Tag Archives: cloud security

The Fundamental Security Concepts in AWS – Part 3 of 3

Note: A modified version of this article was first published in DZone. Welcome back! If you missed Part 2, check it out here. Securing Data at Rest Data at rest includes inactive data that is stored physically in any digital form (e.g. databases, data warehouses, spreadsheets, archives, tapes, off-site backups, mobile devices, etc.). Multiple AWS services provide …

The Fundamental Security Concepts in AWS – Part 2 of 3

Introduction NOTE: A modified version of this article was first published on DZone. Two weeks ago, I presented the first of a three-part examination of security concepts and controls in AWS. We looked at the key security principle of AWS: AWS is responsible for the security of the cloud; you are responsible for security in the cloud. See Figure 1. Figure 1 …

DevSecOps Tools and Processes

Goal: Have an automated, auditable secure CI/CD environment where security controls are transparent to developers and users. To this end, I propose the following: Ensure development, QA, and production servers are configured identically but with different passwords. Ensure that secret information (API keys, passwords, AWS credentials, private  data, PII, etc.) is adequately protected at-rest and …