I wrote the Grand Unified Theory of Cloud Governance. It’s a concept I’ve been playing with for about 5 or 6 years to try…
Read More
On Least Privilege, JIT, and Strong Authorization
I’ve been employed as a security professional for over 20 years. I cannot possibly count the number of times I have uttered the words “least privilege”. It’s like a little…
Read More
A Paramedic’s Top 2 Tips for Cloud Incident Response
One of the advantages of having a lot of unique hobbies is that they wire your brain a little differently. You will find yourself approaching problems from a different angle…
Read More
How and Why FireMon Pioneered Real-Time CSPM
Two years ago, FireMon elevated its game by introducing real-time features in our Cloud Defense platform. This was a significant development because it transformed our tool from a basic safety…
Read More
How Cloud Defense Free is Cheaper than Open Source/DIY CSPM
We are big supporters of open-source security tools and even employ some of them ourselves. However, it's not always the right answer. Deploying and managing the infrastructure and software updates…
Read More
Deep Dive on Real-Time Inventory
Early on at FireMon (well, before we became FireMon), we realized that attempting to live-assess customers' cloud accounts (including subscriptions/projects) was... problematic. Running that many assessments would quickly hit service…
Read More
The Mysterious Case of the Ephemeral Data Exposure
While we may not actively monitor customer accounts for findings and alerts, we recently had a customer reach out to us for a more proactive role in their journey towards…
Read More
FireMon Launches a More Powerful CSPM for Less
In the ever-evolving landscape of cloud security, businesses are on a perpetual quest for comprehensive yet cost-effective solutions to safeguard their cloud infrastructure. FireMon, a pioneer in network security management…
Read More
The Dangers of DIY Network Security Policy Management
Network security has become a top priority for enterprises to safeguard their sensitive data, protect against cyber threats, and ensure compliance with industry regulations. And rightfully so; with today’s rapidly…
Read More
Reflections from Infosec 2023: The Growing Interest in Asset Management and Discovery
FireMon recently had the privilege of attending the Infosec 2023 conference in London. It was a whirlwind of knowledge sharing, networking, and insightful discussions, with asset discovery and management emerging…
Read More
A Totally Cloud-Biased Retrospective of RSAC 2023
I had a bit of a weird moment a few weeks before the RSA Conference. I was grumbling a bit about finishing my slides, which were late due to an…
Read More
It’s Time to End the Cloud Security Tax
FireMon is really giving away basic, enterprise-scale Cloud Security Posture Management (CSPM) for free, no strings attached. Because we can, and because we should. Remember when you had to buy…
Read More
Understanding Desired Outcomes: How We Selected the Cloud Defense Free Feature Set
When we decided to launch a free version of FireMon Cloud Defense we knew we would have to balance two key challenges: We already knew our platform could scale, but could we…
Read More
The Ultimate Guide to a FireMon Technical Evaluation
Network security has never been more critical in the era of digital transformation. With cyber threats on the rise, enterprises require robust network security policy management solutions to protect their…
Read More
FireMon Deployment: What to Expect
After conducting a technical analysis and deciding on which NSPM solution is right for you, you may be wondering, “what now?”. Planning for an installation may seem like a daunting…
Read More
Requirements to Consider when Purchasing an NSPM Solution
In today’s fast-paced world, network security has become a top priority for organizations of all sizes. As the number and complexity of cyber threats continue to grow, it’s essential to…
Read More
How to Build a Business Case for FireMon
As organizations continue to expand their digital footprints, it’s essential to secure their infrastructure to avoid the exposure of sensitive data and financial losses. While the firewall investment is a…
Read More
Containing Compromised EC2 Credentials Without (Hopefully) Breaking Things
There are multiple techniques for containing compromised instance credentials. The easy ones are the most likely to break things, but there are creative options to lock out attackers without breaking…
Read More
Asset Visibility: A Critical Component of Security Hygiene
As the world becomes increasingly digitized, cybercrime has become one of the most significant threats that organizations face. Environments are expanding at a rapid pace and cybercriminals are always looking…
Read More
This March, Keep the Madness on the Court and Out of Your Network
