Amazon Web Services (AWS) has made available three new S3 (Simple Storage Service) security and access control features: Object Ownership Bucket Owner Condition Copy API via Access Points Object Ownership Object Ownership is a permission that can be set when creating a new object within an S3 bucket, to enforce the transfer of new object…

How to implement least privilege in the cloud

According to a recent survey of 241 industry experts conducted by the Cloud Security Alliance (CSA), misconfiguration of cloud resources is a leading cause of data breaches. The primary reason for this risk? Managing identities and their privileges in the cloud is extremely challenging because the scale is so large. It extends beyond just human…

RSA CONFERENCE 2020 – San Francisco – A recently spotted targeted attack employed a rootkit to sneak malicious traffic through the victim organization’s AWS firewall and drop a remote access Trojan onto its cloud-based servers. Researchers at Sophos discovered the attack while inspecting infected Linux and Windows EC2-based cloud infrastructure servers running in Amazon Web…

Cloud-native has arrived and now, it’s taking over. By 2021, 92% of companies will go cloud-native. It’s faster, it’s more efficient, more scalable, and more flexible. But is it more secure? As businesses integrate cloud-native technologies, such as Kubernetes, across their clouds, the complexity and distributed nature of these platforms increasingly require companies to rethink…

In the latest major cloud security foul-up, Capital One suffered a data breach, which affected 100 million people in the United States, and 6 million in Canada. It wasn’t just Capital One caught with their security pants down. We now know hacker Paige A. Thompson stole terabytes of data from more than thirty other companies,…

AWS Security Hub aggregates security alerts and conducts continuous compliance checks

AWS Security Hub gives customers a central place to manage security and compliance across an AWS environment. It aggregates, organizes, and prioritizes security alerts – called findings – from AWS services such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, and from a large and growing list of AWS Partner Network (APN) solutions. Customers can…