LevelBlue Blog

Introduction Today you look at the Global/Multi-site Enterprise Security Architecture of an organization and see a myriad of concerns. Increased levels of complexity, difficulties managing multiple third parties, difficulties implementing consistent levels of security, and so on. This makes it imperative for organizations to identify opportunities to simplify, streamline, and generally improve their infrastructure wherever possible. Managing the level… Read more →

The content of this post is solely the responsibility of the author. LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article.  Amazon Web Services (AWS) is home to almost a third of the world’s cloud clients and boasts huge cyber security features; yet, even Amazon is… Read more →

In the first two blogs in this series, we discussed properly setting up IAM and avoiding direct internet access to AWS resources. In this blog, we’ll tackle encrypting AWS in transit and at rest. Sometimes, despite all efforts to the contrary, data can be compromised.  This can occur due to data leakage through faulty apps… Read more →

In the first blog in this series, we discussed setting up IAM properly. Now we’re moving on to the second step, avoiding direct internet access to AWS resources. When AWS resources like EC2 instances or S3 buckets are directly accessible via the Internet, they are vulnerable to attack.  For example, brute force attacks on SSH login, denial… Read more →

Have you ever heard the saying that the greatest benefit of the cloud is that limitless resources can be spun-up with just a few clicks of the mouse?  If so, you would be best served by forgetting that saying altogether.  Just because cloud resources can be spun-up with a few clicks of the mouse does not mean that… Read more →