AWS has long ruled the cloud platform game. But today more and more companies are branching out and using additional providers as well. Often this isn’t a matter of replacing one with another, but of different business requirements (such as managing risk and costs) being suited to different cloud vendors. Other factors for using more than one provider center on the fact that vendors work to price their offerings competitively and continually add new features. Additionally, many organizations that run Windows are offered free Azure credits. So why not take advantage and reduce your overall cloud costs?
There’s nothing wrong with running a multi-cloud environment — in fact doing so may be part of a well-crafted strategy — but when you do so, you want to make sure that you are taking appropriate security precautions. In this post, we’ll cover five principles you should strive for when you make the move to a multi-cloud environment. But first, let’s take a look at the major players. Read more “5 Principles for Running Securely in a Multi-Cloud Environment”
Security is a shared responsibility when you run your business on Amazon Web Services (AWS). To hold up your end of the bargain, there are many best practices at companies should be employing early on (but often don’t) to ensure that they’re maintaining security and that it can scale as the company grows.
Read more “Best Practices for Implementing & Scaling Security in AWS”
There’s no question that Amazon Web Services is an incredibly powerful and secure cloud services platform for delivering all sorts of software applications. AWS offers an extensive number of products and services for creating a scalable, reliable, and flexible architecture that meets the unique needs of your development. However, it can be difficult to know how to approach securing your AWS infrastructure. While we can’t give you insight into all of them, of course, we are going to talk about the security benefits provided by three of our favorites, just to get you started.
Amazon Web Services (AWS) has pioneered the Shared Responsibility Model in the cloud. Basically, this model outlines how cloud service providers and consumers of these cloud-based services should share responsibilities when it comes to ensuring security in the cloud. AWS and other cloud service providers (CSPs) are responsible for ensuring that cloud infrastructure is secure. Meanwhile, companies (those using the cloud services) are responsible for their data, networks, applications, and operating systems — anything they own that lives in the cloud.
Read more “The Impact of the Cloud’s Shared Responsibility Model on Compliance”
When Wombat Security Technologies and ThreatSim (acquired by Wombat in October 2015) decided to develop and deploy our suite of end user risk management and education solutions in Amazon Web Services (AWS), we went “into the cloud” with eyes wide open. We knew that, to realize the full potential of AWS (scale, cost, performance), we needed to “do AWS right.” This meant treating our servers like cattle, not like pets.
Read more “How Wombat Security Uses Threat Stack to Secure Its Own AWS Infrastructure”
On Tuesday, June 21, I teamed up with Scott Ward, Solutions Architect at AWS, and Arup Chakrabarti, Director of Engineering at PagerDuty, to deliver a webinar about scaling quickly and securely in AWS. The discussion was lively enough to keep beach-and-BBQ dreams at bay for an hour or so on a humid Wednesday in Boston.
Read more “Scaling Quickly & Securely: Achieving Security & Compliance in AWS”
Since first releasing Threat Stack Cloud Security Platform®, we continue to make enhancements that provide better data, increase automation, streamline workflows, and decrease response times.
Read more “Using AWS Tags With Threat Stack Security Alerts”
We’ve got some outstanding news to share: Threat Stack has just achieved Amazon Web Services (AWS) Security Competency!
This further demonstrates our commitment to delivering best-in-class security — and more specifically, to giving AWS customers exactly what they need in security solutions. As we like to say, “Our solutions are built in AWS to serve AWS.” Read more “Threat Stack’s Cloud Security Platform® Achieves AWS Security Competency”
A lot happened in the world of security and DevOps this week. Here are the top posts we saw:
Read more “The Weekly Security and DevOps News Brief”