Discover and read the best of Twitter Threads about #cloudsecurity

Most recents (8)

Are you planning to become a Cloud Security Architecture?

But not sure what skills you need to become the one?

Then this 🧵is for you 👇

#cloudsecurity #aws #awssecurity #appsec #infosec
1 /

Understand how components work:

For starters, you need to have an intuitive understanding of how common security protocols and components work. Things like firewalls, network access, intrusion detection systems, etc.
2 /

Work with various operating systems:

You need to be aware of how operating systems like Windows, Linux, and macOS employ security.
Read 8 tweets
Live from #GartnerSEC | Outlook for #Cloud #Security with Charlie Winckless, Gartner Sr Director Analyst.

About this session: Cloud security remains a top priority. We'll summarizes the problems, recommended processes and new product types to address 3 key issues...
What are the unique risks associated with public cloud service providers, and how can they be controlled? What are the unique security challenges of IaaS and how can they be mitigated? What are the unique control challenges of SaaS and how can they be addressed? #GartnerSEC
"Cloud security is still security and the cloud is part of every business. It isn't just someone else's computer, it's a hugely complex interconnected set of services." #GartnerSEC Image
Read 17 tweets
1/15. $PANW: There are lots of #cloudsecurity startups competing w/ PANW, & also several next-gen platform startups (e.g., Orca, Lacework, Wiz).

We think PANW will still prevail as the undisputed cloud security giant. Here are some thoughts why.
2/15. At a high-level we surmise $PANW’s previous and future successes in the cloud are due to their:

a) longstanding expertise in DPI & application-centric awareness/security.
b) container management knowhow that has been largely influenced by $GOOGL recruits.
c) smart M&A.
3/15. One major advantage that firewall vendors like $PANW have is Deep Packet Inspection (DPI) & doing this at real-time speed. This entails inspecting the header & payload of each packet - from Layer 2 thru 7 of the OSI model.
Read 17 tweets
Made an awesome thread on ☁️Cloud Computing with a perspective of Security.
Save it, share it, utilize it!!🧵
#CloudComputing #cloudsecurity #cloud
Mentors: @DojoCyber @theXSSrat @TheParanoids @LilMzMuffinCup @cybersecmeg @0dayCTF @Alra3ees
• Cloud Computing Reference Architecture from Different Vendor’s Perspective, ijetae.com/files/Volume3I… (Links to an external site.)
• Privacy and Security on Cloud Data Storage Using Hybrid Encryption Technique, ijetae.com/files/Volume4I…
• Hacking in the cloud,onlinelibrary.wiley.com/doi/full/10.10…
- RSA ALGORITHM with Example, RSA ALGORITHM with Example
(Links to an external site.)
- What is Zero Trust Security?
• What is WOT (Web of Trust): en.wikipedia.org/wiki/Cloud_com…. - Wikipedia
Read 7 tweets
🗣 De qué hablamos cuando hablamos de POLP? El “Principio del Menor Privilegio” es, quizá, uno de los conceptos más complejos de abordar en términos prácticos. Sí, también es la idea de que cualquier usuario, programa o proceso debe tener los privilegios mínimos necesarios. Hilo.
🚨 Desde el punto de vista de plataformas (específicamente AWS), existen algunas herramientas destinadas a resolver la brecha entre complejidad de implementación y resultados, tema no menor teniendo en cuenta que adherir a dicho principio, ayuda a reducir superficies de ataque.
💡 Cloudsplaining: herramienta de evaluación y reporte de AWS IAM que identifica violaciones de privilegios mínimos 👉 github.com/salesforce/clo…
Read 6 tweets
Are you a CTO, a CISO or an AppSec lead in charge of securing a Software as a Service? 🦄

Here are 12 macro-projects to enable an application security program. ☂️

#appsec #bugbounty #cloudsecurity #cybersecurity #devsecops

Read the thread ⬇️ https://twitter.com/appsectribe
🏀 Manage vulnerabilities and security weaknesses

Centralize every potential vulnerability in a @Jira-like issue tracker. A vulnerability remediation workflow is a typical bug fixing flow but with more status for the #appsec team to triage alerts and verify fixes.
👾 Run crowd-sourced security programs

Starting with a Vulnerability Disclosure Policy (VDP). Publish a @securitytxt note to show bug hunters the reliable process to reach the #appsec team and report vulnerabilities and security weaknesses in your assets.
Read 14 tweets
Looking for the ultimate list of #CyberSecurity books you should read in 2021?!

Hold on a secon, cause here we go!
Please fav your top entries and comment your own picks bellow. And please please retweet to make this list a huge one. #InfoSec
Social Engineering: The Science of Human Hacking, 2nd Edition by the @humanhacker Christopher Hadnagy #socialengineering

amazon.com/-/dp/111943338…
Threat Modeling: Designing for Security (Englisch) Taschenbuch by
@adamshostack
#cybersecurity #threatmodelling #stride

amazon.com/-/dp/111880999…
Read 11 tweets
We are just starting our session @hasgeek. @abh1sek talking about data breaches and how they happen.

hasgeek.com/rootconf/data-…

Join the live stream on the webpage.

#datasecurity
Thank you @hasgeek for giving us this amazing platform to talk about what we love most #datasecurity #appsec
#cloudsecurity
Agenda for the session
Read 29 tweets

Related hashtags

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!