SecurityTrails Blog

Infrastructure as Code: Is It as Secure as It Seems?.
SecurityTrails Blog · Dec 30 2020 · by Esteban Borges

Infrastructure as Code: Is It as Secure as It Seems?

Alongside the rise of public clouds, managing the infrastructure of private clouds has never been easier. Tools like Terraform are available, but increasing dependence on them means it’s necessary to understand the security implications they present. After all, your entire infrastructure is dependent on, and accessible through, such a configuration—it’s essentially infrastructure as code, or “IAC”, passed through a tool like Terraform.

JARM: A Solid Fingerprinting Tool for Detecting Malicious Servers.
SecurityTrails Blog · Dec 23 2020 · by Gianni Perez

JARM: A Solid Fingerprinting Tool for Detecting Malicious Servers

The literature on defensive security unanimously recognizes one fact: every so often, a tool comes out that provides blue teamers with an important advantage over their adversaries. This ever-elusive quest features essential requirements and commonalities, such as the ability to proactively seek and detect malicious hosts, or the capacity to swiftly respond to targeted network threats. And with a sharp rise in the number of incidents involving some form of malware or command and control (C2) activity resulting in data theft, vendors are in a tight race to gain their customers’ trust—by leveraging newer alternatives to legacy solutions amidst shrinking budgets.

Making Cybersecurity Accessible with Scott Helme.
SecurityTrails Blog · Dec 15 2020 · by Sara Jelen

Making Cybersecurity Accessible with Scott Helme

Global connectivity benefits our world in numerous ways, however, that same connectivity also poses a potential cyberthreat that is often overlooked. There is no easy solution for combating the rising threats in our hyperconnected world. Now more than ever, cybersecurity is imperative for both businesses, governments and educational institutions, and individuals and families. For cybersecurity to effectively slow down the rising cyber threats and attacks, everyone needs to be part of the solution.

5 AWS Misconfigurations That May Be Increasing Your Attack Surface.
SecurityTrails Blog · Dec 10 2020 · by Gianni Perez

5 AWS Misconfigurations That May Be Increasing Your Attack Surface

Not all data breaches are created equal. While many remain the product of technical prowess so often associated with malicious actors, a burgeoning amount can be attributed to security misconfigurations and overly-permissive entitlements plaguing cloud ecosystems around the globe. Close to 70 percent in fact, according to a survey conducted by Ermetic, an identity and data protection firm.