Keith Gregory: Mitigating Log4Shell with AWS
Deploying your applications in the Cloud, and using the services it provides, is one good way to mitigate the possibility of future attacks.
Deploying your applications in the Cloud, and using the services it provides, is one good way to mitigate the possibility of future attacks.
Two months ago I didn’t give much thought to controlling a program’s access to the Internet. Then Log4Shell happened. This post looks at three ways that you can control what an in-VPC application is allowed to talk to.
It’s been a week since CVE-2021-44228, a remote code execution vulnerability in Log4J 2.x, hit the world. Hopefully by now everybody reading this has updated their Java deployments with the latest Log4J libraries. But no doubt there’s another vulnerability, in some popular framework or library, just waiting to make its presence known. This post is about Cloud features that act to minimize the blast radius of such vulnerabilities.
CloudTrail provides you with an audit log of every successful API call made in your AWS account. This post focuses on management events in CloudTrail, and techniques for exploring and analyzing those events using a search engine such as Elasticsearch with Kibana.
This presentation will take you through the biggest areas where you need to focus your efforts in order to keep your data safe in AWS, and will show some real-life examples of what could go wrong if you make compromises or allow bad practices.
A Chariot team led by Eric Snyder migrates a local media giant’s data to the Amazon Web Services cloud.
How do organization provide security between the realm of greater oversight and control in private cloud and the unknowns in the public cloud? Do the patterns for securing a service in a hybrid cloud deployment look different than used in traditional private cloud? This presentation will cover some of the challenges and patterns to make hybrid cloud secure and redundant.