Security and Compliance

In the cloud age, proper security and compliance measures allows large organizations to empower their application teams to get stuff done while maintaining governance models that are necessary to protect the organization and it’s data.

Protecting your Instance Metadata

AWS has released a new version of the metadata service that will better secure instance metadata against attackers. In this post, I will discuss the risk of hackers gaining access to the instance metadata service and how the latest update mitigates the risk.

Further Decomposing the Capital One Incident

Previously I discussed how to prevent a security incident similar to the one that occurred at Capital One earlier this year. In this post,I will expound further on what went wrong there from a data protection perspective and make recommendations on how to protect your data hosted in S3.

Lessons Learned from the Capital One Data Breach

This week a massive data breach at Capital One was announced. In this case, an internal actor was able to presumably use insider information to gain access to data stored in S3. In this article I will examine this data breach and provide best practices to prevent this from happening to your organization.

Utilizing AWS Private Marketplace to Approve Marketplace Products

AWS Marketplace empowers users to get quickly started using many products and services in AWS. However, proper governance should be put into place to approve said products. In this post, we will discuss using AWS Private Marketplace as an integral step in an approval process.