AWS Shared Responsibility Model: Cloud Security

AWS security best practices begin with the AWS Shared Responsibility Model that dictates which security controls are AWS’s responsibility and which are yours. Updated: September 2017 – Inclusion of additional models Over my next several posts, I’ll be discussing AWS security best practices from different perspectives and covering different AWS services. The overall goal is to..

How to set up a web application hacking lab

To learn something well requires practice, and ethical hacking is no exception. Unlike say, practicing the trumpet, practicing hacking has potential legal implications. This means that if you want to practice hacking, you need an environment. In this article, I’ll show you how to set up a basic web application hacking lab, and I’ll give..

AWS Security Fundamentals eBook

As more and more organizations migrate to the cloud, security remains a top of mind concern. Just as in traditional IT infrastructures, data breaches from hackers can have a range of implications in the cloud, from financial losses to damage to the brand’s reputation and a loss of market share. As one of the most..

Creating an AWS IAM policy: AWS Security

However you choose to do it: your AWS IAM policy must be a good fit for your application’s actual access needs. We’ll discuss three ways to get it done. Welcome to part six of our AWS Security Series. Last week I introduced Identity & Access Manager (IAM) and how you can control access to resources..

SELinux: improve the security of your EC2 servers

SELinux provides tools to more finely control the activities allowed to users, processes, and daemons to limit the potential damage from vulnerabilities. In the third and final part of our server security series, we will look at how we can enhance the security of Linux-based AWS EC2 instances with SELinux. We will learn how to..

AWS WAF (Web Application Firewall) and application security

Amazon’s new AWS WAF web application firewall service is built specifically to protect cloud apps from a whole range of Internet threats. Learn how it works. We all know that web applications are vulnerable to attacks, and that deploying your application from the cloud can theoretically expose it to even greater risk. To help secure..

Firewalld: improving security for your AWS EC2 server

While AWS EC2 instances should be well protected by VPC security tools, you may still need to implement protection at the OS-level, and that means firewalld. This is the second part of our server security series. In this article, we will look at configuring firewall rules via firewalld on Red Hat Enterprise Linux. While Amazon..