In our previous article, we discussed how GuardDuty can help organizations monitor their workloads and AWS accounts from malicious activities and how to monitor findings with Amazon CloudWatch Events. Imagine that your organization has multiple AWS accounts for different workloads, teams, and projects. With every account, you need to monitor GuardDuty findings individually. It will be quite difficult for your security team to monitor these findings with their constant switching between AWS accounts. Amazon GuardDuty supports the consolidation of these findings to one AWS account. For example, your organization has 10 AWS accounts. All you have to do is to [...]
About Matt HidalgoMatt is a Solutions Architect for a managed services provider that specializes in AWS and Azure. After graduating from college with a degree in Geology, he decided to switch careers and self-taught himself with AWS and Azure. Matt specializes in the migration and deployment of workloads to AWS and Azure with 3 years of experience.
Large scale cyber attacks are now becoming normal in this age of interconnectivity. As we rely more and more on cloud technologies, companies are looking to tap into digital innovations to improve their businesses. Cyber attacks are costing companies millions of dollars of downtime not to mention the possibility of lawsuits whenever an attack occurs. It is imperative that security teams have the means to prevent, detect, and take actions to ensure that the security of their workloads in AWS are airtight. Amazon GuardDuty was released during the 2017 re:Invent conference. Amazon GuardDuty is an agentless threat detection service that [...]
Amazon Elastic Block Store or EBS is a durable block-based storage device that can be attached to your EC2 instance. AWS released a feature called Multi-Attach, which allows EC2 instances to share a single EBS volume for up to 16 instances and provide higher availability of your applications for Linux workloads. Each instance to which the volume is attached has full read and write permissions to the volume. The following are several considerations and limitations in using the Multi-Attach feature: Multi-Attach enabled volumes do not support I/O fencing. I/O fencing protocols control write access in a shared storage environment to [...]
In this day and age, your site speed performance is an important factor when it comes to user experience. It is widely recommended for websites to have an average load time of 3 seconds as users tend to abandon the site if a page takes longer than 3 seconds to load. According to Amazon, just 100 milliseconds of extra load time cost them 1% in sales. Indeed, every second counts in our fast-paced digital world. Amazon Web Services has always been the global leader in Cloud Computing with its speed, performance, and reliability. With its breadth of services, AWS gives [...]
Amazon Web Services, with its ever-growing breadth of services, offers a fully-managed version control system where developers can privately store their application source code like Github or Bitbucket. CodeCommit can be used as a staging ground coupled with CodeDeploy and CodePipeline to seamlessly deploy code to Amazon EC2 instances. In this article, I will discuss how we can leverage Amazon SNS to send notifications whenever there are events in our repository. This is particularly useful when we need to keep our work colleagues up-to-date if there are events in our repository. Triggers are used for two things. The first is [...]