Common AWS Security Event Root Causes – Notes – Part #3

With this post, we'll conclude this series covering the most common AWS Security Event Root Causes. To recap, the six most common AWS security incident root causes are: Unintended disclosure of security credentials and secretsCustomer does not ensure the complete accuracy of their AWS account informationInsecure AWS resource configurationInactive response to GuardDuty and other detective controls and … Continue reading Common AWS Security Event Root Causes – Notes – Part #3

virtualBonzo “Lab Spotlight” – AppStream SaaS Portal

As part of a potential new "segment" to the site, we thought it may be fun to share with you those labs and/or workshops that we have found to be interesting. Thus the "Lab Spotlight" is born! If you look through the history of the site, you'll find several posts regarding Amazon AppStream, AWS's fully … Continue reading virtualBonzo “Lab Spotlight” – AppStream SaaS Portal

Common AWS Security Event Root Causes – Notes – Part #2

Hello everyone! In many ways, it feels like "forever" since I last wrote anything. So much has happened since the last post but between surgeries, back problems, customer projects, and some PTO, I felt an urge to sit down and see if I could put a few sentences together and jump back into this multipart … Continue reading Common AWS Security Event Root Causes – Notes – Part #2

Common AWS Security Event Root Causes – Notes – Part #1

Last week I attended an interesting webinar with an engineer from the AWS Customer Incident Response team talk about the most common AWS Security Incident Root Causes. What was fascinating, to me anyway, is that the destructive power of these root causes can be minimized by following standard security best practices. Without further ado, are … Continue reading Common AWS Security Event Root Causes – Notes – Part #1

Building an AWS Organization? Be sure to integrate….AWS IAM Access Analyzer

Overview If you’re building an AWS Organization, or getting ready to deploy a new organization using AWS Control Tower, be advised that there are very helpful AWS services that can be integrated into your organization. In this “Be sure to integrate…” series, we’ll look at 3 baseline services that should be enabled and integrated into … Continue reading Building an AWS Organization? Be sure to integrate….AWS IAM Access Analyzer

Building an AWS Organization? Be sure to integrate….AWS GuardDuty

Overview If you’re building an AWS Organization, or getting ready to deploy a new organization using AWS Control Tower, be advised that there are very helpful AWS services that can be integrated into your organization. In this “Be sure to integrate…” series, we’ll look at 3 baseline services that should be enabled and integrated into … Continue reading Building an AWS Organization? Be sure to integrate….AWS GuardDuty

Trouble restoring AWS Outposts-based RDS Instances with Rubrik?

Overview Recently I was working with Rubrik to perform some tests related to the backup and restore of AWS resources housed on an AWS Outpost. Everything was working great until we attempted to restore an RDS database onto the Outpost. The solution was pretty straightforward and easy but I had the benefit of working directly … Continue reading Trouble restoring AWS Outposts-based RDS Instances with Rubrik?

Building an AWS Organization? Be sure to integrate….AWS Security Hub

Overview If you're building an AWS Organization, or getting ready to deploy a new organization using AWS Control Tower, be advised that there are very helpful AWS services that can be integrated into your organization. In this "Be sure to integrate..." series, we'll look at 3 baseline services that should be enabled and integrated into … Continue reading Building an AWS Organization? Be sure to integrate….AWS Security Hub