Cyber Monday is here (and for those of us in the cloud security business, it’s also the start of the AWS re:Invent 2017 conference). So given all the strange things that have been happening in our cyber environment, we thought we would once again remind organizations and consumers alike about the need to be proactive and extra vigilant in their security practices. Read more “‘Tis the Season To Be Proactive, Vigilant, & Transparent”
Achieving optimal security in a cloud environment can seem like a moving target. New security threats are constantly popping up along with security implementations meant to fight them off. To help you achieve optimal security in this environment, this post highlights the top 10 best practices for AWS security. Read more “10 Best Practices for Securing Your Workloads on AWS”
Yesterday, we co-hosted a webinar with Amazon’s security strategist, Tim Sandage, and SessionM’s director of technical solutions and operations, Jason LaVoie, to discuss how companies can become secure by design using automation.
With cloud providers like AWS making it easier than ever to get up and running in the cloud, the next item on the agenda for many is how to get security up to speed as well. In yesterday’s webinar, Tim, Jason, and our own senior security engineer, Patrick Cable, offered practical and strategic ways for companies to do just this. Read more “How to Leverage Automation to Make Your Organization Secure by Design”
Secure by Design: Automating Security for Your Cloud Deployment
Security and DevOps teams are both being asked to make their organizations run faster and more securely while proving it in the form of compliance audits and completed security questionnaires. But no one has the time — and few have the knowledge — to do all this, let alone do it well.
Amazon Web Services, the ubiquitous cloud infrastructure provider, has made it increasingly easy for businesses to move to the cloud and take advantage of the scalability, flexibility, and cost savings this approach offers. For some businesses that are contemplating the move to AWS, you may be wondering whether it’s necessary to have a team of developers who can help to ensure that you are capable of running securely on AWS.
The short answer is: You don’t need to start from scratch when it comes to security, and you don’t need to have extensive coding resources in-house to run securely on AWS. With the right tools at your disposal, you can quickly measure compliance with your unique security policy and adapt to changes in your environment as needed.
Here’s what you need to know to run securely on AWS, with or without a legion of development resources at your disposal.
Implementing AWS security best practices into your Terraform design is an excellent way of ensuring that you have a streamlined way to achieve your security goals and manage your infrastructure.
In this post, we will talk about the following three areas of AWS security best practices and how to implement them with Terraform:
- Environment segregation by AWS account
- CloudTrail logging
- Traffic and system access controls
Just to be clear, this post is not an introduction to Terraform: It’s an introduction to incorporating AWS security best practices into Terraform code. Read more “Incorporating AWS Security Best Practices Into Terraform Design”