With March Madness kicking off this week, we wanted to get in on the fun and run a bracket of our own! About a month ago, we posted a poll…
Read More
FireMon Cloud Defense Introduces Free Enterprise-Scale CSPM
FireMon is incredibly excited to introduce the industry’s first completely free unlimited CSPM for any size cloud deployments. A curated subset of features from our Cloud Defense platform designed to…
Read More
FireMon Policy Analyzer – Understanding Your Assessment
If you’re reading this blog, you’re likely interested in learning more about FireMon Policy Analyzer or have just run your first assessment and are curious how to get the most…
Read More
MSP Landscape, an interview with Steve Martinez
We sat down with FireMon’s MSP & Cloud Operations Strategic Account Executive, Steve Martinez to discuss the latest MSP landscape. Here’s how it went: 1. Could you tell us a…
Read More
The Grand Unified Theory of Cloud Governance
One of the toughest lessons I’ve learned as I’ve spent over a decade of my life helping organizations build cloud security programs is how it’s governance, not technology, that’s the…
Read More
AWS Permission Boundaries for Dummies
AWS permission boundaries are confusing. I know they are confusing because they confused me, and it took me a couple years to figure them out. I also know they are…
Read More
Cybersecurity Awareness Month Back to Basics: Phishing, don’t take the bait.
Cyber safety is not just for CISOs or techies anymore. Technology touches all of us nearly every single day, from baby nurseries to nursing homes. It is so important that everyone understands…
Read More
Back to Basics: What’s the Password?
Cyber safety is not just for CISOs or techies anymore. Technology touches all of us nearly every single day, from baby nurseries to nursing homes. It is so important that…
Read More
When MFA Isn’t Enough
Rule number one in cloud security is, “thou shalt use MFA at all times”. Why? Well, when you move to public cloud computing you essentially take all your administrative interfaces,…
Read More
Schrödinger’s Misconfigurations
It’s Thursday afternoon and you’re getting ready to leave work a little early because… you can. But then that pesky Deliverer of Notifications (also known as Slack) pops off a…
Read More
Considering Change Management? Consider FireMon
Save time and resources while eliminating the risks caused by misconfigurations Good policy hygiene relegates access to only what is necessary to meet the needs of the business: nothing more…
Read More
How to Select a Firewall Change Management Solution
The most common threat to business security is accidental firewall and cloud security group misconfigurations. Manual rule and policy management of complex ground-to-cloud networks introduces countless opportunities for error, and…
Read More
How to Select a Change Management Solution
The most common threat to business security is accidental firewall and cloud security group misconfigurations. Manual rule and policy management of complex ground-to-cloud networks introduces countless opportunities for error, and…
Read More
Prevent Ransomware with Proper Policy Hygiene
Ransomware attacks typically begin with phishing, credential hacks, or taking advantage of open vulnerabilities. Once the bad actor is in, they rummage around looking for access to their honeypot, a…
Read More
Ransomware is in the Cloud
Visibility, monitoring, and collaboration are the keys to identifying and preventing ransomware from breaching your infrastructure. In a world of rapid digital transformation, ransomware ranks among the top concerns for…
Read More
Implications of the AuthN/AuthZ Gap
It’s become common knowledge that in cloud, “identity is the new perimeter”. It’s a nice phrase that’s easy to toss into a presentation or an article, but turning it into…
Read More
Goodbye “Kill Chains”, Hello “Attack Sequences”
A few years ago at the RSA Conference I co-presented on the top cloud attack “kill chains”. Shawn Harris @infotechwarrior and I walked through what we considered to be the…
Read More
Visibility, Helping Win the Fight Against Ransomware
Organizations are steadily losing tens of millions of dollars to successful ransomware attacks, many of which were quietly paid and never made headlines. Ransomware can render your organization frozen and…
Read More
What You Need to Know About Ransomware in AWS
As bad of an issue ransomware is within data centers, I was a bit skeptical that it was much of a problem in cloud. I, personally, hadn’t run into any…
Read More
Security is Hard and the Stakes are High
How decision support tools improve both speed and accuracy for your security operations teams. It has been said that cybersecurity is an asymmetric game where the attackers have the advantage.…
Read More
Ransomware Attacks – The new normal?
