Category: cyber security

Best practices and advanced patterns for Lambda code signing
Amazon Web Services (AWS) recently released Code Signing for AWS Lambda. By using this feature, you can help enforce the integrity of your code artifa [...]

How to approach threat modeling
In this post, I’ll provide my tips on how to integrate threat modeling into your organization’s application development lifecycle. There are many grea [...]

Masking field values with Amazon Elasticsearch Service
Amazon Elasticsearch Service (Amazon ES) is a fully managed service that you can use to deploy, secure, and run Elasticsearch cost-effectively at scal [...]

Control VPC sharing in an AWS multi-account setup with service control policies
Amazon Web Services (AWS) customers who establish shared infrastructure services in a multi-account environment through AWS Organizations and AWS Reso [...]

Use AWS Secrets Manager to simplify the management of private certificates
AWS Certificate Manager (ACM) lets you easily provision, manage, and deploy public and private Secure Sockets Layer/Transport Layer Security (SSL/TLS) [...]

Re:Invent – New security sessions launching soon
Where did the last month go? Were you able to catch all of the sessions in the Security, Identity, and Compliance track you hoped to see at AWS re:Inv [...]

Deploy an automated ChatOps solution for remediating Amazon Macie findings
The amount of data being collected, stored, and processed by Amazon Web Services (AWS) customers is growing at an exponential rate. In order to keep p [...]

GKE Auditor – Detect Google Kubernetes Engine Misconfigurations
./auditor.sh [-a] [-ast] [-c] [-d] [-h] [-i <arg>] [-p <arg>] [-q] [-r <arg>] -a,--all &nb [...]

Signing executables with HSM-backed certificates using multiple Windows instances
Customers use code signing certificates to digitally sign software, documents, and other certificates. Signing is a cryptographic tool that lets users [...]

How to visualize multi-account Amazon Inspector findings with Amazon Elasticsearch Service
Amazon Inspector helps to improve the security and compliance of your applications that are deployed on Amazon Web Services (AWS). It automatically as [...]