Amazon Web Services already has a defense for most of the things a Security Operations Center cares about. But what about stolen credentials? Do these 9 things beforehand to limit the pain.

Imagine you’ve been called into a quarterly Board meeting. They want to know how things are going with the cloud. They are really asking some good questions. You had mentally prepared some answers to keep the spotlight off you, but it’s clear they are going to dig in.

How many users and roles have way too much access, out of convenience? When is the last time you checked to make sure access levels were consistent with the business need? And when is the last time you reduced someone’s access?

“Please provide proof that these logs haven’t been tampered with.” It’s the nightmare scenario for any IT department. You’ve been  notified by an auditor – or a legal team, a government body, or even a  customer — that your cloud security program is being reviewed. You’ve  been told

So you’ve got your new security monitoring system set up. You have  alarms that send you emails when the root user logs in. You get a slack  message when someone launches an RDS instance open to the internet. And  everyone gets a text message when an S3 bucket is

Is your development team taking shortcuts with AWS access keys? Is your team passing around keys on Slack or email? If you don’t know the answer off the top of your head, it’s worth asking around. This post is for you. Access keys (also referred to as an

Getting deep into IAM is a great way to have analysis  paralysis. Here are some common sense, high-leverage tips to get secure  but keep rolling. Intimidated or annoyed by the complexity of IAM? Worried that if you  dive into IAM, you’ll never get out because the details go on