Once again, the world is hit with another ransomware attack. Similar to the WannaCry Ransomware cyberattack last month, Petya is causing major pain among thousands of users, this time crippling banks and…
Read More
Looking Forward to Seeing You at RSA 2022
RSA 2022 is almost here! I’m excited to see many of you face-to-face in just a few weeks in San Francisco. So much has changed at FireMon since RSAC in…
Read More
Pragmatic Steps Toward Zero Trust
If you ask most security professionals to define zero trust, you’ll get an eye roll and an exasperated sigh. To many, it’s been little more than a marketing exercise—and let’s…
Read More
Five Tips to Ensure Consistent Security Hygiene
Security’s focus has always been on protecting against complicated, advanced attacks. The battle between advanced attackers and awesome defenders makes for a great story. You know, good vs. evil. Many…
Read More
Cloud Security Pioneer Rich Mogull Joins FireMon Team
It’s been seven months since DisruptOps joined FireMon with a mission to improve security outcomes by improving security operations. I’m excited to announce that DisruptOp co-founder Rich Mogull is joining…
Read More
FireMon Releases Timely Cisco Firepower Fix
One of the most critical aspects of proper security hygiene is keeping critical security devices patched and up-to-date. Firewalls and network security devices running outdated OSes is a top source…
Read More
Does SASE Make Sense in Your Environment?
Experts from FireMon and Zscaler discuss why you should consider SASE and what to know when you make the migration The world has gone hybrid. Some assets are on-premise and…
Read More
Scary Stories to tell in the Network
With Halloween around the corner, here’s a real-world firewall policy horror story. (For effect, feel free to imagine this in a scary, raspy cautionary voice… or Morgan Freeman if you…
Read More
One Simple Misconfiguration. 2.9 Billion Users Down
A routine maintenance error severs Facebook’s data centers from the Internet for over 6 hours On October 4, Facebook users suffered a complete outage affecting all apps including WhatsApp, Instagram,…
Read More
Introducing DisruptOps
Cloud security in your workflow. Not in your way. As we announced today, DisruptOps is now a part of the FireMon family of products. Perhaps the most exciting part of this…
Read More
The Power of the Minimum Viable Network
Understanding cloud networking is one of the biggest adjustments for organizations starting their cloud journey. As you look at the addressing scheme and the components, it kind of looks like…
Read More
Network Security Investment Priority #3: SASE
Global Independent Study of 500 Senior Level Respondents Provides Clear Picture for the Future of Network Security The Future of Network Security This is part 4 of a 6-part series…
Read More
Network Security Investment Priority #2: Zero Trust
Global Independent Study of 500 Senior Level Respondents Provides Clear Picture for the Future of Network Security The Future of Network Security This is part 3 of a 6-part series…
Read More
Network Security Investment Priority #1: Automation
Global Independent Study of 500 Senior Level Respondents Provides Clear Picture for the Future of Network Security The Future of Network Security This is part 2 of a 6-part series…
Read More
New Research: The Future of Network Security
Global Independent Study of 500 Senior Level Respondents Provides Clear Picture for the Future of Network Security Where 500 Enterprises are Placing Their Chips for an Agile Network Security in…
Read More
Uplevel Your Security and Networking Capabilities with Automation
The policies that are meant to protect us are becoming a threat vector themselves. As network complexity explodes and as enterprises incorporate SASE, MPLS, virtual firewalls, and network security groups…
Read More
3 Steps to Reduce Risk in Your Cloud Environment(s)
How to Ensure Trust and Security in Enterprise IT and the Cloud Cloud security risk management should be the same as reducing risk on-premise. Yet more than half of respondents…
Read More
Don’t Get Comfortable: More Change is Coming
The year that changed everything, and how you’ll have to adapt in 2021 The pandemic will burn itself out eventually, but its effects will not. We’re different people now –…
Read More
How continuous monitoring protects complex environments by finding vulnerabilities
The Known Network How continuous monitoring protects complex environments by finding vulnerabilities as they occur Your network can be secure one minute and insecure the next. Firewall misconfigurations, policy conflicts, new…
Read More
Your 2021 Cloud Security Recommendations
