How To Secure an AWS IAM Role by IP Address
Amazon Web Services (AWS) Identity and Access Management (IAM) is one of the things that is often, let's say, overly complicated, but it is paramount to get it right. Incorrectly applied or overly permissive IAM policies and roles are often
How to Secure an Azure Service Principal with Conditional Access
Identity and Access Management (IAM) is absolutely fundamental to a Cloud operation, however, sometimes you had to make allowances for certain scenarios. For example, in order to gain access to a Microsoft Azure environment the most common way for Software
How to Integrate with Microsoft Sentinel SIEM
Cloud teams tell us they want to be able to see security issues in their environment in a central location. Going from one proprietary dashboard to another with several context switches, different query languages and only limited views of the
Cloud Security Report 2021
We are coming to the end of 2021, and it is a good time to look at the state of cloud security. Several events this year have again highlighted the importance for an increased focus on one’s cloud security posture.An
How to Detect Potentially Dangerous Dangling DNS on AWS
Dangling DNS records are a real security issue and without going into too much detail as to why this is, here is a quick overview of what "dangling DNS" means in the context of AWS. If you do want to know
How to Monitor for Secrets in AWS Lambda
AWS Lambda Functions have been, are and will be a major part of most AWS implementations. They are super handy, quick to develop, can be really cheap and generally just does what it needs to do. In general it is considered
How To Monitor For Risky Public Azure Virtual Machines
Public Azure Virtual Machines are one of the most exploited resources in the Azure cloud. As we mentioned in our recent white paper (here) it only takes a few seconds on average for someone to test your Virtual Machine for
How to find those stupid & annoying public AWS S3 Buckets
One of probably the most commonly referred to services in breaches / data leaks is Amazon AWS's storage service S3. Why? Because it is easy to misconfigure it. We even mentioned it as one of the most common misconfigurations in
Azure CosmosDB Vulnerability – What do I need to do?
Just recently Wiz released an announcement into a very critical vulnerability in one of Microsoft Azure's flagship services, Azure Cosmos DB. Because these things all need great names, Wiz called this one #ChaosDB. Is my Cosmos DB Database Secure? Microsoft states "no customer data was accessed because of
Cloud Security – a Shared Responsibility
Why is Cloud Security such a big challenge? Many organisations seem to struggle with insecure cloud environments even though their Cloud Providers (Microsoft Azure, Amazon AWS, Google GCP) provide them with all the tools they need to create secure platforms.