Category: Security

Segregation of Duties on AWS

Posted on October 30, 2018 by Paul Duvall | Leave a comment

In the book, Accelerate, by Forsgren, et al., it states the following about Segregation of Duties:   What About Segregation of Duties?…First, when any kind of change is committed, somebody who wasn’t involved in authoring the change should review it either before or immediately following commit to version control. Second, changes should only be applied … Continue reading Segregation of Duties on AWS

DevOps on AWS Radio: Serverless Architectures and Security – Ory Segal (Episode 17)

Posted on August 3, 2018 by The Stelligent Team | Leave a comment

In this episode, Paul Duvall and Brian Jakovich cover recent DevOps on AWS news along with a discussion with Ory Segal, CTO and Co-Founder at PureSec about Serverless Architectures and Security. Here are the show notes: DevOps on AWS News Casey Lee – AWS Container Hero Screencast: Continuous Delivery for Machine Learning with AWS CodePipeline and … Continue reading DevOps on AWS Radio: Serverless Architectures and Security – Ory Segal (Episode 17)

Security Integration Testing (Part 3): Integrating with a Continuous Delivery pipeline

Posted on May 17, 2016 by Dave Bettinger | Leave a comment

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the seventh article in the series. Introduction The purpose of this blog series is to show how AWS Config and Lambda can be used to add Security Integration tests to a Continuous … Continue reading Security Integration Testing (Part 3): Integrating with a Continuous Delivery pipeline

Security Integration Testing (Part 2): Building and deploying a testing framework on AWS

Posted on May 3, 2016 by Dave Bettinger | Leave a comment

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the fifth article in the series. Introduction The purpose of this blog series is to show how AWS Config and Lambda can be used to add Security Integration tests to a Continuous … Continue reading Security Integration Testing (Part 2): Building and deploying a testing framework on AWS

Automating Penetration Testing in a CI/CD Pipeline

Posted on April 28, 2016 by Nick DeClario | 2 Comments

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the first article in the series. As the internet has matured and grown the need for stronger security has exceeded that pace. Penetration testing has become a large part of … Continue reading Automating Penetration Testing in a CI/CD Pipeline

Security Integration Testing (Part 1): Resource Monitoring with AWS Config Rules

Posted on April 19, 2016 by Dave Bettinger | Leave a comment

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the third article in the series. Introduction In a Continuous Delivery pipeline it is imperative to enforce infrastructure security policies and ensure that any new code or infrastructure changes don’t result … Continue reading Security Integration Testing (Part 1): Resource Monitoring with AWS Config Rules

Finding Security Problems Early in the Development Process of a CloudFormation Template with "cfn-nag"

Posted on April 7, 2016 by Eric Kascic | 8 Comments

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the second article in the series. CloudFormation Background CloudFormation templates are a great way to provision AWS resources.  They allow an infrastructure developer to declare what resources are to be … Continue reading Finding Security Problems Early in the Development Process of a CloudFormation Template with "cfn-nag"

Continuous Security: Security in the Continuous Delivery Pipeline

Posted on April 5, 2016 by The Stelligent Team | 8 Comments

Continuous Security is the addressing of security concerns and testing in the Continuous Delivery pipeline, and is as much a part of continuous delivery as operations, testing, or security is a part of the DevOps culture. This article is the first in a series which talks about ways of integrating security testing/validation of both software … Continue reading Continuous Security: Security in the Continuous Delivery Pipeline

Deployment Pipeline in Amazon Web Services – Support Infrastructure

Posted on January 26, 2015 by The Stelligent Team | Leave a comment

In the introduction to this series on deployment pipelines in Amazon Web Services (AWS), I covered the nine “stages” that we use as a starting point for our Continuous Delivery in AWS implementations at Stelligent. This first “stage” I’ll be describing is on establishing the support infrastructure for the deployment pipeline. It’s not what I think … Continue reading Deployment Pipeline in Amazon Web Services – Support Infrastructure

Creating a Secure Deployment Pipeline in Amazon Web Services

Posted on March 2, 2014 by The Stelligent Team | Leave a comment

Many organizations require a secure infrastructure. I’ve yet to meet a customer that says that security isn’t a concern. But, the decision on “how secure?” should be closely associated with a risk analysis for your organization. Since Amazon Web Services (AWS) is often referred to as a “public cloud”, people sometimes infer that “public” must … Continue reading Creating a Secure Deployment Pipeline in Amazon Web Services