Category: Technical How-to

Software Asset Governance or Software Asset Management is a key component of an organization’s cyber security strategy. Different aspects of Software Asset Governance find notable mentions in renowned security frameworks and standards such as SANS CIS Critical Security Controls, NIST Special Publication 800-53, and Cloud Security Alliance’s Cloud Control Matrix. The subject goes beyond cyber-security […]

Conversational interfaces like chatbots have become an important channel for brands to communicate with their customers, partners, and employees. They help with faster service, 24/7 availability, and reduced service costs. By monitoring conversations between your customers and the bot, you can gain insights into user interactions, trends, and missed utterances. The additional insights will help […]

In this blog post, I show you how to expand AWS Control Tower centralized logging strategy to cover Amazon VPC Flow Logs. Using this solution, you can manage VPC Flow Logs across multiple accounts with self-service automation and periodic consistency check.

This post demonstrates how to automate alert notifications for specific AWS Lambda function errors using an Amazon CloudWatch log subscription. CloudWatch Logs let you invoke a Lambda function when a log entry matches a pattern. Amazon CloudWatch alarms are used to notify when an error occurs with a Lambda function; this notification does not give […]

Learn with Shree on how to use AWS License Manager’s built-in integration with AWS CloudTrail to prepare for software license audit.

In this blog post you learn how to visualize AWS CloudTrail events, near real time, using Kibana. This solution is useful if you use an ELK (Elasticsearch, Logstash, Kibana) stack to aggregate logs from all your systems and applications, analyze these logs, and create visualizations for application and infrastructure monitoring. This solution is also useful […]

Application workloads being built for the cloud are getting easier to deploy with tools like Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS and AWS Fargate), infrastructure as code (IaC), and full-scale DevSecOps pipelines. But there’s more to migrating workloads than ease of development and deployment: application workloads still need […]

Many AWS customers I speak with want to manage their AWS services using infrastructure as code (IaC) and DevOps practices for managing, versioning, and deploying products and portfolios. A best practice is deploying infrastructure templates from a continuous delivery (CD) pipeline with validation. In so doing, you can provide the AWS services your users need […]

Continuous delivery pipelines, combined with infrastructure as code tools like AWS CloudFormation, allow our customers to manage applications in a safe and predictable way. CloudFormation helps customers model and provision their AWS and third-party application resources, with features such as rollback to provide automation and safety. Together with tools such as AWS CodeBuild, AWS CodePipeline, […]

Port forwarding is a useful way to redirect network traffic from one IP address and port number combination to another. With port forwarding, you can access an EC2 instance located in a private subnet from your workstation. In this post, we walk through a use case where customers have a strict security requirement for their […]