Considerations For Creating Secure User Groups on AWS Using IAM

A big difference in the way on-premises infrastructures and cloud infrastructures are implemented centers on the way that user permissions are assigned. As you move towards software-defined everything, where data and systems are far more connected (generally a good thing), you need to pay special attention to the roles and permissions you grant to ensure that users are only given as much access as they absolutely need. No more, no less.  Read more “Considerations For Creating Secure User Groups on AWS Using IAM”

Best Practices for Implementing & Scaling Security in AWS

Security is a shared responsibility when you run your business on Amazon Web Services (AWS). To hold up your end of the bargain, there are many best practices at companies should be employing early on (but often don’t) to ensure that they’re maintaining security and that it can scale as the company grows.

Read more “Best Practices for Implementing & Scaling Security in AWS”

Top 10 Cloud Security Tips for Protecting Your Enterprise

Do you know exactly who is accessing your data and applications in Amazon Web Services (AWS)?

According to Gartner’s Cloud Security Survey, more than a quarter of businesses are unable to answer that question with a resounding “YES.” With over one million AWS users, that means there are a lot of unprotected environments.

Read more “Top 10 Cloud Security Tips for Protecting Your Enterprise”

Reinforcing Your Hardened Server’s Soft Spots

If you have either deployed or are planning to deploy a workload to the Cloud, perhaps using AWS, you are looking to run your operations efficiently without compromising security. In a recent post we discussed the AWS Shared Responsibility Model in which you are responsible for the security of your own data, platform, applications, and networks in the Cloud, while AWS is responsible for the security of the Cloud itself. Being security conscious, you understand this model and may have followed the AWS Security Best Practices in an effort to harden your EC2 instances.

Read more “Reinforcing Your Hardened Server’s Soft Spots”

What All DevOps Teams Should Know About The AWS Shared Responsibility Model

Keeping your cloud workloads secure, compliant, and protected while moving at the speed of DevOps is no easy task. Our team at Threat Stack knows this truth very well. There are many different viewpoints on the best approach to take to keep your customer data and systems protected in the cloud, and it all starts with understanding where your cloud provider’s responsibility for security ends and where yours begins. Let’s use AWS as an example throughout this post as they have a Shared Responsibility Model that demonstrates this well. Read more “What All DevOps Teams Should Know About The AWS Shared Responsibility Model”

See Threat Stack at AWS Enterprise Summit 2015 in San Francisco Next Week

For the second year in a row, Threat Stack will be attending and exhibiting at the AWS Enterprise Summit, this time at the Moscone Center in San Francisco. Throughout the past year alone, our integration with AWS has grown even deeper, helping customers effectively meet their responsibilities within the shared security model. We look forward to sharing the significant advances on our platform with the AWS community during the AWS Summit next week.

Read more “See Threat Stack at AWS Enterprise Summit 2015 in San Francisco Next Week”