Okta is responding to a public cybersecurity incident, what can we learn from how they handled communications?
CloudFlare launches a new API Gateway product, will is shake up the market?
Google Cloud makes some small pricing adjustments and reactions are mixed. Here are my thoughts.
Google Cloud recently cleaned up both the CLIs and SDKs for building in the Google Cloud.
The AWS Audit Manager can help organize all of your audit and compliance evidence. This solution helps streamline the collection of non-AWS resource …
The AWS Well-Architected Tool allows users to create their own Custom Lenses. I have thoughts…
Google Chrome OS Flex is going to help put Chrome OS on a lot more computers. That’s a good thing, right?
Optimism (an L2 Ethereum project) just paid out a two million dollar bug bounty.
Building a ticketing or registration system? AWS just released a solution to help queue demand.
Attackers can find your cloud misconfigurations with almost no effort, why can’t you?
Once you’ve aggregated all of your AWS Security Hub Findings, here’s one way to visualize and analyze them.
Once you’ve aggregated all of your AWS Security Hub Findings, here’s one way to visualize and analyze them.
Misconfigurations in Amazon S3 keep happening. Here’s why and how to stop them.
AWS Security Hub Findings are great, but they can be better. Here’s a simple pattern from the AWS team to enrich those findings automatically.
In late 2017, IDT did an AWS “This is My Architecture” video. The video talks about how they managed secret information in their AWS …
In late 2017, iRobot did an AWS “This is My Architecture” video. The video talks about how they deployed their microservices in AWS.
The leadership session at AWS re:Invent provide a deeper dive into a specific area of focus. Stephen Schmidt, CISO at AWS takes the stage to talk all …
AWS re:Invent is always THE event in cloud. Werner Voegls delivered the latest version of his hotly anticipated keynote on day four.
Amazon Inspector first launched in 2015. Now in 2021, it’s re-launching with a brand new architecture and a host of new features.
AWS re:Invent is always THE event in cloud. Petere DeSantis’ keynote provided a peek behind the curtain of the technology that drive AWS itself.
Corey Quinn interviews key AWS leaders in a casual settings. This time he sits down with Bill Vass, VP Technology & Engineering
AWS re:Invent is always THE event in cloud. Swami Sivasubramanian took the stage to deliver the machine learning focused keynote on day three.
Amazon Inspector first launched in 2015. Now in 2021, it’s re-launching with a brand new architecture and a host of new features.
AWS re:Invent is always THE event in cloud. Adam Selipsky gave his first keynote as the CEO of AWS. Here’s what he covered during this two hour …
AWS re-launches a dramatically improved Amazon Inspector, a software vulnerability discovery/management service.
Here are the top AWS announcements leading up to and during AWS re:Invent 2021.
AWS re:Invent has over 500 sessions available remotely. Here’s a near complete list for easy searching.
AWS re:Invent is always THE event in cloud. This year a lot of people can’t attend in person. This post tells you how to get the most out of the …
AWS re:Invent is always THE event in cloud. This post is the ultimate guide to getting the most out of the show.
An overview of the AWS Well-Architected Frameworks’ Performance Efficiency pillar.
Most security practices make the same set of mistakes when moving to the cloud. This talk looks at those mistakes and how to avoid them.
An overview of the AWS Well-Architected Frameworks’ Reliability pillar.
There are massive opportunities to advance your security practice as your business moves into the cloud. This talk provides a step-by-step approach …
An overview of the AWS Well-Architected Frameworks’ Cost Optimization pillar.
An overview of the AWS Well-Architected Frameworks’ Security pillar.
An overview of the AWS Well-Architected Frameworks’ Operational Excellence pillar.
In late 2017, Airbnb did an AWS “This is My Architecture” video. The video talks about how they built a system to test their Amazon RDS …
AWS Labs has a lot of open source code up on GitHub. This repo helps you visualize your AWS workloads and highlight areas of cost.
AWS Labs has a lot of open source code up on GitHub. AWS Data Wrangler is a bridge between python pandas DataFrames and AWS data services.
AWS Labs has a lot of open source code up on GitHub. This repo provides an easy way for developers to view your Amazon API Gateway APIs.
AWS Labs has a lot of open source code up on GitHub. This repo helps you visualize your AWS workloads and highlight areas of cost.
AWS Labs has a lot of open source code up on GitHub. This repo helps you visualize your AWS workloads and highlight areas of cost.
AWS Labs has a lot of open source code up on GitHub. The code in this repo lets your embed Amazon QuickSight dashboards in your HTML.
AWS Labs has a lot of open source code up on GitHub. This repo contains a solid set of AWS WAF rules for common web-based attacks.
AWS Labs has a lot of open source code up on GitHub. Gluon TS helps you create forecast models for time series data.
AWS re:Invent is always THE event in cloud. As 2021 draws to a close, what path will AWS set the cloud on. What new services, features, and tools will …
AWS Labs has a lot of open source code up on GitHub. This post looks at the AWS Lambda Powertools for Python.
