This AWS Security Readiness Checklist is intended to help organizations evaluate their applications and systems before deployment on AWS. This evaluation is based on a series of best practices and is built off the Operational Checklists for AWS1. Read more “AWS Security Readiness Checklist”
Securing any cloud infrastructure is a big job. You need to be constantly up to date on skills, tools, and technology, as well as the vulnerabilities and threats that crop up continuously. When it comes to security, becoming stagnant is not an option. A good cloud security professional only remains on top by keeping up with the latest cloud security trends, emerging threats, and best practices.
That’s where cloud security conferences come in, bringing together top experts, cloud security thought leaders, and industry professionals to share tips, tricks, and the latest tactics for bolstering cloud security in the modern landscape.
With the spring conference season kicking off, we’ve rounded up 40 cloud security conferences, grouped by quarter, so you can easily plan your schedule for 2019. For the most part, we’ve focused on North America — but keeping in mind that security is a global issue, of course — we’ve also included a few key events that are being held in other locations.
- Q1 Cloud Security Conferences
- Q2 Cloud Security Conferences
- Q3 Cloud Security Conferences
- Q4 Cloud Security Conferences
(For more first rate resources on cloud security, visit our list of the 50 best cloud security training resources, or subscribe to some of our favorite cloud security podcasts to stay on top of the latest cloud security news, emerging threats, and best practices.)
Before jumping into the 2019 conference offerings, take a look at one of the shows we’re most excited about — the new AWS re:Inforce Conference that’s coming up right in our backyard (Boston, MA) on June 25 and 26. Read more “The Best Cloud Security Conferences to Attend in 2019”
AWS Security Groups are a flexible tool to help you secure your Amazon EC2 instances. AWS Security Groups are just one of several tools AWS offers to help you secure your cloud environment, but that doesn’t mean AWS security is hands-off. You’re still responsible for securing your applications and data in the cloud, and that means you need to leverage additional tools, such as Threat Stack, to gain better visibility and take a proactive approach to security in the cloud. Threat Stack is an AWS Advanced Technology Partner, offering an intrusion detection platform that’s built in AWS, to serve AWS.
As we found in a recent survey, nearly three-fourths of companies have at least one critical AWS security misconfiguration. That’s why it’s imperative to understand the various tools AWS makes available to users and how to best utilize them to keep your data secure. Here’s a look at how AWS Security Groups work, the two main types of AWS Security Groups, and best practices for getting the most out of them. Read more “AWS Security Groups: What They Are and How to Get the Most Out of Them”
One of the biggest benefits of the Threat Stack Cloud Security Platform® is the deep level of visibility we bring to observing operator behaviors in customers’ cloud runtime environments. We frame this discussion in terms of “security observability,” and it can be distilled into a single question: “If suspicious or risky behaviors occur on one of your servers, what can you see and how quickly can you see it?” Read more “Threat Stack Introduces Bulk Data Export Feature”
Cloud computing has become a necessity for almost all businesses. Given this reality, there is a significant need to design, develop, deploy, manage, and secure workloads in the cloud.
AWS offers a multitude of certifications, and having relevant certifications is an important way you can demonstrate cloud credibility and competence as an individual and how your organization can demonstrate value to its customers.
With that in mind, here’s a list of nine key AWS Security Certifications to consider. Whether you’re just starting to build your cloud credentials, looking to expand your skills and expertise in a particular area, or want to deepen your expertise, there should be something to match your needs among these industry-recognized certifications. Read more “9 Core & Specialty AWS Security Certifications”
As AWS continues to expand its services landscape, Threat Stack has made a commitment to keeping in step by crafting additional coverage that keeps your cloud environment secure. The latest additions we’ve made to Threat Stack’s CloudTrail rules are focused on giving more granular alerting and context to your interactions with the AWS control plane.
Threat Stack has significantly expanded the CloudTrail Base Ruleset in its Cloud Security Platform®. Not only have we increased the number of rules from 26 to 87 — we have also provided rules for five AWS Services that were not covered previously (DynamoDB, Elastic Container Service, Elastic Kubernetes Service, Security Token Service, and AWS Support). And don’t forget — the Cloud Security Platform still gives you the flexibility to create custom rules based on CloudTrail event data.
While we’re not going to comment on all 87 rules in this post, we are going to focus on important highlights, including:
- New rules to cover five additional AWS Services
- Expanded rules for Identity and Access Management (IAM)
- Expanded rules for Virtual Public Cloud (VPC)
The new rules for five additional AWS Services are discussed in Part 1 below, while Part 2 gives an overview of the expanded rules for AWS Services that we already support. Read more “Threat Stack Announces New and Enhanced CloudTrail Rules”
Insecure data deserialization first made its way into OWASP’s 2017 Top 10 list by way of community feedback. In the history of application security, that makes it a relatively new vulnerability that can be harder to detect due to the way it uses popular code libraries that are commonly used in web development.
The Threat Stack Cloud SecOps Program℠ exists not only to monitor customer environments and investigate alerts, but also to work with customers to help them improve their security postures. Occasionally, here in the SecOps Program’s security operations center (SOC), we get questions about the detection capability of the Threat Stack Cloud Security Platform®, and whether it is capable of detecting new and advanced attack vectors. (Our system uses behavioral detection, which is an extremely robust methodology for detecting new and old attack techniques.)
In this post, I’ll walk through how my colleagues and I in the SOC addressed an inquiry regarding a specific insecure deserialization exploit seen in the wild. Read more “Detecting Unsafe Data Deserialization With Threat Stack”
Another year at AWS re:Invent has come and gone. As usual it was a jam packed show full of exciting announcements, great keynotes, sessions, and interesting conversations. In case you couldn’t make it to Vegas this year or could use a summary of what you missed while you were running between sessions, here are some of the highlights from our week in the desert. Read more “AWS re:Invent 2018 Recap: Security, DevOps, ML, & Hybrid Cloud Take Center Stage”
The adage “Everything old is new again,” rings true in the cybersecurity industry as much as anywhere else. Some of the best practices from old-school network security still apply to modern virtual server or containerized environments.
Even though hackers are becoming increasingly sophisticated with their attacks, applying some of these oldies but goodies to your arsenal could help reduce the risk of a security incident or breach.
Here are a few security best practices that stand the test of time. Read more “Three Old-School Network Security Tips That (Still!) Work for Modern Infrastructure”
That’s right. The tl;dr is that Threat Stack is launching a podcast series called Your System Called — and I’ll be hosting it. You can access the podcast on iTunes, subscribe via RSS, or preview the first two episodes below. Read more “Introducing Threat Stack’s New Podcast: “Your System Called””