The other week we outlined a number of resolutions to put you on the path to a cyber-secure 2018. In this post we’re going to direct you to some of the resources we produced in 2017 that will help you carry out those resolutions.
2017 was an eventful year in the cybersecurity world — to say the least! It seems that every day a new threat or major breach was causing a stir — whether it was Equifax, the RNC voter data exposure, WannaCry, Uber, Alteryx, or — to start the new year — Spectre and Meltdown!
If you want to take a look at the World’s Worst Data Breaches, here you go. But we’re going to stick to our preferred approach: After you read the splashy headlines, look inward to make sure your own data and systems are secure. To help you secure and manage your cloud environments, we’ve put together a summary of a few of the great resources we produced in 2017.
Each of the following links will take you to a webinar recap, and each recap has a full recording embedded:
In this webinar, Chris Gervais delivers great advice on ways your organization can significantly strengthen its security posture — without running up a big bill.
Chris Gervais and Katie Paugh, G2 Technology Group’s Security Architect, discuss a simple workflow that every company can follow to successfully implement an effective security plan.
Pat Cable, Threat Stack senior security engineer, Amazon’s security strategist, Tim Sandage, and SessionM’s director of technical solutions and operations, Jason LaVoie, look at ways that companies can become secure by design using automation.
Threat Stack spoke with Ryan Buckner, Principal at Schellman & Company, and Kevin Eberman, Director of Ops at MineralTree. Using the cloud as our lens, we discussed the ways in which companies can better understand and navigate compliance.
This webinar outlines important steps that all companies should be implementing to reduce time-to-detection and ensure that they are the first ones to know about an issue — and to do it in a way that won’t put a resource drain on your resources.
This webinar, featuring Sabino Marquez, Allocadia’s CISO, outlines best practices for using “lean security” to achieve SecOps efficiency in the cloud.
Additional Threat Stack Webinars From 2017
This ebook is designed for small to mid-sized organizations that have limited security personnel (or none at all) along with limited budgets and technical resources. It offers best practices for getting the best results from your existing people, processes, and tools.
Myth Busting dispels misconceptions and explains why modern intrusion detection offers the best protection in a cloud environment against attacks, insider threats, and data loss while enabling you to operate and scale at cloud speed.
Fast-Tracking provides guidance for: Demonstrating cloud compliance and security; Identifying threats and vulnerabilities; Measuring, mitigating, and monitoring risk. It also includes three case studies that show how other organizations have tackled compliance in the cloud.
If your organization is just starting out in cloud security — whether it’s a rapidly growing startup or a more established company — this eBook is for you. It’s a roadmap full of industry-proven practices that will put you on the fast track to cloud security monitoring, addressing your first round of security concerns, and measurably improving your security stance.
Additional Threat Stack eBooks From 2017
- Compliance Playbook for Cloud Infrastructure: A Guide for Building Compliant Businesses in the Cloud
- SecOps Playbook: How SecOps Enables Secure Code Release, At Scale and At Speed
- Cloud Security Use Cases Playbook: A Tactical Guide to Implementing Security & Optimizing Workflows
- Moving to the Cloud? Your Guide to Planning a Secure and Frictionless Migration
- Cloud Infrastructure Security Buyer’s Guide: Your Reference for Selecting a Cloud Security Platform
We have almost 500 posts on our blog. Here’s a sampling from last year’s output:
Building and sustaining strong security grows out of an effective integration of the right people, technologies, policies, and procedures. This post gives you insights into how to make these elements work for you.
In this post, Christian Lappin explains how Threat Stack’s intrusion detection platform coupled with a SIEM (Splunk, Sumo Logic, Graylog, or other) is a powerful combination that will yield stronger security, faster results, and lower operating expenses.
As DevOps expands to include more security functions and Security evolves to be more agile, there are compelling reasons why you should know how to use Ops tools for security and security tools for Ops. This post tells you what you need to know.
This post explains why prevention techniques and technologies can’t be your only defense. This post clarifies what detection does that prevention can’t, what to watch out for if you’re relying on prevention alone, and how you can use both in parallel.
If you are high on security requirements and low on time, resources, and budget, this post can help you set up a security strategy that offers protection now and scales as your organization grows.
HelloSign offers secure and legally binding eSignature solutions to companies across all industries. To protect this data, HelloSign is beholden to compliance requirements such as HIPAA and SOC 2, but over and above compliance, HelloSign’s business relies on having a strong security posture that enables customers to trust them with their sensitive documents.
In this post, HelloSign explains why they chose Threat Stack to strengthen their security posture, accelerate security responses, and simplify compliance as they continued to scale.
Gartner predicts that 95% of cloud security failures from now until 2020 will be the customer’s fault. That means when something goes wrong, it’s probably not AWS or Azure’s fault. Chances are, you’ll have to point the finger at your organization. With that in mind, this post outlines a number of proactive steps you can take to minimize the likelihood that you’ll become one of the cloud security failures.
SOC 2 is a complex set of requirements that must be reviewed and carefully addressed. But it doesn’t have to be overwhelming. To make SOC 2 more understandable and manageable, this post breaks down nine of the most common basic questions that we hear about SOC 2.
Whether you’re in security, operations, or another related discipline, choosing the right cloud security products can be a complex process. With thousands of options, each with their own nuances, how do you know which tool, or mix of tools, is going to be right for your organization? This post will help you identify the solutions that will fit your specific requirements.
This report, based on a survey we conducted with Enterprise Strategy Group, examines ways that Ops, Security, and DevOps professionals are using limited resources to deal with increasingly complex environments as they seek to satisfy security demands and compliance requirements. It also discusses the impact that containerization is having on this complex dynamic.
Final Words . . .
We hope you find these resources useful as you look for solutions to your security and compliance issues. Whether it’s best practices, tips for planning your security strategy, guidance on tools or service providers, or expert insights on how to make sense of compliance in the cloud, Threat Stack is here to provide support.
This post just skims the surface of the resources we have available for you. To locate other great webinars, blog posts, worksheets, ebooks, and more, take a look at our Resources page, and be sure to subscribe to our blog to receive regular information updates.