In late 2017, Station X did an AWS “This is My Architecture” video. The video talks about how they built out a genomics processing …
AWS Labs has a lot of open source code up on GitHub. This post looks at the AWS Deployment Framework.
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post looks at how Amazon balances …
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post looks at how Amazon conducts …
DevSecOps is the latest in a long line of buzzwords. The core makes sense: work on security earlier. But why isn’t this everywhere? Here’s …
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post highlights some of the …
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post highlights some of the …
In late 2017, Capital One did an AWS “This is My Architecture” video. The video talks about how they built Cloud Custodian and how that …
The Amazon Builder’s Library is a great set of deep dive papers into the challenges with modern systems. This post highlights some of the …
AWS has a huge library of fantastic resources. This post highlights the recently released whitepaper walking public sector organizations through …
AWS has a huge library of fantastic resources. This post highlights the recently released whitepaper talking about serverless multi-tier …
AWS has a huge library of fantastic resources. This post highlights the recently updated whitepaper aligning the NIST Cybersecurity Framework to AWS.
AWS has a huge library of fantastic resources. This post highlights the recently released whitepaper about building reactive systems on AWS.
In late 2017, New Relic did an AWS “This is My Architecture” video. The video talks about how they setup their Terraform execution plans …
AWS has a huge library of fantastic resources. This post highlights the recently updated whitepaper on building out a CI/CD practice in the AWS Cloud.
AWS re:Invent is always THE event in cloud. As 2021 draws to a close, what path will AWS set the cloud on. What new services, features, and tools will …
Here’s what AWS announced leading up to and during AWS re:Invent 2021.
Are you a security professional or a builder looking to learn more about security? This year, I wrote the official guide for security attendees to AWS …
In late 2017, CorpInfo did an AWS “This is My Architecture” video. The video walks through how they handled a massive amount of events …
In late 2017, Civitas Learning did an AWS “This is My Architecture” video. It was one of the first. The video walks through how they …
In late 2017, the Finanical Times wanted to get developers to factor in cost to their designs. They created a gamified solution to help drive this …
We’re producing more audio and video than ever. But you can’t get the most out of that content until you transcribe it to text. In this …
In late 2017, Netflix explained how they tackled the problem of failing over when disaster struck. Four years later, how well does that design hold …
Facebook, Instagram, and WhatsApp are deeply integrating into many aspects of daily life for many communities and business. One networking …
In late 2016, Lyft demonstrated the service discovery engine they built on AWS. Five years later, how well does that design hold up? What could we …
Live Text is now available in iOS and iPad OS but not macOS. I try to fix that with the help of Google Cloud in this tiny cloud project.
Misconfigurations are the number one security concern in the cloud. Guardrails can help you prevent misconfigurations from happening. This talk shows …
As a new user in the AWS Cloud, is AWS App Runner the service that’ll get your one container up and running quickly? This post explores that …
As a new user in the AWS Cloud, what does it take to get one container up and running? What service do you user? How many steps are there? This post …
The second installment of AWS re:Inforce was entirely virtual and gave a great view of the state of security in the AWS Cloud. Here’s what the …
A discussion about the evolution of security in the cloud. Security is now becoming a critical piece of a developer’s pipeline, what does that …
A purely digital RSAC 2021 kicks off looking back at a challenging year and to the challenges ahead for the security community.
The AWS Identity and Access Management (IAM) service turns 10 years old today. While it’s a fantastic service that keeps adding features, it …
I recently made a career move and it’s allowed me to re-double my efforts in the community. What do you want to learn about cloud and security?
No other technology revolution has induced more fear, uncertainty, and doubt for so long than the cloud. This post explores the “why” of …
It’s hard to keep track of all of the amazing content on the web. To help, I’ve created a few “super feeds” for your favourite …
Setting a new cloud account well is reasonably simple, but what about accounts that are already active? Here are some tips to add guardrails after the …
Week three of three (!) for AWS re:Invent 2020 kicks off and this post will be my “live blog” for the week. Check back often for …
There’s always more than one way to solve a problem. That’s a big advantage of AWS, but it can also be overwhelming to deal with. You will make …
Week two of three for AWS re:Invent 2020 kicks off and this post will be my “live blog” for the week. It will be neither …
Amazon EventBridge helps build loosely coupled applications that scale independently and makes it easier to integrate cloud-based applications and …
As you continually evolve your use of AWS products and services, it’s important to consider ways to improve your security posture and take advantage …
To operate services, Amazon relies on having high-fidelity visibility into how its systems behave and the user experience, whether that’s using AWS …
Coverage of the keynote of AWS re:Invent 2020 where Andy Jassy delivers new services, features, and more.
Week one of three for AWS re:Invent 2020 kicks off and this post will be my “live blog” for the week. Check back often for reactions, …
AWS re:Invent is always jam packed with new content. This post is a road map for my content during this three week virtual event.
