In the cloud, your security is only as good as your ability to control the level of access your human and non-human identities have to your infrastructure. Since the actions these identities can take are dictated by the types of permissions you grant them, protecting against excessive permissions and quickly responding when those permissions are […]
Every conversation about cloud security with customers and partners leaves me with the same thought: What’s old is new again. This is especially true when it comes to some identity management basics. Consider the tried-and-true AAA framework: Authentication, Authorization and Auditing. In this article published in Dark Reading, I discuss how this framework would work […]
Is your cluttered infrastructure inviting unnecessary risk exposure? There are few things as liberating as a thorough spring cleaning. We notice accumulation of unnecessary “stuff” — clothes we no longer wear, household items we no longer use, furniture we don’t need, and much more. Most of us do nothing about it; in fact, we keep […]
Verizon’s seminal annual analysis of cybersecurity breaches revealed that misconfigurations saw the highest growth year-over-year (4.9%) among all threat actions it analyzed. But as we’ve seen from some of the most high-profile cloud data breaches in the past year, misconfigurations are just the tip of the iceberg. The real damage from most misconfigurations can be […]
If you think you’ve got your bases covered better than Capital One, then you’re clearly not paying attention. Capital One has one of the best cloud security teams in the industry and has already contributed greatly to the security community by releasing open source tools like Cloud Custodian which can drastically help automate security, governance and […]
When I think of service, I think of raising a flag on my beachside palapa to signal I’m ready for another margarita and having it delivered moments later.
A lot has been written about the Capital One breach that was disclosed on July 19.
Remember when computers were simple — like really simple? I don’t, but my dad used to tell me stories of how in them days
The principle of least privilege is one of the most fundamental and important concepts in security.
Subscribe to the CloudKnox Blog
Sign up to receive notification of new blog posts and insights