View Blog Post

AWS re:Invent 2019 DevOps and Security re:Cap

We had over 40 people from Mphasis and Mphasis Stelligent at the AWS re:Invent 2019 conference in Las Vegas, NV. There were 77 product launches, feature releases, & services announced at the conference (and many more at “pre:Invent” in November). Of this, there were several DevOps-related features announced at re:Invent or during pre:Invent. The theme Read more…

View Blog Post

Automate Container Security Scans in Your CI/CD Pipeline with AWS ECS

Many enterprises attempt to drive software development and delivery towards a DevOps mindset. Likewise, organizations struggle with increasing security challenges while adopting these innovative software practices. Embedding security within the deployment lifecycle is non-negotiable. Therefore, integration of security into CI/CD workflows need be done cautiously to meet an ever-evolving technology landscape. DevSecOps is an important Read more…

View Blog Post

Automatically Remediate Noncompliant AWS Resources using Lambda

While enterprises are capable of rapidly scaling their infrastructure in the cloud, there’s a corresponding increase in the demand for scalable mechanisms to meet security and compliance requirements based on corporate policies, auditors, security teams, and others. For example, we can easily and rapidly launch hundreds of resources – such as EC2 instances – in Read more…

View Blog Post

Continuous Compliance on AWS Workflow

It’s 7:37 AM on a Sunday. You’re in the Security Operations Center (SOC) and alarms and emails are seemingly being triggered everywhere. You and a colleague are combing through dashboards and logs to determine what is causing these alerts. After running around with your “hair on fire” for around 30 minutes, you finally determine that Read more…

View Blog Post

Dance like Nobody’s Watching; Encrypt like Everyone Is

While AWS is making computing easier, it can be challenging to know how to effectively use encryption. In this screencast, we provide an overview of the encryption landscape on AWS. This includes services like AWS Certificate Manager, AWS Key Management Service, and the Encryption SDK, which provide encryption in transit and at rest. In addition, Read more…

View Blog Post

Segregation of Duties on AWS

In the book, Accelerate, by Forsgren, et al., it states the following about Segregation of Duties:   What About Segregation of Duties?…First, when any kind of change is committed, somebody who wasn’t involved in authoring the change should review it either before or immediately following commit to version control. Second, changes should only be applied Read more…

View Blog Post

DevOps on AWS Radio: Serverless Architectures and Security – Ory Segal (Episode 17)

In this episode, Paul Duvall and Brian Jakovich cover recent DevOps on AWS news along with a discussion with Ory Segal, CTO and Co-Founder at PureSec about Serverless Architectures and Security. Here are the show notes: DevOps on AWS News Casey Lee – AWS Container Hero Screencast: Continuous Delivery for Machine Learning with AWS CodePipeline and Read more…