Your 2021 Cloud Security Recommendations (Assuming 2020 Ever Ends) 2020. So THAT just happened. When it comes to cloud security, 2020 was like pouring rocket fuel onto a gasoline fire; our three…
Read More
3 Ways to Streamline Network Security Automation That Will Transform Your Organization
Network security automation uses machines to programmatically execute security tasks. Typically, network security automation is used to manage the low-complexity, high-volume aspects of detection, investigation, and mitigation. For instance, automation…
Read More
FireMon Partners with Zscaler to Ensure Security and Compliance across the Entire Hybrid Network
As enterprises move to hybrid-cloud networks, they need more visibility than ever. But, despite the compelling business case of cloud-first technologies like Secure Access Service Edge (SASE), technology leaders often worry about maintaining…
Read More
Why We’re Thankful for You – the Network Security Professional
Network security professionals are unsung heroes. Everyday news app visitors won’t read about all the wonderful work you’re doing. On occasion, they’ll only see and read about fellow professionals having…
Read More
Network Security, Performance & Scalability | NSPM Success
In this series, FireMon looks at the five most important capabilities a network operator must build into their management practices in order to keep their environments secure, compliant, and ready…
Read More
Firewall Security: Is a Secure, Firewall-less Network Possible? Perhaps, But Why Would You?
Just three years ago, technology headlines were rife with articles stating that the firewall was obsolete. And maybe that prophecy would have come true if we were stuck with the same old firewalls…
Read More
Myth #4: Real-Time Network Visibility Is Impossible
This is part 4 of a 4-part series addressing compliance myths and what you need to know about uniting compliance and security in a hybrid environment. Read myth #3 here. The…
Read More
Adapt to Change: Network Policy Change Management | The 5 Critical Success Factors to Agile NSPM
In this series, FireMon looks at the five most important capabilities a network operator must build into their management practices in order to keep their environments secure, compliant, and ready…
Read More
Adapt to Change: Firewall Change Management Process
In this series, FireMon looks at the five most important capabilities a network operator must build into their management practices in order to keep their environments secure, compliant, and ready…
Read More
COMPLIANCE & SECURITY MYTH #3: It’s Better To Block Than To Permit Access
This is part 3 of a 4-part series addressing compliance myths and what you need to know about uniting compliance and security in a hybrid environment. Read myth #2 here. One…
Read More
Integrate Anywhere: API-First Agile Approach | The 5 Critical Success Factors to Agile NSPM
In this series, FireMon looks at the five most important capabilities a network operator must build into their management practices in order to keep their environments secure, compliant, and ready…
Read More
See Everything: Continuous Visibility Across Your Hybrid Network – The 5 Critical Success Factors to Real-Time Security Policy Management
We’re in the middle of a business model revolution. Transformation, automation, and globalization are enabled by emerging technologies like artificial intelligence, IoT, mobile, and cloud-native apps. As a result, the typical…
Read More
Myth #2: Compliance Is Only Urgent When There’s an Audit
This is part 2 of a 4-part series addressing compliance myths and what you need to know about uniting compliance and security in a hybrid environment. Many organizations have adopted…
Read More
We Heard You. An Agile Approach to Network Security Policy Management
An Agile Approach to Managing Network Security Policy Today we announced the industry’s first agile network security policy platform which marks both the delivery of core new features and a statement of…
Read More
The Tragedy of Security Dies on the Crucible of DevOps
Security ain’t what it used to be. Or perhaps it’s always been this way and it merely seems different due to the slow degradation of my youthful idealism. Security is…
Read More
Preventing Security Misconfigurations: Change Management and Compliance
It’s an enormous and unending daily challenge to make sure that changes to firewall policies are not just executed quickly and efficiently, but changes don’t decrease the security of your…
Read More
Advanced Techniques for Defending AWS ExternalID and Cross-Account AssumeRole Access
