There are two kinds of people in the security community: those who embrace the cloud and all it has to offer and those who have the cloud thrust upon them. Regardless of where you stand on the issue, most traditional bare-metal companies are starting to test out cloud infrastructure to see if it is right for them, although too often these tests just linger for the security team to reconfigure.
Amazon Web Services remains the most popular enterprise cloud service and is becoming more ubiquitous every year. Devina Dhawan explains how to improve your existing AWS infrastructure by bringing in external tooling, mastering the AWS command-line interface, and improving communication with the rest of your organization. Devina covers role- and service-based access, including EC2 security roles, S3 bucket policies, and how to audit them and discusses how to set up logging and alerting, so you too can wake up in the middle of the night when someone enables Global SSH on all your EC2 instances.
Devina Dhawan is a security engineer at Etsy. In her spare time, she works with organizations such as Girls Who Code and Built by Girls to mentor young engineers.
©2017, O'Reilly Media, Inc. • (800) 889-8969 or (707) 827-7019 • Monday-Friday 7:30am-5pm PT • All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners. • email@example.com