AWS launches a mountain of new features leading up to and during AWS re:Invent. Here’s the list of announcements for 2020 and my perspective on …
AWS re:Invent is the best conference in cloud. This post lays out what you need to know to get the most out of the 2020 edition of this amazing event.
AWS re:Invent is the best conference in cloud. This year it’s an entirely virtual experience spread over 3 weeks. This post will help you get …
The Well-Architected Framework is a set of principles that can help you find the ideal build for the problem at hand…regardless of the size of …
Mornings With Mark streamed regularly throughout 2018 and 2019. Speaking to issues around technology, security, and privacy, this short (5—9 min.) …
Mornings With Mark streamed regularly throughout 2018 and 2019. Speaking to issues around technology, security, and privacy, this short (5—9 min.) …
Mornings With Mark streamed regularly throughout 2018 and 2019. Speaking to issues around technology, security, and privacy, this short (5—9 min.) …
The Unicorn Project is the latest book from Gene Kim, one of the leaders of the DevOps movement. The book focuses on developer enablement and culture. …
The second series of my live streaming series for Trend Micro. In it,I speak to various cloud leaders about what’s happening in cloud.
A Cloud Guru is hosting Cloud Madness. Thirty two cloud services face-off over four rounds but only one will be crowned the champion. Here’s my …
In this live streaming series for Trend Micro, I speak to various cloud leaders about what’s happening in cloud.
Organizations struggle with extending their security practices to the cloud. Traditional approaches don’t work, and new cloud-only practices duplicate …
Serverless architectures help you and your team focus almost entirely on delivering business value. They also break almost every existing security …
Cybersecurity is topic that comes up regularly as something you have to do…or should do…or are forced to look at by your security team. But why? There …
Security is often misunderstood and addressed in the last stages of a build. Operationally, it’s ignored until there is an emergency. In this talk, we …
AWS re:Invent is the best conference in cloud. This post lays out what you need to know to get the most out of the 2019 edition of this amazing event.
Serverless architectures are a fantastic solution to a lot—not all—design challenge. The benefits they bring are substantial and they can reduce the …
Google recently announced a new, all-in-the-cloud gaming service called Stadia. For gaming fans, there’s a lot of potential that—fingers …
A recent survey from RightScale showed a lot of confusion around cloud computing costs. The common take away? Organizations are surprised at how high …
Amazon announced a host of new “Alexa enabled” devices last week. What are the implications for your privacy at home?
The DevOps movement is the single biggest opportunity security teams have had in a long time. The goal of DevOps is speed and innovation. That goal …
AWS re:Invent is the best conference in cloud. This post lays out what you need to know to get the most out of the 2018 edition of this amazing event.
All the news and notes from the 2018 AWS Summit in San Francisco
There’s a lack of easy-to-use tools for “average” users to analyze their data. In today’s world, that means something.
Voice is going to play a huge role in the future. What are the security and privacy challenges?
AWS re:Invent is the best conference in cloud. This post lays out what you need to know to get the most out of your first time at this amazing show.
Four principles to help you navigate a cloud migration and the realities of hybrid cloud.
AWS re:Invent is the best conference in cloud. This post gives you the top five things to focus on to get the most out of the 2016 edition.
AWS re:Invent is the best conference in cloud. This post gives you the top five things to focus on to get the most out of the 2015 edition.
Great content from @marknca
The shared responsibility model defines how the cloud works. This post examines how Shellshock impacts that model.
Recent vulnerability “POODLE” demonstrates how the shared responsibility model helps reduce your security workload.
The shared responsibility model is simple to explain but challenging to implement. This post examines how the models works for the latest Xen …
AWS continues to expand it’s global network with the opening of a new region in Frankfurt, Germany.
Great content from @marknca
Microsoft hosted it’s annual Worldwide Partner Conference and the focus on was Microsoft Azure. I delivered a talk focused on how to automate …
Code Spaces is the worst case scenario. A simple misconfiguration in the cloud cost them their business.
Cloud computing is more than just fast self-service of virtual infrastructure. Developers and admins are looking for ways to provision and manage at …
How does security work in the Azure cloud? This post lays out the basics.
Microsoft Build 2014 kicks off a new era for Microsoft. One that will (hopefully) transform the company and focus on building out their cloud; Azure.
As AWS opened their summit series for 2014, 5000+ people packed into the Moscone Center. There was a ton of energy in the air and I got to talk about …
What does a modern security practice look like in the cloud? How do each of the area change?
Forensics is an area that’s often lacking in corporate environments. Few people have time to truly dig into an incident after it’s been …
Network security monitoring is changing dramatically in the cloud as more and more responsibilities are shifted to the Cloud Service Provider. How …
Incident response is often overlooked by everyone outside of the security team. In the cloud, automation and cooperation reign supreme.
The cloud is a fantastic opportunity to improve your security posture…but only if you update how you handle operations.
The cloud security discussion has changed from ‘should we’ to ‘how do we’. Here are the top issues you should be tackling.