Archive For: Cloud Security
I’m not going to try and write anything regarding the attack vector, Erick Johnson did that well here: https://ejj.io/blog/capital-one I’m not going to give an executive overview, Krebs did that well here: https://krebsonsecurity.com/2019/08/what-we-can-learn-from-the-capital-one-hack/ I really just want to bring up something I haven’t heard enough people talking about, detection. There has been lots of conversation ... Read More
A note to vendors: Infrastructure as a Service (IaaS) != secure/compliant applications, it can, but doesn’t by default. Why are people putting their servers and applications in IaaS providers like AWS and Azure? They can get a cheap, fast and secured data center to host their servers/applications. But that doesn’t mean they get the ... Read More