Category: Security

Dive deep on AWS Identity and Access Management (IAM) permissions and how the principle of least privilege can be best achieved when using AWS CloudFormation, and more specifically CloudFormation Modules, to provision resources on AWS. CloudFormation Modules are a way to package resource configurations for inclusion across stack templates, in a transparent, manageable, and repeatable way.

AWS Identity and Access Management (IAM)‘s 10th anniversary continues with Part 2 of our blog series. Writing an IAM policy can be tricky, but don’t feel overwhelmed. Learn how the IAM visual editor helps you create policies by providing helpful documentation and the correct syntax. You’ll also learn why you should use federation due to the short-term credentials made possible by IAM roles. More tips like these can be found throughout our 4-part blog series.

This year marks the 10th anniversary of AWS Identity and Access Management (IAM), which is essential in securing your applications and your AWS environment as a whole. To help you get the most out of this critical AWS service, we are excited to share a blog series featuring top recommendations for using IAM from AWS Heroes and APN Ambassadors, who will share recommendations which are driven from personal experiences using a service that’s foundational for the security of AWS customers.

An often-overlooked aspect of migration is the configuration checks on the underlying cloud infrastructure. In order to make sure the foundational infrastructure is safe, secure and compliant, there’s a need to validate the cloud configuration early in the migration cycle. Infosys has developed an innovative automation solution that addresses the need for secure configuration reviews, while ensuring agility and reliability through the migration journey.

One of the first steps for organizations adopting AWS is migrating data from an on-premises environment or existing cloud to AWS. Many legal and regulatory requirements make it imperative to know the cause and reason for collection, storage, and usage of data, as well as the exact physical location of the data. Learn how Dataguise, a PKWARE company, helps organizations minimize risk and cost during the data migration process.

AWS recently launched a new feature as part of its Amazon Route 53 service, called Route 53 Resolver Query Logging. This new service enables organizations to retrieve logs of their Domain Name System (DNS) queries originating from resources within their VPCs. Learn how these logs can be analyzed as part of the Radware Cloud Native Protector Service (CNP), which provides a range of fully managed, enterprise-grade cloud security solutions to protect applications running in public clouds.

Implementing effective threat detection for applications in the cloud requires visibility into all aspects of your infrastructure and workloads. By taking advantage of AWS services, you’re freed to focus on the applications that drive your business. Security in the cloud is a shared responsibility between AWS and the customer, however, and Sysdig’s cloud security platform helps you follow security best practices and simplify the work of securing your AWS account and workloads.

As organizations continue to adopt AWS, their risk footprint increases from both an infrastructure and network perspective as it relates to compliance posturing, configuration risk, and network threats. Explore the integration between AWS and Secure Cloud Analytics, a SaaS-delivered Network Detection (NDR) offering from Cisco that monitors multi-cloud and hybrid environments for threats and policy violations and provides comprehensive visibility for any environment.

Virtusa recently received a requirement to make an application programming interface (API) accessible across another AWS account. The API was an internal-only API hosted in a private subnet, and could be accessed only from within the network. The requirement also stipulated Virtusa make only a few read-only (Get) methods accessible, and not all the methods from the API. Learn how Virtusa addressed the customer’s challenge by designing a solution that uses Amazon API Gateway with IAM authentication.

Automation and integration are critical to producing applications with fewer flaws at a speed that won’t slow developers down. However, this is only possible with a well-planned DevSecOps program and the right tools embedded into your software development lifecycle. Dig into the importance of the digital shift and how you can implement DevSecOps into existing workflows with the combined control of Veracode’s scanning tools and AWS integrations.