Accelerating Your Cloud Journey With Security Built In

Accelerating Your Cloud Journey With Security Built In

Oct 8, 2020 | Attack Surface Analysis, AWS, CISO, Cloud security, security controls

The move to cloud poses unique challenges as organizations adapt to securing infrastructure as code for all applications, while being prepared to secure brave new features such as containers, microservices and automatic scaling. Threat modeling, traditionally a manual...
Behind the AWS Shared Responsibility Model and Today’s Cloud Threats

Behind the AWS Shared Responsibility Model and Today’s Cloud Threats

Aug 12, 2020 | AWS, Cloud security, Cloud Threat Modeling, Compensating Controls, Risk Management, Security

It’s no secret that Amazon Web Services (AWS) helps to run a wide swath of the web’s most popular websites, services, and applications. However, the rise of cloud services has not gone unnoticed by hackers, who have broadened their scope from traditional...
How to Automate and Accelerate the Design of Secure AWS Cloud Environments

How to Automate and Accelerate the Design of Secure AWS Cloud Environments

Jul 2, 2020 | Attack Surface Analysis, AWS, CISO, Cloud security, Developers

For this ThreatModeler Blog Special Edition, we recap our Fireside Chat (with link to the webcast) moderated By Ty Sbano, Chief Security & Trust Officer, Sisense; with panelists: Praveen Nallasamy, Vice President, Cybersecurity at BlackRock Tom Holodnik, Software...
How VPCs Work, and How to Integrate Them Into Identity Access Security

How VPCs Work, and How to Integrate Them Into Identity Access Security

Jun 23, 2020 | AWS, Cloud security, Cloud Threat Modeling, DevSecOps

While much of the tech world is adopting the private cloud for the added security and scalability, today’s developers typically rely on its public, less secure cousin. The reason is simple: it’s way cheaper. “Private” cloud infrastructure requires providers to assign...
Differentiating Compliance and Security for AWS Development

Differentiating Compliance and Security for AWS Development

Jun 4, 2020 | AWS, AWS Security Epics Automated, Cloud security, Security

How Security and Compliance Teams Can Collaborate and Thrive in the Cloud Compliance and security share a great deal in common, but there are key differences. Both deal with organizational safety and security, minimize risk, protect consumer data, and experience...
DevSecOps Is Best When Applied in Layers

DevSecOps Is Best When Applied in Layers

Jun 2, 2020 | Attack Surface Analysis, AWS, AWS Security Epics Automated, CISO, DevOps, DevSecOps

By Michael Vizard The best cybersecurity defense is always applied in layers. If one line of defense fails, the next should be able to thwart an attack and so on. That same, tried and true, security in depth concept applies to DevOps as responsibility for...