Discussing technologies and controls deployed to protect data, applications, and the associated infrastructure.
Cyber Essentials: A SecOps journey to compliance
In April 2018, Cloudreach became Cyber Essentials certified. The scheme is comprised of a minimum set of technical controls across areas of network configuration, device hardening, patch and device management, and tooling. The UK government-administered certification is intended to help organisations protect against, “Common online threats.” Cyber Essentials Project Goals Despite being ISO 27001 […]
Cloudreach Secrets: Implementing App Modernisation
In the previous post, we gave some background on Cloudreach Secrets – an application designed a few years ago by a Cloudreach employee for limited uses, but with a lot of potential. In this post, we take on the challenge of modernising Cloudreach Secrets and outline our plan and process. The moment I mentioned an […]
Cloudreach Secrets: Planning App Modernisation
Application Background Sharing secrets with non-technical users is challenging. Asking a non-technical user to generate a key pair, send the public key, and encrypt the secret so they can decrypt the response with their private key can be a bit too much to ask for. Many don’t know where to begin, whether they are allowed […]
When AI….goes bad
Couldn’t resist the trash TV title, sorry…. (hoping to sell the rights to Channel 5 in the UK). I spotted a report last week on the topic of ‘Malicious AI’ and thought it worth sharing a summary for those too time poor to read it in full – it’s 101 pages, albeit a pretty easy […]
How to continuously assess the security of your AMIs
Jawad Seddar, Cloud Systems Developer at Cloudreach, gives insight on a continuous AMI assessment process using Amazon Inspector, Lambda and CloudWatch. Vulnerability assessments When deploying resources in the cloud or in your datacenters, it’s always recommended to make sure they are not affected by known vulnerabilities as these can easily be leveraged to […]
Blockchain Technology – Disrupt everything
Blockchain Technology – Disrupt everything I hate the word “disrupt.” It drives the implication that an entire industry is capable of being interrupted or completely tossed on its head. Instead I substitute that word — I prefer to think of it as an evolution. Netflix didn’t disrupt watching movies and tv, they evolved that experience […]
AWS KMS Envelope Encryption
Today the Cloudreach blog covers a topic that is hot, hot, hot given the continuing security breaches, challenges and discussions around the globe. Specifically, we’re going to talk about encryption in AWS and how to make AWS Key Management Service (KMS) secure for your needs. The functionality that KMS provides is great, and with a […]
What the AWS Outage Teaches Us About the Shared Responsibility Model
It was essentially a fat finger on the command line. Everyone in IT has done it at one point in their career.
Is IoT Safe for your Business?
Back in January I wrote a post on IoT and the year ahead. I suspect the past few weeks’ activities have given IoT somewhat more press than my humble ramblings. Pretty much no one escaped the news that there have been some interesting new variants on the good old fashioned Distributed Denial of Service (DDoS), […]