Security

Blog Posts

Discussing technologies and controls deployed to protect data, applications, and the associated infrastructure.

Cyber Essentials: A SecOps journey to compliance

Scott McLeod 11th June 2018
In April 2018, Cloudreach became Cyber Essentials certified. The scheme is comprised of a minimum set of technical controls across areas of network configuration, device hardening, patch and device management, and tooling. The UK government-administered certification is intended to help organisations protect against, “Common online threats.”   Cyber Essentials Project Goals Despite being ISO 27001 […]

How to continuously assess the security of your AMIs

Jawad Seddar 23rd February 2018
Jawad Seddar, Cloud Systems Developer at Cloudreach, gives insight on a continuous AMI assessment process using Amazon Inspector, Lambda and CloudWatch.   Vulnerability assessments   When deploying resources in the cloud or in your datacenters, it’s always recommended to make sure they are not affected by known vulnerabilities as these can easily be leveraged to […]