27 Things AWS Can Do to Reduce Cloud Security Misconfigurations

7 min readJul 6, 2020

--

Last week, I presented a talk at fwd:cloudsec titled “It’s Time to Rethink the Shared Security Responsibility Model.” I argued that the balance of responsibility for securing cloud infrastructure environments has shifted too far in the direction of cloud security and development teams who are overwhelmed with configuration options. This imbalance, I posited, is a driving cause of…

Matt Fuller

Written by Matt Fuller

Founder of @CloudSploit , acquired by @AquaSecTeam . Former Infra / Security / Manager @Adobe , @Aviary & @Mozilla intern, @RITtigers grad, @NYC resident

More from Matt Fuller

Matt Fuller

So You Want to Use the AWS Free Tier

Amazon Web Services’ pay-as-you-go billing model makes it incredibly easy for anyone to create an account and start deploying…

10 min readJan 9, 2022

--

Matt Fuller
in
Geek Culture

Using SAML IdP Group Mappings with AWS Cognito

AWS Cognito is a popular managed authentication service that provides support for integrated SAML 2.0-compliant identity providers (IdPs)…

6 min readApr 15, 2021

--

Matt Fuller
in
Level Up Coding

Cloud Security Table Top Exercises

Evaluate your response to these 20 cloud security scenarios covering logging, RBAC, malicious access, and more.

13 min readJan 31, 2021

--

Matt Fuller
in
The Startup

So You Inherited an AWS Account

A 30-day security guide for engineers who have been handed access to an in-use AWS account with zero explanation of what’s inside.

16 min readApr 28, 2020

--

See all from Matt Fuller

Recommended from Medium

Love Sharma
in
Dev Genius

System Design Blueprint: The Ultimate Guide

Developing a robust, scalable, and efficient system can be daunting. However, understanding the key concepts and components can make the…

9 min readApr 20

--

The PyCoach
in
Artificial Corner

You’re Using ChatGPT Wrong! Here’s How to Be Ahead of 99% of ChatGPT Users

Master ChatGPT by learning prompt engineering.

7 min readMar 17

--

Lists

Staff Picks

329 stories83 saves

Stories to Help You Level-Up at Work

19 stories53 saves

Self-Improvement 101

20 stories107 saves

Productivity 101

20 stories116 saves

Thilina Ashen Gamage
in
Platform Engineer

AWS Security Best Practices

A checklist for Cloud Admins to live by

11 min readMar 13

--

Wenqi Glantz
in
Better Programming

Going Serverless With Spring Cloud Function, AWS Lambda Java 17 Support, and SnapStart

Develop and deploy a Java serverless function that invokes OpenAI API

11 min readMay 13

--

Aleid ter Weel
in
Better Advice

10 Things To Do In The Evening Instead Of Watching Netflix

Device-free habits to increase your productivity and happiness.

5 min readFeb 15, 2022

--

Taimur Ijlal
in
InfoSec Write-ups

How I passed the AWS security specialty certification in 2023

Another year and another cert !

6 min readJan 18

--

See more recommendations

Help
Status
Writers
Blog
Careers
Privacy
Terms
About
Text to speech