October 1, 2025: This post was updated to reflect the new name of Security Hub, which is AWS Security Hub CSPM (Cloud Security Posture Management). Security teams must efficiently validate and document exceptions to AWS Security Hub (Cloud Security Posture Management, previously known as Security Hub) findings, while maintaining proper governance. Enterprise security teams need […]| Amazon Web Services
If you're a beginner just learning about the cloud, it can be a confusing space. I have found that having a fundamental glossary is key to give you building blocks to learn the space. But an alphabetical glossary is not enough – you need an ontolgy. An ontology is a list of terms that are […]| WhatsTheHost - Best Hosting Reviews by Real People
AWS supports 143 security standards and compliance certifications, including PCI-DSS, HIPAA/HITECH, FedRAMP, GDPR, FIPS 140-2, and NIST 800-171, helping customers satisfy compliance requirements around the globe.| Amazon Web Services, Inc.
The shared responsibility model is a framework establishing cloud security responsibilities between cloud service providers (AWS, GCP, Azure) and customers.| wiz.io
All organizations processing credit card information are required to be PCI certified. Learn the ways that AWS PCI compliance can help your business.| Amazon Web Services, Inc.
ALBeast: How we discovered a configuration-based vulnerability hidden within thousands of applications using the AWS ALB authentication feature.| www.miggo.io
ALBeast: The AWS Application Load Balancer (ALB) configuration-based vulnerability that can lead to token forgery and authentication bypass| www.miggo.io
Entities subject to HIPAA compliance can use AWS to process, maintain, and store protected health information. Learn how AWS can help your business.| Amazon Web Services, Inc.
Security responsibility of cloud providers: where it ends, what are the gaps, and what steps your team should make to improve cloud security strategy.| Cossack Labs
Public cloud providers share some security responsibility with their customers. This means that as a security practitioner, what you should take into account in your threat model is going to be different in the cloud than on premise environments.| cloudberry.engineering
A colleague of mine recently quiped, "'The perimeter' in AWS is actually defined by Identity and Access Management (IAM)." After some reflection, I think my colleague is spot on.| packetmischief.ca
The%20Hunt%20for%20ALBeast_%20A%20Technical%20Walkthrough%20(1).png)
%20ALBeast%20Security%20Advisory%20by%20Miggo%20Research%20(1).png)
