Blog Archives - Page 20 of 21

The “AWS Logs” Blog

AWS provides extensive logging and monitoring capabilities to help ensure the integrity and security of workloads. AWS services like CloudWatch, CloudTrail, VPCFlow and AWS Config provide deep insights into the operational aspects of the system. The logs create a data avalanche that most organizations tend to ignore. This can be a costly mistake that may cause service interruptions, missed opportunities for detecting security breaches or inefficient resource utilization. However, for logging to be effective, it is essential to sort through the logs and to spot any outliers automatically, saving your IT team time and better protecting your workloads. Tools such as Splunk or Elasticsearch provide the ability to process and analyze logs at scale and provide rich dashboards for detecting and acting on patterns. The process of viewing and analyzing logs got event easier with AWS’s recent launch of Elasticsearch as a service. Once the service is created and configured, it is

Intrusion Detection, Intrusion Prevention and Web Application Firewalls

As more and more businesses are hosted online and increasingly on cloud platforms such as AWS, it is critical to ensure robust cybersecurity defenses are in place. Typically, the security architecture for most web facing applications begins with boundary protection using a firewall. There are a number of security sub-systems such as Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS) and Web Application Firewalls (WAF) which are generally considered as basic requirements. This is especially true for online businesses offering services in the Healthcare, Financial, Government and Commercial payments market. As always there is a wide variety of choices and it is critical to understand the role of each one of the security systems to make an informed implementation decision. Let us begin by reviewing some of the basic definition on what these system do and the protections they provide. Intrusion Prevention System (IPS) – An IPS is an appliance

Security is critical for SaaS CEO’s and SaaS Investors

The Identity Theft Resource Center states that over 175 million records have been exposed in data breaches in 2015 through October. The incidents of breaches continue to increase and as more businesses are offering SaaS solutions to their customers, SaaS CEOs and Investors must take a careful look at their security practices to avoid business and financial risk. More and more businesses are offering SaaS solutions to their customers. However, many SaaS firms and their investors underestimate the importance of security as a critical component of their collective success. Many commercial SaaS operators have a “chink in their armor”. The lack of cybersecurity talent, low investment in security tools and generally weak management focus on security issues are contributory factors. This can be a costly mistake. Changing Regulatory Landscape around Cybersecurity US Regulators such as SEC and FTC amongst others are starting to aggressively enforce and in some cases expand

Blog

The “AWS Logs” Blog

Intrusion Detection, Intrusion Prevention and Web Application Firewalls

Security is critical for SaaS CEO’s and SaaS Investors

AISecOps – Plugging the Security and Operations Gap left by DevOps

Logging and Monitoring with Lucidworks Silk – Lucene-Solr, Kibana and Logstash

Building a Logging and Monitoring Solution – How Cloudant did it

Data Collection and Real-time Performance Analytics at LinkedIN

Creating a NIST/FedRAMP Compliant Architecture

eBook: Strategies for Meeting DFARS and NIST SP 800-171 requirements with FedRAMP Accredited AWS GovCloud

Implementing Secure DevOps (SecDevOps) on Public Cloud Platforms

Visualizing NoSQL Data in Tableau with MongoDB and AWS

Secure and Scalable Magento Hosting on AWS with EC2 and Aurora