What’s in your cloud?

Thoughts on the Capital One breach by a former Capital One software engineer, team lead, cloud engineer, and security employee

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.

🔒 Related Stories: Data Breaches | Application Security | Cybersecurity

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I’m going to start this blog post with:

Security is hard.

Anyone who scoffs at Capital One or other large companies trying to secure organizations with multiple lines of businesses and 10,000+ developers better be careful because you might be next. Still.

We can do better.

I liked working at Capital One. It definitely had some ups and downs, but overall, it was a positive experience. I worked there longer than anywhere else besides my own company (a former company). I hope to finish out my career in a new company I started offering cloud security services. A lot of very smart people at Capital One likely knew about this problem and told someone to…