AWS RDS Databases — (Amazon Relational Database Service) is a web service that makes it easy to set up, administer, and scale a relational database in the Amazon Web Services Cloud. AWS RDS Databases performs basic database administration duties while providing cost-effective, resizable capacity for an industry-standard relational database. RDS…

Third-party risk management (TPRM) is a type of risk management that focuses on identifying and mitigating risks associated with the usage of third-party vendors (sometimes referred to as vendors, suppliers, partners, contractors, or service providers). …

BYOD, or Bring Your Own Device, is a growing trend in which employees use their personal devices for work. Companies that implement BYOD policies allow employees to use their own computers, smartphones, and tablets for work-related reasons rather than requiring them to utilize company-owned and managed devices. The concept has…

Information that an organization utilizes to understand the risks that have, will, or are presently attacking it is known as cyber threat intelligence. This information is used to predict, prevent, and identify cyber threats attempting to exploit valuable resources. To prevent threats, Threat Intelligence enables organizations to make faster, more…

The SMB (Server Message Block) protocol provides for “client-server communication,” which allows programs and services on networked computers to communicate with one another. File, print, and device sharing are just a few of the network functions enabled by SMB. History of SMB During the mid-1990s, Microsoft incorporated SMB in their LAN Manager product…

Attack Surface Analysis The attack surface of a software environment is the sum of all the distinct locations (called “attack vectors”) where an unauthorized user (called an “attacker”) can try to enter or extract data from the environment. A basic security measure is to keep the attack surface as minimal as possible. Attack…

Protection at the Edge A combination of AWS services may be used to implement a defense in depth strategy when it comes to DDoS attacks. These services are designed with an automatic response to DDoS attacks and can help minimize time to mitigate and reduce impact. …

There are obvious differences between environments built to run in the cloud and environments running on-premises. When it comes to incident response, the same can be said. Incident response in the AWS Cloud is faster, cheaper, more effective, and simpler to manage. Your ability to detect, react, and recover can…

Protection at Rest Protecting data at rest involves encrypting data while using one of the AWS services, including the AWS database services. When it comes to Amazon S3, for example, there are two types of encryption options available: