As the security industry finally leaves Las Vegas after a full week of Black Hat, Defcon, and Bsides, we wanted to set aside some time to take stock and think about all the trainings, presentations, research, and conversations during our week in the desert. One of the overarching takeaways that was cemented by Dino Dai Zovi’s keynote is the critical need for security to become embedded in our culture. Read more “Black Hat 2019 Recap: Transformation & the New Cybersecurity Culture”
The last day of the first AWS re:Inforce conference has wrapped up and it’s time to take the lessons we learned back to the office and put them into practice. In this post, we’ve compiled a few of the key takeaways from our team on the ground at re:Inforce broken into Day 1 and Day 2. We did a deep dive into Day 1 already, so check out the full post if you want to dig into the details. Read more “AWS re:Inforce 2019 Recap: A Look Back at the First AWS Security Show”
Note: For a recap of Day 2, please take a look at AWS re:Inforce Recap: A Look Back at the First AWS Security Show.
Day 1 of AWS re:Inforce 2019 — the first-ever AWS conference dedicated entirely to security — has wound down, and Day 2 is already underway, but we wanted to provide a quick recap for those of you who couldn’t make it to the show or were too busy to get the big picture. Here are a few of the high-level takeaways from the Threat Stack Team on the ground at re:Inforce 2019. Read more “AWS re:Inforce 2019 — Day 1 Recap”
Threat Stack Delivers Wake Up Call
Wide open SSH and infrequent software updates among top risks identified in the majority of cloud-based environments
How effective are your AWS security configurations? And how do you know for sure?
In a recent eye-opening study, Threat Stack found that 73% of companies have at least one critical security misconfiguration, such as remote SSH open to the entire internet. By “critical”, we mean configuration lapses that enable an attacker to gain access directly to private services or the AWS console, or that could be used to mask criminal activity from monitoring technologies.
If we caught your attention with that opening statistic, please read on. Read more “73% of Companies Have Critical AWS Security Misconfigurations”