What’s in your cloud?
Thoughts on the Capital One breach by a former Capital One software engineer, team lead, cloud engineer, and security employee
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.
🔒 Related Stories: Data Breaches | Application Security | Cybersecurity
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
I’m going to start this blog post with:
Security is hard.
Anyone who scoffs at Capital One or other large companies trying to secure organizations with multiple lines of businesses and 10,000+ developers better be careful because you might be next. Still.
We can do better.
I liked working at Capital One. It definitely had some ups and downs, but overall, it was a positive experience. I worked there longer than anywhere else besides my own company (a former company). I hope to finish out my career in a new company I started offering cloud security services. A lot of very smart people at Capital One likely knew about this problem and told someone to…