Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Cloud

Effective AWS Incident Response: Examples and Recommendations

The use of Amazon Web Services (AWS) in organizations around the world is prolific. The platform accounted for 31% of total cloud infrastructure services spend in Q2 2022, growing by 33% annually. Despite its widespread use, many organizations still fail to consider the nuances of incident response in AWS.

Cloud forensics - An introduction to investigating security incidents in AWS, Azure and GCP

The cloud has revolutionized the way we do business. It has made it possible for us to store and access data from anywhere in the world, and it has also made it possible for us to scale our businesses up or down as needed. However, the cloud also brings with it new challenges. One of the biggest challenges is just keeping track of all of the data that is stored in the cloud. This can make it difficult to identify and respond to security incidents.

Detectify's journey to an AWS multi-account strategy

In the past year, we’ve shifted our infrastructure from a single Amazon Web Services (AWS) account owned by our Platform team to multiple domain-specific accounts. For each product domain and environment, we have created AWS accounts, which has allowed us to improve stability and security by reducing the blast radius. This setup also provides excellent scalability with good cost observability across the organization.

Cloudflare One named in Gartner Magic Quadrant for Security Service Edge

Gartner has recognized Cloudflare in the 2023 “Gartner® Magic Quadrant™ for Security Service Edge (SSE)” report for its ability to execute and completeness of vision. We are excited to share that the Cloudflare Zero Trust solution, part of our Cloudflare One platform, is one of only ten vendors recognized in the report. Of the 10 companies named to this year’s Gartner® Magic Quadrant™ report, Cloudflare is the only new vendor addition.

Chaos in the Cloud: Rampant Cloud Activity Requires Modern Protection

Digital transformation isn’t only for the good guys. Adversaries are undergoing their own digital transformation to exploit modern IT infrastructures — a trend we’re seeing play out in real time as they increasingly adapt their knowledge and tradecraft to exploit cloud environments. According to the CrowdStrike 2023 Global Threat Report, observed cloud exploitation cases grew by 95% over the previous year.

Best practices for identity and access management in cloud-native infrastructure

Editor’s note: This is the final part of a five-part cloud security series that covers protecting an organization’s network perimeter, endpoints, application code, sensitive data, and service and user accounts from threats. So far in this series, we’ve looked at the importance of securing an organization’s network, its application components, the endpoints that support those components, and its application data.

Customize rules for detecting cloud misconfigurations with Datadog Cloud Security Management

For organizations in highly regulated industries, any misconfiguration in their cloud environments can be detrimental to customer trust and privacy if overlooked. To mitigate this risk, DevOps and security engineers follow recognized compliance standards to quickly surface issues in their AWS, Azure, or Google Cloud environments. Organizations can take this work a step further by developing detection rules tailored to their unique business or security goals.