Bishop Fox Blog

A space dedicated to sharing our thoughts on the latest cybersecurity news, trends, and threats


Subscribe to Blog via Email

Popular Posts:

An Introduction to AWS Cloud Security

Download the Bishop Fox Intro to AWS Cloud Security guide here. 

Amazon Web Services (AWS) isn’t the novelty it was a decade ago. Resource-intensive, computer-heavy work today flows upward from giant enterprises 24/7 to the nebulous cloud where its processed by virtual servers, stored in digital containers, and eventually returned in a manner that supports the bottom line of tens of thousands of businesses.

A Guide to AWS S3 Buckets Security

Download our corresponding how-to guide here

The Threat of Poor AWS S3 Buckets Security

If your organization uses Amazon Web Services (AWS), it is extremely important to understand AWS S3 buckets security. Configuring your S3 buckets the right way can mean the difference between business as usual and nearly catastrophic data leaks. If you’ve noticed in the past few years, AWS S3 data leaks are not uncommon – and it’s fairly probable that your organization is not immune to them. They have affected high-profile organizations like Verizon, Accenture, and several others in recent memory.

Stand Your Cloud #3: AWS Provisioning and Access Requests

This blog post is the closing chapter in a series about AWS security best practices. Read the first post and the second post in this series for context. 

Fishing the AWS IP Pool for Dangling Domains

Amazon and other cloud providers have made it child’s play to spin up ephemeral server instances for quick deployment of various services. If you want a web server to host your new .io domain name, you can have it set up in no time at all. Starting a website has never been easier — just spin up an EC2 instance, install your stack, point your domain/subdomain to the instance, and kill it when you’re tired of it.

Stand Your Cloud #2: Host Server Hardening

In our previous post, we discussed how to minimize security risk and data loss by securing the AWS environment. In this installment of our series, we will continue exploring this subject on the server level and discuss some best practices to follow to help strengthen your infrastructure.

Stand Your Cloud: A Series on Securing AWS

This blog post is the first in an ongoing series about AWS security best practices.