Secure application development for the cloud best practices

Secure application development for the cloud best practices

Why follow best practices? Understanding and following best practices as well as building in the cloud on Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform™, Kubernetes, containers, and applications will enable you to get the most out of your toolkit. This includes more security as you are building, more proficiency with the tools and services you are using, better structure, faster environment, a reliable system that will withstand outages, and a more cost-effective solution….

Read More

Cybersecurity Basics: Authentication and Authorization

Cybersecurity Basics: Authentication and Authorization

What is identity and access management? Identity and access management (IAM) ensures the right people in the right job roles can access the tools, systems, and services absolutely necessary to do their jobs. It is part of the foundation to a strong zero trust approach that answers two fundamental questions you should be asking about every solution you build: who is that and what have we allowed them to do? The “Who” Determining who you…

Read More

How to Optimize Your Lambda Code

How to Optimize Your Lambda Code

This code worked well in our tests and was approved in the code review process. It returns True when there are two files with the right prefixes, and it returns False when there isn’t. Simple enough. That wasn’t what happened in real life, however. It would still work in the scenario where the right files are there, but it would, only sometimes, return True when just one of the files were there. And this was…

Read More

5 Zero Trust Security Model DevOps Integrations

5 Zero Trust Security Model DevOps Integrations

Five key pillars of zero trust A zero trust security approach across can be broken down into five distinct pillars: device trust, user trust, transport/session trust, application trust, and data trust. To efficiently coordinate the security of each pillar consider leveraging a cybersecurity platform that gives you visibility into your entire IT infrastructure, with the access to security automation tools, customizable APIs, and a broad set of third-party integrations. 1. Device trustThe number of devices…

Read More

Terraform Tutorial: Drift Detection Strategies

Terraform Tutorial: Drift Detection Strategies

A common misconception among DevOps teams using infrastructure as code (IaC) tools is that the templates they use to run their deployments are infallible sources of truth. Instead, a fundamental challenge of architectures built using tools like Terraform is configuration drift. This occurs when the actual state of your infrastructure begins to accumulate changes and deviates from the configurations defined in your code. Configuration drift can occur for many reasons, regardless of how good your…

Read More

5 Frequent Cybersecurity Software Vulnerabilities & Indicators

5 Frequent Cybersecurity Software Vulnerabilities & Indicators

Vulnerabilities in software and infrastructure are a fact of life for developers and SREs, but that doesn’t mean you must accept them. Given the exponential growth of vulnerabilities, DevOps teams must be aware of and learn how to mitigate these risks to ensure healthy systems and applications. This article will focus on five common vulnerabilities in no particular order of severity. We’ll examine some in-depth information on each vulnerability’s root cause and how it can…

Read More

How to Build a Serverless API with Lambda and Node.js

How to Build a Serverless API with Lambda and Node.js

Serverless technologies enable developers to concentrate on what the application does without the hassle of managing where it runs and how it scales. The cloud provider manages infrastructure, simply upload the applications, and the provider handles the rest. This article highlights the benefits of going serverless by walking through creating a serverless REST API using AWS Lambda and Node.js. Setting Up the Local Environment This tutorial requires the following dependencies: Now that the environment is…

Read More

10 best practices for S3 bucket security configuration

10 best practices for S3 bucket security configuration

Rule GD-001: GuardDuty enabled Conformity has rule GD-001 for enabling GuardDuty. This rule checks that GuardDuty is enabled in all regions for the security of your AWS environment and infrastructure. Because this rule is a medium-level threat, Conformity encourages compliance. The result of non-compliance is the potential occurrence and proliferation of malicious activity on your AWS account and infrastructure without your knowledge, such as Recon:EC2/PortProbeUnprotectedPort, UnauthorizedAccess:EC2/SSHBruteForce, or UnauthorizedAccess:IAMUser/MaliciousIPCaller. To remediate, simply visit GuardDuty to enable…

Read More

Cloud Native Security Platform Must-have Components

Cloud Native Security Platform Must-have Components

5 key components to review To ensure secure apps are developed and deployed, McCluney and Griffin recommend implementing review processes for the following: Cloud posture and compliance Vulnerability visibility and management Container security Template scanning Securing your code Before delving into each of these components, let’s review why each one is key, and understand how the state of the industry has shaped these key security components. 4 cloud native development trends McCluney and Griffin point…

Read More

7 Container Security Best Practices For Better Apps

Cloud Native Security Platform Must-have Components

Write clean code In 2020, Digital Shadow scanned more than 150 million entities from GitHub, GitLab, and Pastebin and found 800,000 access keys and secrets. 40% of these were for database stores—38% for CSPs such as Google, Microsoft Azure, and AWS. Yikes. It goes without saying (but I’m saying it anyways) you cannot afford to have your secrets exposed. To keep your secrets secret, avoid writing secrets into the code or in a config file…

Read More
1 4 5 6 7 8