Sign in Get started

Cloud Security

Cybersecurity in a Cloudy World

Update Ubuntu on EC2 to Get Updated Version of Git

Update Ubuntu on EC2 to Get Updated Version of Git

Your version of git may be outdated if using the default repositories on an AWS EC2 instance

Jun 2

Make a Second EBS Volume Available on Ubuntu on AWS EC2

Make a Second EBS Volume Available on Ubuntu on AWS EC2

Mounting a second drive so you can read from and write to it

Jun 1

Ubuntu on AWS

Stories on exploration of Ubuntu as an alternative to Windows ~ by Teri Radichel

May 31

Getting Around One of the AWS SSO (Identity Center) Weaknesses

Getting Around One of the AWS SSO (Identity Center) Weaknesses

ACM.225 Designing AWS Identity Center Permission Sets and Policies

May 30

Today

Pause for reflection

May 26

Create Functions to Deploy a SecureString SSM Parameter

Create Functions to Deploy a SecureString SSM Parameter

ACM.224 Creating a SecureString Parameter with the AWS CLI

May 22

Open Source Does Not Equal Free Source

Open Source Does Not Equal Free Source

Open source — What’s the point?

May 19

AWS Resources Organization and Naming Conventions

AWS Resources Organization and Naming Conventions

ACM.40 Organizing AWS resources to find resources, reduce errors, plan for growth, and handle security incidents more efficiently

Sep 3, 2022

SASE: Secure Access Service Edge

SASE: Secure Access Service Edge

Distributed security architectures in the cloud.

Oct 26, 2020

Parameters in Lambda Functions that lead to XSS and Injection

Parameters in Lambda Functions that lead to XSS and Injection

ACM.56 How I might abuse your Lambda function on a pentest if you don’t properly secure your inputs

Sep 20, 2022

Want to Talk to a Cybersecurity Expert?

Want to Talk to a Cybersecurity Expert?

Schedule a call with me or one of the other faculty members at IANS Research

Mar 20

Remove AWS Control Tower

Remove AWS Control Tower

ACM.219 Steps to Decommission AWS Control Tower

May 16

Copy Files Between S3 Buckets In Different AWS Accounts

Copy Files Between S3 Buckets In Different AWS Accounts

ACM.217 Simple method to transfer files (objects) between two AWS accounts

May 15

VPC Endpoint for CloudFormation

VPC Endpoint for CloudFormation

ACM.106 Adding an Interface VPC Endpoint to A VPC

Nov 9, 2022

Close an AWS Account in an Organization

Close an AWS Account in an Organization

ACM.168 Challenges and risks related to removing AWS accounts, OUs, and organizations

Feb 25

Amazon DocumentDB Network Access — Why the VPC?

Amazon DocumentDB Network Access — Why the VPC?

Billions of Reasons why networking is vital for cloud security courtesy of MongoDB

Sep 1, 2019

Keeping VMs on Private Networks on Azure, AWS, and GCP

Keeping VMs on Private Networks on Azure, AWS, and GCP

Nuances in multi-cloud networking and how it could contribute to cloud data breaches and security incidents

Dec 8, 2022

Cloud Security Architecture — Batch Jobs

Cloud Security Architecture — Batch Jobs

ACM.49 Cloud security and application architecture for running batch jobs

Sep 13, 2022

Should We Apply Statistics to Cybersecurity Risk Decisions?

Should We Apply Statistics to Cybersecurity Risk Decisions?

Considering different methods of risk analysis and decision-making

Jul 20, 2022

MFA on Delete For S3 Buckets

MFA on Delete For S3 Buckets

ACM.205 Requiring AWS principals to have MFA enabled to delete objects and versions

Apr 30

Exponential increases in cyber risk from Internet exposure

Exponential increases in cyber risk from Internet exposure

If you think about how breaches occur there is almost always some sort of Internet exposure involved. How many of your systems are exposed?

May 24, 2019

Mechanisms of Authenticating to a Linux VM (EC2 Instance) on AWS

Mechanisms of Authenticating to a Linux VM (EC2 Instance) on AWS

ACM.77 Considerations for how you access virtual machines in a cloud environment

Oct 11, 2022

Do You Know Your OAuth Flows?

Do You Know Your OAuth Flows?

Choose the correct flow for the application you’re building

Mar 23, 2021

Security for Startups

Security for Startups

Limited resources and new to security — where do I start?

Aug 10, 2020

Refactoring Existing Code to Use IAM Naming Conventions: Part 2

Refactoring Existing Code to Use IAM Naming Conventions: Part 2

ACM.43 Simplifying User and Group creation with reusable templates and functions

Sep 6, 2022

Incremental Service Control Policy Rollouts to Prevent Production Outages

Incremental Service Control Policy Rollouts to Prevent Production Outages

ACM.203 Testing and rolling out new Service Control Policies in a safe and controlled manner

Apr 28

Refactoring to reduce open source code risk

Refactoring to reduce open source code risk

One method to make safer use scripts and code you find on the Internet

Feb 2, 2022

AWS Nitro Enclaves and TPMs

AWS Nitro Enclaves and TPMs

ACM.80 Protecting data and encryption keys in memory and in use

Oct 14, 2022

AWS CLI for an SSO User

AWS CLI for an SSO User

ACM.127 AWS CLI commands with an AWS SSO (AWS Identity Center) session — threat modeling and attack surface

Jan 9

Pointers and References

Pointers and References

When your code points to security problems

Feb 13, 2022

Watching the Network Watchers

Watching the Network Watchers

Do you know what connections your router or firewall makes?

Mar 22, 2022

Ensuring Your CloudFormation Scripts Deploy Properly in Production

Ensuring Your CloudFormation Scripts Deploy Properly in Production

ACM.87 How one change can affect other working code, leading to unexpected disaster recovery and deployment failures

Oct 21, 2022

About Cloud SecurityLatest StoriesArchiveAbout MediumTermsPrivacyTeams