Securing the cloud: Addressing common configuration mistakes to protect sensitive data.
Cloud infrastructure is designed to enable easy setup and rapid usability, enabling access to enable powerful Internet facing services with a few clicks. While this is beneficial for agility, it is challenging for companies to ensure information is accessible to authorised parties only. If your organisation is using cloud-based infrastructure, you need to be aware […]
Log4J2 Vulnerability
A new exploit has been discovered in Log4j (version 2.0 or higher) that could have wide-scale implications and has already been detected in use in the wild, why is this important and so serious? Well, Log4j is an open-source Java logging library that is very widely used across applications and in multiple services as a […]
Threat Modelling in a DevSecOps world
Recently on a Mobilise webinar for Building DevSecOps into your Pipelines I got asked the question ‘Can you still do threat modelling? (When using DevSecOps principals)’. Which was an interesting question where I could only give the quick answer. The answer was yes, but via the medium of blogging we can expand that further. So […]
Cloud Security 2019: The review and 2020 trends
Last year I wrote a blog on what security measures you should take for the cloud in 2019. Now I’m here to review if I am a CloudSec soothsayer, or if I was wide of the mark. Let’s see how I did! The Security Measures 2019 Review Don’t Presume the CSP will take full care […]
Cloud Forensics: Navigating the Cloud in 2019 and Beyond
By Andrew Neale Last year I gave a talk at the First Forensic Forum about the cloud and how it can be used for nefarious means. What came as a surprise to me was how little the forensic practitioners there knew about the Cloud, Cloud service providers and all the new technology out there in […]
The Essential Guide to Cloud Security Measures in 2019
Written by Andrew Neale 2019 will be in no doubt another big year for the cloud, with the vail of the cloud being something big and scary finally lifting, more enterprises and customers will start to embrace the cloud. From putting new systems in the cloud, lifting and shifting their systems fully to the cloud […]