Banner Image

Resources

Ready access to our blogs, whitepapers, videos, case studies and thought leadership on cloud security, compliance and cloud modernization.

Overview

Check out our latest blogs and case studies, view our videos, and download whitepapers to learn more about cloud security, compliance, and cloud modernization for regulated industries.

White Papers

Continuous Cloud Threat Monitoring and Compliance Solutions Brief

stackArmor ThreatAlert® provides a holistic security event monitoring and management service that is based on US Federal Government security standards embodied in the NIST Special Publication 800-53 that is the underlying basis for the NIST Cybersecurity Framework, HIPAA, MARS 2.0 E, and other similar compliance frameworks.

Download

Creating a NIST/FedRAMP Compliant Architecture

In today’s heightened security atmosphere and the prevalence of cyberattacks, customers should base their cloud architectures on well-known security standards like NIST, FedRAMP, HIPAA or PCI-DSS. Security by Design helps ensure that security and compliance requirements are baked into the solution architecture for cloud hosting and operations.

Download

eBook: Strategies for Meeting DFARS and NIST SP 800-171 requirements with FedRAMP Accredited AWS GovCloud

DOD prime contractors and sub-contractors must demonstrate compliance with NIST SP 800-171 based on DFARS Clause 252.204-7012 starting Jan 01, 2018. DFARS requires that contractors implement NIST SP 800-171 to protect systems and networks that process, store, or transmit “covered defense information”. Small businesses, manufacturers, construction and engineering services providers must consider implementing compliant solutions that include documentation including a System Security Plan (SSP), Plan of Actions & Milestones (POA&M) and a IT Contingency Plan (ITCP). Leveraging FedRAMP and DOD accredited cloud platforms like the AWS GovCloud can help greatly accelerate the compliance process and reduce costs. Our FREE eBook provides hands-on strategies for compliance with DFARS 252.204-7012.

Download

Implementing Secure DevOps (SecDevOps) on Public Cloud Platforms

Businesses are looking to accelerate the delivery of production quality software with fewer defects, and better security. Continuous Integration/Continuous Deployment (CI/CD) also known as DevOps is a rapidly maturing practice for reducing the time and effort it takes to test and deploy code into production. The rapid automation of the integration and deployment activities is common especially on cloud-based platforms. Adding security testing into the DevOps pipeline can help address the needs of regulated, compliance and public sector focused organizations. This white paper describes the use of open source technologies and commercial packages to design and deploy a Secure DevOps pipeline. Tools such as Yasca, SonarQube, and OpenSCAP amongst others when integrated with vulnerability scanners such as Tenable Nessus, HP Fortify and others provide a robust SecDevOps implementation.

Download

PCI-DSS Compliant Hosting on Amazon Web Services (AWS)

ECommerce and Online businesses dealing with sensitive customer data or credit card information can easily and cost-effectively host their application and data in Amazon Web Services (AWS). Amazon Web Services (AWS) offers a powerful hosting platform with built-in security and database hosting options including AWS Aurora which is a MySQL compatible database. Learn how you can host your PCI DSS compliant application quickly and cost-effectively.

Download

Visualizing NoSQL Data in Tableau with MongoDB and AWS

Present day IT systems are generating data, in the unstructured format at a very rapid phase, due to the popularity of web applications, mobile devices, IoT and Social media. It has been observed that nearly 80% of this unstructured data is being stored in the JSON format. Considering the complexity of analyzing documents, Tableau and MongoDB have partnered to make it easy for companies to visually analyze rich JSON like data structures directly in MongoDB.

Download

Secure and Scalable Magento Hosting on AWS with EC2 and Aurora

Magento is a powerful and widely deployed ECommerce engine and requires a secure and scalable hosting platform to ensure an awesome user experience. Amazon Web Services (AWS) offers a powerful hosting platform with built-in security and database hosting options including AWS Aurora which is a MySQL compatible database. Learn how you can host your Magento 2.0 ECommerce store on AWS using security best practices.

Download

Hosting Sitecore WCMS on Amazon Web Services (AWS)

Sitecore is the global leader in experience management software that enables context marketing. The Sitecore® Experience Platform™ manages content, delivers contextual intelligence, and automates communications, at scale. Amazon Web Services (AWS) offers a flexible and cost-efficient hosting platform for Sitecore that scales up and down to meet the growing needs of firms doing business online.

Download

Cloud Security Best Practices and Common Errors

The business and technology landscape is changing and requires creating a holistic security architecture that covers Environment/Enclave Protection, Application Protection, Data Security, Vulnerability Management, Compliance and Continuous Management and Reporting. Read about how you can develop a security architecture and compliance framework for your organization that covers the full-stack.

Download

Secure and Scalable Magento Hosting with AWS EC2 and Aurora

Magento is an open source cloud based digital commerce platform that empowers merchants to integrate digital and physical shopping experiences. Magento enterprise edition provides an engaging shopping experience to the users by providing personalized content, fast checkout and a seamless shopper experience. However, in order to ensure the integrity of the user experience and sensitive customer data, it is important to follow security and deployment best practices. stackArmor’s cybersecurity and cloud deployment experts have developed a proven and full-stack methodology to help protect and secure applications and data.

Download
View More

    Download