DisruptOps

We are proud to be one of KC's Top Companies. And... We're hiring! Come grow with us. https://www.startlandnews.com//kansas-city-top-vc-backed-/

In our last post, we walked through the console and highlighted making the most of the Security Hub console and some tips and tricks to make it more useful. This time, we are diving into one of the best parts of Security Hub taking actions on events and findings. https://disruptops.com/supercharging-security-hub-part-4-t/ #SecurityHub #AWS #awssecurity #awsservices

In our last post we covered getting started with Security Hub and how to set up an optimized configuration. Now although we’ve introduced the core capabilities, in this post we’ll walk through the different parts of the console and how the set them up to be most effective. https://disruptops.com/supercharging-aws-security-hub-part/ #awssecurity #securityhub #cloudsecurity

Continuing our Security Hub Series, this new post covers our recommended configuration, how to push findings and events back into your security infrastructure, and some of the tradeoffs of enabling the supported underlying services. https://disruptops.com/supercharging-aws-security-hub-part/ #AWS #AWSsecurity #SecurityHub

As Security Hub has matured and grown, it’s well on its way to become an essential AWS security service, but one with the potential to overwhelm teams with information they are compelled to take actions on. In this new series we will dig into the weeds of Security Hub, why we think most organizations will turn it on and how to use security hub to improve your security capabilities well beyond some pretty graphs and compliance reports. https://disruptops.com/supercharging-aws...-security-hub-part/ #AWS #AWSsecurity #SecurityHub

Most of security compliance is designed to reduce security risk. At least on paper. But over time we’ve seen standard after standard, regulation after regulation, decouple risk from compliance. The very nature of meeting compliance standards robs organizations of the ability to develop risk-based security. https://disruptops.com/the-tragedy-of-security-dies-on-the/ #cloudsecurity #devops

New website alert! Come by and check out our new product capabilities and messaging. https://disruptops.com/ #cloudsecurity #aws #chatops

We have strengthened our executive team! Join us in welcoming Matt Eberhart as our first COO. Matt brings over 20 years of enterprise security go to market and product leadership experience to DisruptOps, where he’ll lead all sales, marketing, and customer success activities. https://disruptops.com/disruptops-welcomes-security-execut/

Hardening cross account connections was part of our threat modeling here at DisruptOps, although we did pick up another idea or two to make things better. In this latest post, we will walk through each issue identified by Praetorian and look at the best options for security hardening. https://disruptops.com/advanced-techniques-for-defending-a/ #Praetorian #HardeningAWS #AWSsecurity #AWS

We are excited to be partners with SecurityHub dating back to when it was still in preview mode. With integrations to both publish findings from our advanced governance assessments and to take action on discovered findings, we are deeply integrated into SecurityHub. As SecurityHub expands its capabilities by supporting additional services and new compliance checks, we will be right here enabling our customers to respond to these findings with user-defined alerts and actions. https://disruptops.com/aws-security-management-with-securi/ #AWSsecurity #SecurityHub

Another day, another public S3 bucket. How complexity overrides secure defaults leading to sensitive data constantly becoming exposed through object storage. https://disruptops.com/easy-does-it-understanding-object-s/

Yet another widespread but easily overlooked cloud security blunder is the unintentional exposure of underlying databases, including PaaS services. Sure it’s simple to prevent, but as with most of the flaws we see, simple doesn’t scale. https://disruptops.com/hitting-paas-on-inadvertent-cloud-d/

The unintended and often undetected exposure of cloud servers via misconfigured remote access ports is an all too common occurrence. Scaling a process to monitor and alert the issue, then take action, is the only way to address this simple shortcoming. https://disruptops.com/unseen-exposure-tackling-the-pervas/