Last month Kesten Broughton at Praetorian Security released some great research on third party cloud security products using Amazon’s preferred cross-account connection technique – AWS IAM Assume Role Vulnerabilities Found in…
Read More
Hybrid Cloud Security Best Practices: Top Cloud Security Challenges
Without question, public cloud providers have made the deployment of applications and services simpler than ever. But while complexity has never been easier, security has never been more difficult. FireMon’s 2020…
Read More
Building Security into Your Cloud-First Business
Key Terms Cloud Software, services, and databases that run on a shared infrastructure. Cloud-first The idea that organizations should try to run as many of their processes and workflows in…
Read More
Security Teams Unprepared for COVID-19 Cyberthreats According to Primary Research Study
Government departments and contractors are rapidly undergoing digital transformations to public and hybrid cloud infrastructures, and now more than ever require increased network visibility to reduce complexity and ensure security.…
Read More
Top 5 Network Security Challenges in 2021 and Beyond
Top 5 Network Security Issues Organizations Face and How to Address Them 5 Key Threats to Network Security How Better Network Security Helped a Healthcare Organization Achieve Compliance and HITRUST…
Read More
Network Vulnerability: It May Not Mean What You Think It Means
Key Terms Network vulnerability A flaw in computing environment or associated processes that can potentially be exploited by malicious actors Context The circumstances around a vulnerability that shed light on…
Read More
Global SAAS Leader Chooses FireMon to Automate Network Security. Here’s Why.
In the age of clouds and hybrid clouds and multi clouds, effectively managing network and firewall policy and compliance isn’t a simple matter for any organization. That’s especially true for…
Read More
Why Security Misconfiguration Are Higher During Covid-19
There are good reasons your IT security team may be looking a bit sleep-deprived. In addition to the stress of the COVID-19 pandemic everyone is facing, they’re also facing heightened…
Read More
Security Misconfigurations in the Pandemic – and What to Do About Them
Change has never been a friend of network security. Neither has complication. Right now, we have too much of both. The Covid-19 pandemic has resulted in an unprecedented shift to…
Read More
Without automation, security gets harder during a business disruption
FireMon’s 2020 State of Hybrid Cloud Security Survey found that 69.5 percent of respondents have a security team of just 10 people or fewer. And most manage both on-premise network security and cloud security. These teams are already bogged down…
Read More
Network visibility is a differentiator for innovation
Before working for FireMon, I was a cybersecurity professional at a Fortune 500 where I inherited a lot of firewalls with a lot of rules. Complexity was king, and chaos…
Read More
The Overly Complex Way CloudTrail and CloudWatch Events Work Together
One of the most vexing issues in my cloud journey has been understanding how CloudTrail and CloudWatch Events work together. For some reason it took me years (and a lot of testing)…
Read More
Breaking Attacker Kill Chains in AWS: IAM Roles
Over the past year I’ve seen a huge uptick in interest for concrete advice on handling security incidents inside the cloud, with cloud native techniques. As organizations move their production…
Read More
Demonstrating Continuous Compliance Across the Hybrid Enterprise
Change. The regulatory environment is always changing and staying on top of it with an IT landscape that is growing and evolving into hybrid cloud mishmashes is a daunting task. …
Read More
Something You Probably Should Include When Building Your Next Threat Models
We are working on our threat models here at DisruptOps, so I decided to refresh my knowledge of different approaches. One thing that quickly stood out is that nearly none…
Read More
The 4 Phases to Automating Cloud Management
A Security Pro’s Cloud Automation Journey Catch me at a conference and the odds are you will overhear my saying “cloud security starts with architecture and ends with automation.” I…
Read More
Consolidating Config Guardrails with Aggregators
In Quick and Dirty: Building an S3 guardrail with Config we highlighted one of the big problems with Config: you need to set it up in each region of each account. Your…
Read More
Why Everyone Automates in Cloud
If you see me speaking about cloud it’s pretty much guaranteed I’ll eventually say “Cloud security starts with architecture and ends with automation.” I’m nothing if not repetitive. This isn’t…
Read More