10 Best Practices for Securing Your Workloads on AWS

Achieving optimal security in a cloud environment can seem like a moving target. New security threats are constantly popping up along with security implementations meant to fight them off. To help you achieve optimal security in this environment, this post highlights the top 10 best practices for AWS security. Read more “10 Best Practices for Securing Your Workloads on AWS”

How to Leverage Automation to Make Your Organization Secure by Design

Yesterday, we co-hosted a webinar with Amazon’s security strategist, Tim Sandage, and SessionM’s director of technical solutions and operations, Jason LaVoie, to discuss how companies can become secure by design using automation.

With cloud providers like AWS making it easier than ever to get up and running in the cloud, the next item on the agenda for many is how to get security up to speed as well. In yesterday’s webinar, Tim, Jason, and our own senior security engineer, Patrick Cable, offered practical and strategic ways for companies to do just this. Read more “How to Leverage Automation to Make Your Organization Secure by Design”

Join Threat Stack’s Automating AWS Security Webinar

Secure by Design: Automating Security for Your Cloud Deployment

Security and DevOps teams are both being asked to make their organizations run faster and more securely while proving it in the form of compliance audits and completed security questionnaires. But no one has the time — and few have the knowledge — to do all this, let alone do it well.

Read more “Join Threat Stack’s Automating AWS Security Webinar”

Why You Don’t Need to Code to Run Secure on AWS

Amazon Web Services, the ubiquitous cloud infrastructure provider, has made it increasingly easy for businesses to move to the cloud and take advantage of the scalability, flexibility, and cost savings this approach offers. For some businesses that are contemplating the move to AWS, you may be wondering whether it’s necessary to have a team of developers who can help to ensure that you are capable of running securely on AWS.

The short answer is: You don’t need to start from scratch when it comes to security, and you don’t need  to have extensive coding resources in-house to run securely on AWS. With the right tools at your disposal, you can quickly measure compliance with  your unique security policy and adapt to changes in your environment as needed.

Here’s what you need to know to run securely on AWS, with or without a legion of development resources at your disposal.

Read more “Why You Don’t Need to Code to Run Secure on AWS”

Incorporating AWS Security Best Practices Into Terraform Design

Implementing AWS security best practices into your Terraform design is an excellent way of ensuring that you have a streamlined way to achieve your security goals and manage your infrastructure.

In this post, we will talk about the following three areas of AWS security best practices and how to implement them with Terraform:

  • Environment segregation by AWS account
  • CloudTrail logging
  • Traffic and system access controls

Just to be clear, this post is not an introduction to Terraform: It’s an introduction to incorporating AWS security best practices into Terraform code. Read more “Incorporating AWS Security Best Practices Into Terraform Design”