Summit Route

@SummitRoute

Independent consulting for AWS security : Training, assessments, custom software, and more. Developed and CloudMapper. Run by

Salt Lake City, UT
Vrijeme pridruživanja: lipanj 2014.

Tweetovi

Blokirali ste korisnika/cu @SummitRoute

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @SummitRoute

  1. Prikvačeni tweet
    10. tra 2019.

    Check out my AWS Security Maturity Roadmap! This is my opinionated, actionable guide to help organizations understand and plan for what they can do to improve their security posture in AWS:

    Poništi
  2. 4. sij

    I was wrong about S3 Access Points being a new way to make an S3 bucket public. This can only be done if the bucket is already public. I've corrected my re:Invent summary.

    Poništi
  3. 20. pro 2019.

    My summary of the AWS re:Invent security related announcements:

    Poništi
  4. 11. pro 2019.

    The AWS API count roughly doubles every two years. I offer AWS security training to help you keep up with this increasing complexity. Read more at

    Poništi
  5. proslijedio/la je Tweet
    5. pro 2019.

    Have you been interested in attending one of my AWS security training classes, but only have one or two people at your company who would most benefit? I'll be teaching a class at in Las Vegas next August. Register now for a discount!

    Poništi
  6. proslijedio/la je Tweet
    2. lis 2019.

    You remember CloudMapper right? The tool that and made to automatically draws a network diagram for an AWS account. Well we're back and now we've built it into a platform that continuously audits your AWS accounts. Check it out.

    Poništi
  7. proslijedio/la je Tweet
    16. ruj 2019.

    Scott is *the* AWS security expert. I've seen his work. Highly recommend.

    Poništi
  8. proslijedio/la je Tweet
    16. ruj 2019.

    Goodness me if I were a company interested in having 2 days advanced AWS security training, to Scott I would go. Foremost in the topic. Legend.

    Poništi
  9. proslijedio/la je Tweet
    16. ruj 2019.

    Is your company interested in having a 2 day advanced AWS security training? I offer that! See what others have said about it at:

    Poništi
  10. proslijedio/la je Tweet
    7. ruj 2019.

    If your looking for *serious* AWS Security training from is your guy. Highly recommend considering this if your security teams are still scratching their heads on how tame clouds, or believe they figured it all out.

    Poništi
  11. proslijedio/la je Tweet
    5. kol 2019.

    I was interviewed for a story in the WSJ by on how it's believed the Capital One breach happened, because AWS security is all I do. The abuse of the metadata service is something that has been discussed at security conferences since 2014. 1/7

    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    16. srp 2019.

    😱 If an AWS IAM user is phished, the cookies allow access to be maintained despite changing the password, logging out, or changing MFA. Only defense is DenyAll the user for 12 hours until the cookies expire. Great find !

    Prikaži ovu nit
    Poništi
  13. 1. srp 2019.

    My thoughts on re:Inforce, a summary of the announcements, and the need for an independent AWS security conference:

    Poništi
  14. proslijedio/la je Tweet
    18. lip 2019.

    This is what I'm going to be addressing today

    Prikaži ovu nit
    Poništi
  15. 18. lip 2019.

    Some of the issues disclosed have not been fixed yet (maybe never will). Some require customer action. Sorry for the long article, but AWS made a lot of mistakes.

    Prikaži ovu nit
    Poništi
  16. 18. lip 2019.

    I manually reviewed all 500+ AWS IAM Managed Policies, and 1,200+ versions of them, looking for issues. Read this report to learn what problems were found, how to check if these were abused in your account, and if you have similar problems.

    Prikaži ovu nit
    Poništi
  17. proslijedio/la je Tweet

    A helpful Security Maturity Roadmap - (found on /r/aws)

    Poništi
  18. proslijedio/la je Tweet
    12. tra 2019.

    Great work Scott Piper!

    Poništi
  19. proslijedio/la je Tweet
    10. tra 2019.

    Scott gives away high-quality and *actionable* docs and tools that you can just pick up and run with to make your organization more secure. Be more like Scott, Internet :).

    Poništi
  20. proslijedio/la je Tweet
    10. tra 2019.

    Excellent summary as always - if you're working on AWS security for your organization this is a great guide to follow

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·