Simplifying Authorization Management with AWS Verified Permissions
Introduction Managing authorization in AWS is crucial for ensuring secure access to resources and maintaining compliance with industry standards and regulations. By implementing best practices for authorization, organizations can mitigate the risk of unauthorized access, data breaches, and potential security incidents. This blog post aims to provide practical guidance on optimizing AWS authorization management, covering topics such as Identity and Access Management (IAM) roles, policies, and permissions. Implementing Robust AWS Authorization Management Effective AWS authorization management involves adopting a comprehensive approach that aligns with the principles of least privilege, separation of duties, and regular access reviews. This section will explore key strategies and techniques to strengthen your AWS authorization posture, including:
Read article →
AWS PrivateLink as a Way to Distribute SaaS
AWS PrivateLink is a service that allows you to privately connect your Amazon Virtual Private Cloud (VPC) to supported AWS services and SaaS applications. This enables you to access these services securely, without needing an internet gateway, NAT device, or firewall. PrivateLink simplifies network architecture and reduces exposure to the public internet. Connecting SaaS Applications with AWS PrivateLink Connecting your SaaS applications to your VPC using AWS PrivateLink provides the following benefits:
Read article →
Password-less authentication with WebAuthn
Passwordless authentication is an emerging security approach that aims to eliminate the need for traditional passwords, which can be easily compromised or forgotten. With WebAuthn (Web Authentication), users can securely authenticate themselves using biometrics, security keys, or platform authenticators built into devices like smartphones or laptops. Passwordless Authentication Overview with WebAuthn Passwordless authentication with WebAuthn offers several benefits over traditional password-based logins. It provides a more secure and convenient way for users to access online services and applications. WebAuthn leverages public-key cryptography to ensure that only the legitimate user can authenticate, making it much harder for attackers to gain unauthorized access.
Read article →
Organically DevOps: Building Quality and Security into the Software Supply Chain
Talk on transformation to Continuous Integration, Continuous Delivery, and DevOps culture in large, heavily regulated organizations.
Read article →