AWS re:Invent This year, AWS re:Invent is once again being held in Las Vegas (12–15-Nov-2013). The 4 day conference focuses on all things AWS and the schedule is packed with talks, bootcamps, hands-on labs, and other events. If you didn’t attend last year, you can check out the videos online to get a feel for the…
Read MoreOver the past weeks we have been reviewing the top 10 tips for securing instances running on Amazon Web Services. We walked through the critical controls as part of the AWS shared security model. As noted in these tips, host-based security capabilities such as intrusion detection and prevention, anti-malware, and integrity monitoring are critical for…
Read MoreIn this series, Mark and I have talked about hardening your AWS resources (both inside and outside of your instances) and preforming ongoing monitoring. The last two tips are around measuring your overall security so that you can understand your risks and measure your progress. It may be an old adage but it still rings true……
Read MoreSo far in this series, we have shared tips for securing access to your AWS resources, hardening your system and protecting with a firewall and IPS combination. At this point, your applications running on Amazon Web Services are resilient to attack, but it is critical that ongoing monitoring be a part of your overall security strategy. Monitoring…
Read MoreIn this series, Mark and I have covered tips for securing your Amazon Web Services (AWS) account, building hardened Amazon Machine Images and locking down the operating system. Now we turn our attention to one of the most simple, yet powerful ways to secure your instances: the firewall. Implementing a firewall policy is just basic survival when…
Read MoreIn our previous top tips for AWS security we looked at hardening access to your AWS resources through proper use of IAM, policies and authentication. In this tip we turn our focus to hardening your Amazon Machine Images (AMI). No matter whether you pronounce it A.M.I or Ahhh-ME (as the AWS folks do) your machine…
Read MorePeople who drive recklessly to the airport, at a high rate of speed while clutching a cellphone to their ear, only to then board the plane and pray it does not crash, often bewilder me. Don’t they realize they bear some responsibility for arriving safely at their destination? Trend Micro’s webinar on the new PCI…
Read MoreBig Cloud Security News If you are using cloud computing, some major news just came out. PCI released the DSS Guidelines for Cloud Computing on Feb 7th. This is really important because the new document provides “guidance on the use of cloud technologies and considerations for maintaining PCI DSS controls in cloud environments.” While it’s…
Read MoreHow difficult is it to run a public cloud service? As all of us know, Amazon Web Services (AWS) experienced an outage on 21-Apr-2011 and that lasted for almost 4 days. Quite a lot of companies were affected and you can find the list here. The Internet was flooded with articles speculating what went wrong,…
Read More
