One of the common misconception about the cloud computing it is that.
“My data is not secure in the cloud.”
The above quote is not accurate without getting into the fundamentals of cloud security first. In fact, the cloud works as a Shared Responsibility Model, which means that the Security of the Cloud is the responsibility of cloud service providers such as AWS, Azure, and GCP. Meanwhile, Security in the Cloud is the responsibility of the customer. To learn more about Shared Responsibility Model, better check out the following link.
Securing your cloud environment is critical for any business; oftentimes…
In today’s world, an online presence is not only required but a necessity for any modern business but going online also comes with many challenges, any loopholes in application security can lead to various cyber-attacks thus ruin the reputation of any organization.
OWASP The Open Web Application Security Project is an open-sourced, community that is dedicated to providing organizations around the world with free, practical resources to support application security.
One of the main projects of OWASP is to monitor top security risks that exist in today’s world.
In this post, I will summarize them as a quick overview, In…
In today’s competitive world, the protection of data and digital assets is a top priority for any security architect and enterprise. Digital assets could be in form of PII (Personal Identifiable Information), client list, network information, trade secrets, or more.
Securing these assets using a complex password is not enough, we all know people are used to setting the same password on multiple platforms, compromising one password could be a potential call for trouble. Odd enough I recently saw an article on CNN citing the problem
MFA or Multi-factor authentication can solve this problem to some extent, MFA allows you…
Often there is a case when you have to provide read-only access to a user on your AWS account for security, training, or auditing purposes.
In this post, I will show you how we can provide read-only access to the AWS console to any user.
This step is optional, but I would suggest it as a best practice. Groups allow you to easily manage users and policies.
In this example, I am creating a group called auditors
In my previous post Exploring AWS Secret Manager, we learned about some key benefits of using AWS Secret Manager. In this post, we will explore how to use it with a practical example.
You can use Secret Manager to store, rotate, monitor, and control access to secrets such as database credentials, API keys, and OAuth tokens.
I have discussed the benefits and workflow of Secret Manager in my other post check it out
In this fast-changing world of Cloud, Containers, APIs and Microservices, keeping and managing IT resources is one challenge and securing them is another.
Credentials management is one of the most overlooked concepts when comes to securing your applications. I have seen organizations keep all passwords in a single spreadsheet or confluence page or on many occasions on a sticky note under the manager’s keyboard 😄
AWS Secret Manager allows you to easily store, rotate, manage credentials throughout the lifecycle of your applications. …
Object storage is a very popular service in the cloud, the first thing normally organizations move to the cloud is the object storage which are files like documents, images, audio, video, and other content data.
With many different services that exist in the cloud, security is a top priority of any organization. Therefore, protecting data with accidental delete also should be included in the top list of operations. In AWS S3 you can optionally add another layer of security by configuring buckets to enable MFA Delete, which can help to prevent accidental bucket deletions and it’s content.
I will be posting a series of some cool articles related to AWS security, some are required to use Multi-Factor Authentication (MFA) so here is a basic one how to enable MFA on AWS.
Probably many of you already familiar with using MFA login in a web browser, In this post, I will also share how to use MFA login on AWS CLI.
The first step is to create an IAM user if you don’t have one using the AWS Console. Make sure you allow console access or programmatic access (if required)
In this example, I am creating a user…
AWS offers 3 types of load balancers as part of Elastic Load Balancer (ELB) service one is called Classic Load Balancer, TCP load balancer and the latest is the Application load balancer (ALB).
ALB offers some unique features over Classic ELB and one of the features is Path-based Routing. What is Path-based Routing? well in simple terms the ALB could forward the incoming requests to different destinations based on the path as shown in the slide.
Modules are used in Terraform to modularize and encapsulate groups of resources in your infrastructure. Using Modules you can write a generic code and reuse it as you need if you are from database background it is similar to using stored procedures.
Terraform provides a various way to use Modules, you can write module and use it from many sources, similar to using files from Shared Drives or services like DropBox and Google Drive.
The module installer supports installation from a number of different source types, as listed below.