The AWS Management Console, along with the AWS CLI can produce powerful results for auditors across multiple regulatory, standards, and industry authorities. I am going to cover some of the key sources that produce important and meaningful log information that you can use within your audit and compliance program.

You should consider auditing your security configuration in the following situations:


Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS.

It assesses applications for vulnerabilities or deviations from best practices developed by AWS. After performing an assessment, Amazon Inspector produces a detailed list of security findings prioritized by level of severity that can and should be reviewed by qualified information security professionals.

Using Amazon Inspector with AWS Lambda allows you to automate certain security tasks helping take your evolution of security assessments to the next level. …


The “how” of security has dramatically changed with cloud computing, but the underlying strategies still remain very similar. There are many new opportunities to adopt the power and benefits of the cloud within our security strategies and programs and it has never been a better time to be a cybersecurity professional.

The underlying concepts are the same for all public cloud computing platforms, but the “how” of security varies based on each provider. Since AWS is still the dominant cloud service provider, I decided to share this example based on AWS today.

In the example in this article, we have…


In this article, I share the type of security functions that should exist with a Secure Software Development Life Cycle (SSDLC) process in any organization that is developing and deploying applications in the cloud.

If you are an application developer or security professional, use this article as a checklist to make sure the correct security functions are part of each phase of your SDLC process.

While there are a variety of different SSDLC Frameworks, the phases can be generalized as follows:

Training -> Define -> Design -> Develop -> Test

I recently wrote an article about SSDLC Frameworks and why they matter that you may want to review.

SECURITY FUNCTIONS IN SDLC FRAMEWORKS

TRAINING PHASE

The…


Security is one of the most important aspects of any application, and in the age of cloud computing, it is arguably the most important because an unplanned cybersecurity incident can be damaging and potentially devastating.

There are a few different Secure Software Development Life Cycle (SSDLC) Frameworks that you could adopt and use to help improve the security posture of your application development and deployment processes as well as the overall security posture of the organization.

I have ran into Microsoft’s SSDLC Framework the most, so I will cover it in this article along with some insights and resources that…


The public cloud computing model and services has completely changed how we secure our systems and applications. There are several benefits as well as some new challenges.

I will be covering 7 benefits that can be realized by most organizations as well as 4 new security challenges that if not addressed will lead to undesirable outcomes and unnecessary cyber incidents.

First, I will list the 7 positive benefits that are generally associated with cloud computing with large cloud service providers like AWS, Microsoft Azure, and Google:


I recently wrote an article describing four main threats for SD-WAN that can be used as a checklist for cybersecurity professionals and enterprise stakeholders when reviewing and implementing SD-WAN.

In this article today, I am going to dive deeper into some important Orchestration Plane and Management Plane Threats for SD-WAN and some key points for consideration. This is important because administration tasks happen over the Internet.


Software Defined Wide Area Networking (SD-WAN) is quickly becoming an enterprise staple to help control costs, reduce application latency, and reduce network downtime.

However, with all of those benefits come with new cybersecurity threats and risks that should be considered and evaluated prior to deployment.

SD-WAN has no inherent defenses and security controls against advanced threats. Depending on the vendor you select, this can vary significantly. Enter into your new SD-WAN solution with your eyes wide open and don’t assume any inherent security controls and benefits.

Based on the sales pitches of SD-WAN service providers, it is easy for non-technical…


For many scenarios in the cloud today, multi-factor authentication (MFA) simply isn’t enough. I recently wrote an article reviewing why MFA isn’t enough any longer in public cloud environments.

In Azure, you can use conditional access policies in conjunction with MFA to help add an additional layer of protection to privileged accounts at a minimum. Refer to the diagram below for a conceptional overview.


For high-risk accounts like developers and cloud administrators, MFA is no longer good enough.

It is easy and painless to take the extra step to add conditional policies to these accounts in all of the major public cloud providers (Azure, AWS, Google).

In this article, I will describe conditional policies for Microsoft Azure.

Multi-Factor Authentication

Multi-factor authentication provides additional security for your identities by requiring two or more elements for full authentication. These elements fall into three categories:

Tim Layton

Cloud Security & Risk Management Professional

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store