Over the past weeks we have been reviewing the top 10 tips for securing instances running on Amazon Web Services. We walked through the critical controls as part of the AWS shared security model. As noted in these tips, host-based security capabilities such as intrusion detection and prevention, anti-malware, and integrity monitoring are critical for…
Read MoreAmazon Web Services did it again. Its new service, OpsWorks, is an application management service with the ability to manage applications of any scale or complexity in the AWS cloud. This integrated system manages resource provisioning, configuration management, application deployment, software updates, and monitoring and access control. The service is another offering from the leader in…
Read MoreIn this series, Mark and I have talked about hardening your AWS resources (both inside and outside of your instances) and preforming ongoing monitoring. The last two tips are around measuring your overall security so that you can understand your risks and measure your progress. It may be an old adage but it still rings true……
Read MoreSo far in this series, we have shared tips for securing access to your AWS resources, hardening your system and protecting with a firewall and IPS combination. At this point, your applications running on Amazon Web Services are resilient to attack, but it is critical that ongoing monitoring be a part of your overall security strategy. Monitoring…
Read MoreIn this series, Mark and I have covered tips for securing your Amazon Web Services (AWS) account, building hardened Amazon Machine Images and locking down the operating system. Now we turn our attention to one of the most simple, yet powerful ways to secure your instances: the firewall. Implementing a firewall policy is just basic survival when…
Read MoreIn our previous top tips for AWS security we looked at hardening access to your AWS resources through proper use of IAM, policies and authentication. In this tip we turn our focus to hardening your Amazon Machine Images (AMI). No matter whether you pronounce it A.M.I or Ahhh-ME (as the AWS folks do) your machine…
Read MorePeople who drive recklessly to the airport, at a high rate of speed while clutching a cellphone to their ear, only to then board the plane and pray it does not crash, often bewilder me. Don’t they realize they bear some responsibility for arriving safely at their destination? Trend Micro’s webinar on the new PCI…
Read MoreBig Cloud Security News If you are using cloud computing, some major news just came out. PCI released the DSS Guidelines for Cloud Computing on Feb 7th. This is really important because the new document provides “guidance on the use of cloud technologies and considerations for maintaining PCI DSS controls in cloud environments.” While it’s…
Read MoreIn his 90 minute keynote address at the AWS re:Invent conference, Andy Jassy quite unabashedly gave these reasons for using AWS versus a private cloud, (at the 32 minute mark) : So public cloud adoption should be a no-brainer, right? Oh wait, but Andy omitted security in the public cloud – how can I trust…
Read MoreWhen you host applications in the public cloud, you assume partial responsibility for securing the application. The cloud provider, for example Amazon Web Services (AWS), secures the physical data center (with locked badge entry doors, fences, guards, etc.) in addition to securing the physical network with perimeter firewalls. This is no significant change from how…
Read More
