The last day of the first AWS re:Inforce conference has wrapped up and it’s time to take the lessons we learned back to the office and put them into practice. In this post, we’ve compiled a few of the key takeaways from our team on the ground at re:Inforce broken into Day 1 and Day 2. We did a deep dive into Day 1 already, so check out the full post if you want to dig into the details. Read more “AWS re:Inforce 2019 Recap: A Look Back at the First AWS Security Show”
Note: For a recap of Day 2, please take a look at AWS re:Inforce Recap: A Look Back at the First AWS Security Show.
Day 1 of AWS re:Inforce 2019 — the first-ever AWS conference dedicated entirely to security — has wound down, and Day 2 is already underway, but we wanted to provide a quick recap for those of you who couldn’t make it to the show or were too busy to get the big picture. Here are a few of the high-level takeaways from the Threat Stack Team on the ground at re:Inforce 2019. Read more “AWS re:Inforce 2019 — Day 1 Recap”
AWS re:Inforce 2019 | June 25–26, 2019 | Boston, MA
Attending cloud security conferences is critical for cloud security professionals, and AWS is stepping up to the plate with AWS re:Inforce — its first-ever conference focused exclusively on cloud security.
This event will benefit security professionals who need the latest technical know-how and is a must for anyone who works with security in the cloud, especially those who work with AWS. It’s going to be a worthwhile event for security professionals, developers, systems architects, engineers, decision-makers, and more.
(For more helpful resources to help you stay at the top of your profession, visit our guide to the best cloud security training resources and our favorite cloud security podcasts.) Read more “Your Guide to AWS re:Inforce 2019”
The lack of a common framework for assessing Cloud Service Providers (CSPs) combined with the fact that no two CSPs are the same can complicate the process of selecting one that’s right for your organization. Selecting CSPs becomes even more complex when you consider the fact that more and more companies are adopting a multi-cloud approach for a variety of reasons, including cost savings, reduced risk of vendor lock-in, and data portability. (Gartner estimates that 75% of organizations will be using a multi-cloud strategy by 2022.) Add in the adoption of abstraction technologies such as containers, and workloads become for more portable between CSPs. To help you work through this, we’re using this post to discuss seven basic criteria you can use to identify providers that best match your business, technical, and operational needs.
How do you choose a public cloud provider — or if you’re planning to go multi-cloud — cloud providers? Let’s start with the major players. Read more “7 Cloud Service Evaluation Criteria to Help You Choose the Right Cloud Service Provider”
More often than not we’ll need to go beyond a Severity 1 alert to figure out what a user (including a potentially malicious attacker) was doing on a system. Host events in particular only show a small part of the picture, and a single alert can’t always give you the context necessary to make an escalation decision. This blog post explains how to pivot from a Host event to a user’s session and how to move from a single user-related alert to the user’s session using the data provided by your intrusion detection system. Read more “How to Track Agent-Based User Activity”
In a recent study, 72% of CISOs stated that their teams are facing alert fatigue, while 82% of respondents to a Threat Stack survey indicated that alert fatigue is having a negative impact on their organization’s well-being and productivity.
Traditional approaches to managing security alerts have often driven teams into a reactive mode where they’re overwhelmed by huge volumes of noisy alerts or spend far too much time gathering information and digging around in log files. If this proliferation of data is transformed into relevant and actionable intelligence, however, teams can overcome alert fatigue, identify and respond to critical issues in real time, and reduce risk continuously over time.
In this post, we’ll take a look at some best practices on how you can move away from reactive, ad hoc tactics and adopt a structured, proactive approach by making alerts a key element of your overall information security strategy. Read more “Transforming Alert Fatigue Into Proactive Security Management”
Increasingly, AWS users are leveraging multiple accounts to manage their infrastructure. While doing so is a recommended best practice that enables users to achieve the highest levels of resource and security isolation and to optimize operational costs, it can also increase the amount of time and effort required for effective administration and remediation.
As a remedy to this problem (and “account sprawl” in general), and as a means of providing more granular alerting and actionable data, Threat Stack has built two key functionalities into its Cloud Security Platform®:
- The ability to view multiple AWS accounts from one central location: Our unified view reduces admin time and provides significant convenience because end users no longer need to gather information and alerts from multiple accounts. This means you can focus on business issues and not administration!
- Rulesets that are focused on giving more granular alerting and context to your interactions with the AWS control plane: Our extensive out-of-the-box rulesets give customers increased control plane visibility and more granular tracking of AWS API actions within their accounts, and you still have the flexibility of creating new rules and modifying existing rules (as we have previously documented.)
This AWS Security Readiness Checklist is intended to help organizations evaluate their applications and systems before deployment on AWS. This evaluation is based on a series of best practices and is built off the Operational Checklists for AWS1. Read more “AWS Security Readiness Checklist”
Securing any cloud infrastructure is a big job. You need to be constantly up to date on skills, tools, and technology, as well as the vulnerabilities and threats that crop up continuously. When it comes to security, becoming stagnant is not an option. A good cloud security professional only remains on top by keeping up with the latest cloud security trends, emerging threats, and best practices.
That’s where cloud security conferences come in, bringing together top experts, cloud security thought leaders, and industry professionals to share tips, tricks, and the latest tactics for bolstering cloud security in the modern landscape.
With the spring conference season kicking off, we’ve rounded up 40 cloud security conferences, grouped by quarter, so you can easily plan your schedule for 2019. For the most part, we’ve focused on North America — but keeping in mind that security is a global issue, of course — we’ve also included a few key events that are being held in other locations.
- Q1 Cloud Security Conferences
- Q2 Cloud Security Conferences
- Q3 Cloud Security Conferences
- Q4 Cloud Security Conferences
(For more first rate resources on cloud security, visit our list of the 50 best cloud security training resources, or subscribe to some of our favorite cloud security podcasts to stay on top of the latest cloud security news, emerging threats, and best practices.)
Before jumping into the 2019 conference offerings, take a look at one of the shows we’re most excited about — the new AWS re:Inforce Conference that’s coming up right in our backyard (Boston, MA) on June 25 and 26. Read more “The Best Cloud Security Conferences to Attend in 2019”
AWS Security Groups are a flexible tool to help you secure your Amazon EC2 instances. AWS Security Groups are just one of several tools AWS offers to help you secure your cloud environment, but that doesn’t mean AWS security is hands-off. You’re still responsible for securing your applications and data in the cloud, and that means you need to leverage additional tools, such as Threat Stack, to gain better visibility and take a proactive approach to security in the cloud. Threat Stack is an AWS Advanced Technology Partner, offering an intrusion detection platform that’s built in AWS, to serve AWS.
As we found in a recent survey, nearly three-fourths of companies have at least one critical AWS security misconfiguration. That’s why it’s imperative to understand the various tools AWS makes available to users and how to best utilize them to keep your data secure. Here’s a look at how AWS Security Groups work, the two main types of AWS Security Groups, and best practices for getting the most out of them. Read more “AWS Security Groups: What They Are and How to Get the Most Out of Them”