Secure by Design: Automating Security for Your Cloud Deployment
Security and DevOps teams are both being asked to make their organizations run faster and more securely while proving it in the form of compliance audits and completed security questionnaires. But no one has the time — and few have the knowledge — to do all this, let alone do it well.
Read more “Join Threat Stack’s Automating AWS Security Webinar”
You’re probably familiar with DevOps by now. It’s the collaboration between Development and Operations teams by leveraging the same tools and processes to get things done more efficiently. Now, Security is being brought into the fold, and this is called DevOpsSec.
Since DevOpsSec is a much newer term and development practice, we wanted to take the opportunity to discuss how companies can get started with many of its foundational elements. There are no two people better equipped to talk about it than Threat Stack’s own Head of Operations, Pete Cheslock, and CTO, Sam Bisbee.
Rather than walking you through a polished slide deck, Pete and Sam wanted to open up the discussion in an AMA (Ask Me Anything) format. We fielded questions from Twitter, LinkedIn, Facebook, as well as email and received hundreds of submissions. On Tuesday, March 14, in the middle of a blizzard here in Boston, they sat down for an hour to answer many of these questions live. Read more “Ask Us Anything: Recap on How to Get Started With DevOpsSec”
Yesterday, we hosted one of our most popular webinars to date: Steps for Establishing Your AWS Security Roadmap. Threat Stack’s VP of Engineering, Chris Gervais, was joined by AWS Solution Architect, Scott Ward, along with Zuora’s Head of Infrastructure Security, Bibek Galera for a practical discussion on how companies can build an effective cloud security roadmap from day one. Read more “Steps for Establishing Your AWS Security Roadmap”
In Part 1 of this two-part series, we put a magnifying glass on some of the top cloud security trends and lessons learned in 2016. In Part 2, we’re going to look at where we believe cloud security is headed over the next year.
Read more “How to Secure Your Cloud Environment for What’s Next”
The conversations about cloud security are changing rapidly. A few years ago, companies were hesitant to even talk about moving to the cloud because of all the unknowns — specifically in regard to security. Cloud service providers like Amazon, Google, and Microsoft have made bold commitments to security, so today the conversation is shifting from how secure the cloud itself is, to how individual companies can better secure their data and systems.
On Tuesday, January 17, Threat Stack’s Director of Products, Vikram Varakantam, and OneLogin’s CISO, Alvaro Hoyos, hosted a webinar to discuss where they each see cloud security headed in the coming year. Read more “To Predict Cloud Security’s Future, We Must First Understand Its Past”
Security is a shared responsibility when you run your business on Amazon Web Services (AWS). To hold up your end of the bargain, there are many best practices at companies should be employing early on (but often don’t) to ensure that they’re maintaining security and that it can scale as the company grows.
Read more “Best Practices for Implementing & Scaling Security in AWS”
The cloud is very different from on-premise infrastructure in several key ways. Some of these differences become apparent when it comes to external attacks. To get to the core of how these attacks can unfold differently in the cloud (and how they are the same), Threat Stack recently hosted a webinar in which I interviewed security engineer Anthony Alves about the anatomy of a cloud attack.
Read more “Anatomy of an Attack: How the Cloud Gets Hacked”
Alert fatigue is a very real issue that security, ops, and dev teams are dealing with today. But how do you know if alerts are burning you out? And how can others on your team recognize it? More often than not, alert fatigue flies under the radar until it’s too late — critical issues start to pass by unnoticed and our adversaries get the upper hand.
Read more “Ending Alert Fatigue: Threat Stack and VictorOps On Modern-Day Security and Incident Management”
On Tuesday, June 21, I teamed up with Scott Ward, Solutions Architect at AWS, and Arup Chakrabarti, Director of Engineering at PagerDuty, to deliver a webinar about scaling quickly and securely in AWS. The discussion was lively enough to keep beach-and-BBQ dreams at bay for an hour or so on a humid Wednesday in Boston.
Read more “Scaling Quickly & Securely: Achieving Security & Compliance in AWS”
To explore the complex and sometimes confusing topic of cloud security more deeply, we recently hosted a webinar in which Vikram Varakantam, Threat Stack Director of Product Strategy, and Ilya Kalinin, senior DevOps engineer at AdRoll, talked through some of the top issues that need to be considered when organizations are scaling cloud infrastructure securely (up or down).
Read more “3 Key Practices for Enabling Cloud Security”