<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Attending AWS re:Invent? Let's meet in person! Book a meeting
blog /
AWS Well-Architected Framework Security Best Practices

AWS Well-Architected Framework Security Best Practices

The AWS Well-Architected Framework has been a staple for many years for AWS practitioners of all sorts, including cloud architects and platform engineers. It’s a blueprint for architectural and design best practices that will lay the foundation for resilience, operational efficiency, and security on the AWS Cloud.
Fine-Grained vs. Coarse-Grained Access Control Explained

Fine-Grained vs. Coarse-Grained Access Control Explained

If credentials fall into the wrong hands, intruders may enter a network and launch a disastrous attack. In fact, 46% of cybersecurity incidents involve authentication credentials, according to the Verizon 2022 Data Breach Investigations Report. Organizations have two general ways to determine someone’s access rights once past initial authentication: Coarse-grained access control (CGAC), which relies on a single factor, and fine-grained access control (FGAC), which relies on multiple factors.
MITRE ATT&CK Framework Containers Matrix for Kubernetes

MITRE ATT&CK Framework Containers Matrix for Kubernetes

If you’re Kuberntes admin and you’re not familiar with the tactics outlined in the MITRE ATT&CK framework, this blog post is for you. MITRE ATT&CK framework is an extensive knowledge base of tactics and techniques employed by bad actors that defensive security experts use to help defend their organizations against attack, and many times, used by their offensive security counterparts to test their weaknesses.
Unlocking Zero Trust: The Kipling Method for Policy Writing

Unlocking Zero Trust: The Kipling Method for Policy Writing

To embark on a successful Zero Trust journey, it's crucial to articulate and implement policies that align seamlessly with your business model. The Kipling Method serves as a guiding light in this endeavor. Let's delve into the six fundamental questions it poses.
Simplifying AWS Access with StrongDM Without Compromising Security Posture

Simplifying AWS Access with StrongDM Without Compromising Security Posture

Since Amazon Web Services first announced it in 2011, AWS IAM has evolved to become the gateway to the AWS Cloud. Organizations cannot interact with their cloud resources and its many services without it. Identity, not networking, is the real access boundary.
Privilege Escalation Attack Explained (How to Prevent It)

Privilege Escalation Attack Explained (How to Prevent It)

Identity management (IAM) and privileged access management (PAM) are crucial tools for your cybersecurity. But both need to be approached with the best practices that: 1. Keep threats away; 2. Don’t interrupt or ruin customer experiences or production. In this article, we will go over the risks of ...
Cyber Resilience: The Why, the How, and the Way to a Better Framework

Cyber Resilience: The Why, the How, and the Way to a Better Framework

In today's rapidly evolving digital landscape, the concept of cyber resilience has taken center stage. This resilience refers to an organization's capacity to not only withstand but thrive in the face of cyber emergencies, such as the escalating menace of cyber attacks. This article delves into the critical importance of cyber resilience, shedding light on the ever-growing challenges and threats faced by organizations today, and how the right framework, like StrongDM, can fortify an
Break Glass Explained: Why You Need It for Privileged Accounts

Break Glass Explained: Why You Need It for Privileged Accounts

Identity and access management (IAM) and privileged access management (PAM) are critical security tools for modern organizations. However, they can sometimes bar users from accessing critical systems and services, potentially impacting production, customer experience, and cybersecurity. In urgent cases, a method of bypassing normal security controls to regain access—called “break glass”—is needed. In this post, we’ll walk you through the break-glass process—what it is, why it’s important, and
How to Simplify Auditing Access in AWS

How to Simplify Auditing Access in AWS

Want a secure and compliant AWS environment? Then you need to audit access. Keeping tabs on who has accessed what—as well as the whens, wheres, and whys—helps you spot suspicious activities and address them promptly. Without this kind of access control, your sensitive data could be exposed to malicious actors, putting you at risk of data breaches and subsequent regulatory nightmares or service interruptions.
StrongDM: Breaking Glass Scenarios

StrongDM: Breaking Glass Scenarios

Let’s face it. If you work with any type of technology, you know that all software, hardware, and networking gear can fail in weird and unexpected ways. That’s why it’s critical that your technology stack has no single point of failure in your environment. At StrongDM, that means having options in a “break glass” scenario. We firmly believe that this is a requirement for the responsible operation of modern technology. So here’s how we tackle it.
Ensure Secure Access and Mitigate Threats to FFIEC Controls

Ensure Secure Access and Mitigate Threats to FFIEC Controls

The Federal Financial Institutions Examination Council (FFIEC) places significant emphasis on user security controls and the mitigation of potential risks posed by privileged users. To comply with FFIEC guidelines and safeguard critical systems, strong access management measures are crucial.
Striking the Balance: User Experience and Security in Access Management

Striking the Balance: User Experience and Security in Access Management

There is no shortage of complex and nuanced topics in the field of IT. After 16 years in the industry, access management continues to be one of the most sensitive and controversial aspects of the job. But it’s not the technology that makes it difficult. It’s the people.
7 Cyber Insurance Requirements (And How to Meet Them)

7 Cyber Insurance Requirements (And How to Meet Them)

Organizations must meet comprehensive cyber insurance requirements to qualify for coverage. This article defines seven key cybersecurity insurance requirements. Adhering to these requirements will ensure you’ve covered your bases in case of a claim.
Augmenting Legacy PAM with StrongDM: Getting to Dynamic Access

Augmenting Legacy PAM with StrongDM: Getting to Dynamic Access

We constantly hear about the gender gap in technology. Whether it’s the shortage of female founders and CEOs, claims of discrimination, or the comparatively small number of women in computer science majors, it seems that the issue has become a regular feature story in the news cycle. Disagreement over how to respond abounds on social media, in editorials, and not infrequently within tech companies themselves.
StrongDM app UI showing available infrastructure resources
Connect your first server or database, without any agents, in 5 minutes.