PinnedWelcome…Tips, tricks, tools, and musings about Cloud, Risk Management, and CyberSecurity by Les Waters.Apr 5, 2022Apr 5, 2022
PinnedArticlesTips, tricks, tools, and musings about Cloud, Risk Management, and CyberSecurity by Les Waters.Jan 26, 2022Jan 26, 2022
Third Party Risk Management ToolsManually identifying and tracking risk is tedious at best. A surprising number of companies, however, track Cyber Risk using spreadsheets…Feb 8, 2022Feb 8, 2022
SecDevOps — not DevSecOps!At first, it was DevOps, which is a set of practices that combines software development and IT operations into the familiar feedback loop…Jan 4, 2022Jan 4, 2022
Getting Started with Cyber Risk ManagementGartner defines IT risk as “the potential for an unplanned, negative business outcome involving the failure or misuse of IT”. Negative…Dec 28, 2021Dec 28, 2021
Who created that VM?With the advent of cloud and self-service, the question of who created a given resource such as a virtual machine often arises. The answer…Dec 27, 2021Dec 27, 2021
Exploring Azure Resource Graph with KustoIf you’re a cloud administrator or a security practitioner like me, you often want to see views of resources which aren’t natively…Dec 27, 2021Dec 27, 2021
Enumerating AWS ResourcesAs an Information Security practitioner, the first thing want to know WHERE and WHAT all of your resources are. In public clouds, you would…Dec 27, 2021Dec 27, 2021
Cloud Role SegregationRole-Based Access Control (RBAC) in Azure, AWS, GCP, and other clouds provides fine-grained access management (authorization) to cloud…Dec 26, 2021Dec 26, 2021
#FinOps — Cloud Financial OperationsIn addition to CyberSecurity, one of my keen areas of interest is Cloud operations and in particular, how to use cloud cost effectively…Dec 26, 2021Dec 26, 2021