We’ve written before about what it means to meet compliance standards without going completely overboard. Today, we want to talk about how that applies to cloud security as well. Some teams mistakenly believe that their security posture needs to be absolutely perfect. That’s not only overwhelming — it’s impossible.
More to the point, the reality of today’s security landscape is that cybercriminals are always looking for the path of least resistance. If company A has reasonably good security safeguards in place and company B does not, criminals aren’t going to waste resources poking at company A until they find a weakness. They’ll go after company B.
This is why we tell organizations that, when it comes to security, perfect can often be the enemy of good. Rather than trying to make your organization perfectly airtight, it’s time to focus on making your company as unappealing an attack target as possible. Here’s how. Read more “Don’t Make Perfect Security the Enemy of Good Security”
Investing in SecOps doesn’t just mean hiring folks who know how to blend together software development, IT operations, and security skillsets. It also doesn’t just mean telling your DevOps team to run secure or scolding your security team into moving fast enough to keep up with continuous deployment.
Truly committing to SecOps means investing in tools that can do double (or triple) duty — helping you not only release code continuously but ensure that everything from your back-end infrastructure to your customer-facing applications is 100% secure. It means investing in tools that make meeting both DevOps and security best practices simple and straightforward.
As DevOps expands to include more security functions and security evolves to be more agile, it’s never been more important (or economical) to be able to use operational tools for security and security tools for operations. DevOps teams want software that can integrate critical functions of security, like alerting, directly into their current processes. Security teams want tools that let them seamlessly interact with DevOps.
Here’s what that should look like. Read more “How to Use Ops Tools for Security and Security Tools for Ops”
This post offers valuable tips on how to easily assess how well your AWS environment is configured using Configuration Auditing. So, let’s get started…
What is a Cloud Security Baseline?
The phrase is bandied about a lot, so let’s get to it: What is a security baseline?
One of the problems that many organizations run into, especially when they are starting out in cloud security, is not knowing where to start and not having specific data to help them define and improve the status of their cloud security.
That’s where a baseline proves critical. CERN Computer Security defines a security baseline as “a set of basic security objectives which must be met by any given service or system.”
If you put this in the context of cloud security, a baseline will show you how closely a snapshot of your current cloud environment conforms to industry best practices and benchmarks.
This sounds a bit academic, so let’s get down to specifics by taking a look at Threat Stack Audit— the new product we are offering to help you establish and maintain a baseline. Read more “How Securely Configured is Your AWS Environment?”
It’s easy to get distracted by splashy headlines about breaches at corporations with household names. And of course state-sponsored, targeted cyberattacks are sexier than your average phishing scam. But just because a particular threat is newsworthy doesn’t mean it’s the right thing to spend your organization’s valuable resources protecting against.
The reasons for this may not be completely obvious, so let’s take a moment to understand why looking outward at newsworthy security attacks can actually hurt your company’s security posture. Then we’ll explain why an inward-facing approach is more effective. Read more “Ignore the Splashy Headlines: Why Security Should Look Inward, Not Out”
Security maturity in the cloud is an important topic lately, from evolving security with existing DevOps practices, to automating security across your infrastructure, to getting the information you need to piece together what occurred when there is a security incident.
And at the same time, many organizations just don’t know where to start. Read more “Threat Stack’s New Packaging for Your Cloud Security Journey”
When things are hectic at your organization, compliance may not feel like the highest priority. If you aren’t in an industry that absolutely requires compliance, it can feel like a box to check — more of a nice-to-have than a must-do. In other cases, it may seem like a good idea . . . but one that can be kicked down the road indefinitely. However, we believe it’s a good idea to approach compliance early — often earlier than you may think.
Indeed, there are some situations in which compliance can actually move the needle in a big way for your business, either positively or negatively. Here are three specific, value-driven reasons why you should consider being proactive about compliance and get out ahead of it before it’s too late. Read more “Three Good Reasons to Get Compliant Now”
Your incident management process is greatly impacted by the tools you have available to carry it out. Technology should be your friend when it comes to gaining visibility and obtaining contextual data. You need tools to send alerts when issues arise, as well as track activity for compliance reporting purposes.
So, how do you choose the right incident management tools for your organization’s use cases? Read more “How to Choose the Right Tools for Incident Management and Reporting”
Automating security processes and workflows can help teams lower Mean Time To Resolution (MTTR), maintain or strengthen an organization’s security posture, and drive operational efficiency. Sounds pretty good, right?
In our recent Cloud Security Use Cases Playbook, we took a look at the key operational processes that all teams should have in place and some of the ways they can continually optimize those processes over time. Today, let’s take a look at how automation can provide ongoing, deep visibility and supercharge your security operations, all while saving you time and resources. Read more “How to Use Automation to Improve Your Cloud Security Posture”
In Part 1 of this two-part series, we put a magnifying glass on some of the top cloud security trends and lessons learned in 2016. In Part 2, we’re going to look at where we believe cloud security is headed over the next year.
Read more “How to Secure Your Cloud Environment for What’s Next”
What’s your priority: to become a Security Company or be a Secure Company?
If you’re truly in the security business, then of course you’ll be building your own security platform. For all the rest, please keep reading . . .
In this post I will cover some of the challenges involved in building a cloud security platform like Threat Stack. My goal is to give you a clear idea of what is involved and the complexity, so you can make a decision about building or buying that is meaningful from both an engineering and a business perspective.
Spoiler alert: In my view, the right choice for most companies is not to build their own security. Most should strive to become Secure Companies so they can get on with their core business. Read more “To Build or Buy Your Own Security Platform: That is the Question”