Cost of Automating vs. Cost of Managing Secrets management is one of those things that becomes more and more important as successful small companies grow into successful bigger companies. At first, with a small group [...]
We have several clients who have struggled in the past with meeting the HITRUST requirements specifically around DLP and domain based whitelisting of egress traffic in AWS. Recently we've implemented a great set of controls [...]
At Foghorn, we spend lots of time helping design and build secure infrastructure running on AWS. Heck, we've got an entire security practice devoted to it. What we designed in 2012 looked a lot different [...]
Amazon Web Services (AWS) publishes their opinions of best practice architectures, and has historically performed Well Architected Reviews for key customers. Recently, Amazon has enlisted a small group of partners to join them in performing [...]
According to Ponemon Institute the average cost of a data breach in 2017 for an organization was $141 per stolen record, and $3.62M per occurrence. The financial costs are just a portion of the actual [...]
A while back AWS EBS encryption moved to using KMS (Key Management Service). This was a welcome change as KMS is a great service that enables some interesting security models around different AWS customers sharing [...]
A Better Way to Manage Internet Access for VPC Resources Anyone who has run OpsWorks stacks with private instances relying on NAT for Internet access may have seen firsthand what danger lurks beneath the surface. These instances will [...]
Here at Foghorn Consulting, we've been designing, implementing, and managing point to point security with AWS security groups for years. Security groups allow an amazingly granular method of controlling communications between instances without being bound [...]
