Cloud Center of Excellence
Your 2021 Cloud Security Recommendations
Your 2021 Cloud Security Recommendations (Assuming 2020 Ever Ends) 2020. So THAT just happened. When it comes to cloud security, 2020 was like pouring rocket fuel onto a gasoline fire; our three…
Read More
The Tragedy of Security Dies on the Crucible of DevOps
Security ain’t what it used to be. Or perhaps it’s always been this way and it merely seems different due to the slow degradation of my youthful idealism. Security is…
Read More
Advanced Techniques for Defending AWS ExternalID and Cross-Account AssumeRole Access
Last month Kesten Broughton at Praetorian Security released some great research on third party cloud security products using Amazon’s preferred cross-account connection technique – AWS IAM Assume Role Vulnerabilities Found in…
Read More
The Overly Complex Way CloudTrail and CloudWatch Events Work Together
One of the most vexing issues in my cloud journey has been understanding how CloudTrail and CloudWatch Events work together. For some reason it took me years (and a lot of testing)…
Read More
Breaking Attacker Kill Chains in AWS: IAM Roles
Over the past year I’ve seen a huge uptick in interest for concrete advice on handling security incidents inside the cloud, with cloud native techniques. As organizations move their production…
Read More
Something You Probably Should Include When Building Your Next Threat Models
We are working on our threat models here at DisruptOps, so I decided to refresh my knowledge of different approaches. One thing that quickly stood out is that nearly none…
Read More
The 4 Phases to Automating Cloud Management
A Security Pro’s Cloud Automation Journey Catch me at a conference and the odds are you will overhear my saying “cloud security starts with architecture and ends with automation.” I…
Read More