How quickly you react to security incidents is paramount to minimizing their impacts. Automating incident reaction can help you scale your features, decrease the scope of compromised sources rapidly, and reduce repetitive function by security teams. However when you make use of automation, you need to manage exceptions to standard response procedures also. In this […]
Read moreAs institutions grow, they often times experience an inflection stage where it becomes impractical to manually manage individual user accounts within disparate systems. Managing several AWS accounts is not any exception. Many big organizations possess dozens or a huge selection of AWS accounts spread across several business units even. AWS provides many options that may […]
Read moreAWS Identity and Access Management (IAM) now includes a brand new sts:RoleSessionName condition element for the AWS Security Token Services (AWS STS), that means it is easy for AWS accounts administrators to regulate the naming of person IAM role sessions. IAM roles assist you to grant usage of AWS resources and solutions through the use […]
Read moreAWS Cryptography has completed benchmarks of Round 2 Versions of the Bit Flipping Key Encapsulation (BIKE) and Supersingular Isogeny Key Encapsulation (SIKE) hybrid post-quantum Transport Layer Security (TLS) Algorithms. Both of these algorithms have been submitted to the National Institute of Standards and Technology (NIST) as part of NIST’s Post-Quantum Cryptography standardization process. In the […]
Read moreNote: This post focuses on Amazon API Gateway REST APIs used with OAuth 2.0 and custom AWS Lambda authorizers. API Gateway also offers HTTP APIs, which provide native OAuth 2.0 features. For more information about which is right for your organization, see Choosing Between HTTP APIs and REST APIs. Amazon API Gateway is a fully […]
Read moreIn this post, I will show you how to run a Chef InSpec scan with AWS Systems Manager and Systems Manager Run Command across your managed instances. InSpec is an open-source runtime framework that lets you create human-readable profiles to define security, compliance, and policy requirements and then test your Amazon Elastic Compute Cloud (Amazon […]
Read moreDigital certificates, also known as X.509 or TLS/SSL certificates, are used to prove the identity of entities like web servers or VPN users and to establish secure communication channels between them. In this blog post, I’ll discuss certificate extensions. You can use certificate extensions for applications beyond the common use case of identifying TLS server […]
Read more
You must be logged in to post a comment.