<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">

Achieve Zero Trust in AWS 🔒 Join our hands-on workshop on February 27!

Search
Close icon
Search bar icon
Search
Close icon
Search bar icon
Brian Johnson

Brian Johnson

Security Engineer / Podcaster, is the president of 7 Minute Security, an information security consultancy in the Minneapolis area. Brian spends most of his days helping companies defend their networks.

Since 2004, Brian has also run the blog/podcast called 7 Minute Security, where he shares what he has learned about information security into short, 7-minute chunks.

Expertise

Security, SOC 2, Auditing, Policy, Integrations, Databases, Authentication, SSH, Observability, ISO 27001

Latest blog posts from Brian

Everything You Need to Know About SOC 2 Audits
Everything You Need to Know About SOC 2 Audits
Whether you’re looking to achieve SOC 2 compliance, or just want to learn more about it, your Googling is bound to lead you to a wealth of articles chock full of buzzwords and acronym soup. ‍In this post, we will provide a guide with definitions, links and resources to gain a solid understanding of everything you need to know about SOC 2 audits.
Software Development Life Cycle (SDLC) Policy
Software Development Life Cycle (SDLC) Policy
A software development lifecycle (SDLC) policy helps your company not suffer a similar fate by ensuring software goes through a testing process, is built as securely as possible, and that all development work is compliant as it relates to any regulatory guidelines and business needs.‍Here are some primary topics your software development lifecycle policy and software development methodology should cover
3 Costly Cloud Infrastructure Misconfigurations
3 Costly Cloud Infrastructure Misconfigurations
It has never been easier for your company to build new infrastructure. In just a few clicks, you can spin up shiny new servers and databases in the cloud and start using them in seconds. However, in the rush to deploy new services so quickly, companies often let information security be an ...
Connecting Postgres to Active Directory for Authentication
Connecting Postgres to Active Directory for Authentication
While primarily geared towards developers, PostgreSQL is also designed to help system administrators safely and robustly store information in databases. In this post, we will demonstrate how to install a PostgreSQL database and then configure Active Directory users to authenticate to it.
SOC 2 Terminology Glossary
SOC 2 Terminology Glossary
SOC 2 compliance, like so many things related to IT and security, is chock full of terms and acronyms to learn. If you are just getting started with SOC 2, it’s helpful to get familiar with this alphabet soup ahead of time so you can move your compliance efforts forward with confidence. Below is a SOC 2 terminology glossary to get you started:
What is Data Center Security & 4 Ways to Improve
What is Data Center Security & 4 Ways to Improve
Data center security refers to the protection of data centers against threats such as cyber-attacks, natural disasters, and human error. The number of data centers has increased significantly over the last decade, and so has the amount of security-related disasters. In 2022, the global data center ...
How to Write Your Software Development Lifecycle Policy
How to Write Your Software Development Lifecycle Policy
A staggering amount of cybersecurity breaches are caused by software vulnerabilities. From the early worms of the 1980s through the early 2000s - like Blaster, Code Red, and Melissa - to the notable Petya and WannaCry of the past few years, these vulnerabilities are all rooted in software flaws that allowed systems to be exploited. A software development lifecycle (SDLC) policy helps your company not suffer a similar fate by ensuring software goes through a testing process, is built as securely
new-strongdm-desktop-app-ui
Want to learn more?
See StrongDM in action. 👀
Book a Demo