Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

February 2022

How to Encrypt S3 Buckets Automatically with Torq

S3 buckets without encryption can leave sensitive data exposed and at risk. As a best practice and to meet a number of industry and governmental regulations, it’s important to ensure that S3 server side bucket encryption has been properly applied at all times. To do this, many security teams rely on their Cloud Posture Security Management (CSPM) platform and/or AWS GuardDuty to monitor their AWS resources and provide alerts when an S3 bucket is found unencrypted.

Collective Cybersecurity: A Shared Responsibility Model

The state of cybersecurity today is, in a word, catastrophic. Breaches have become endemic. Not only do they continue at dizzying rates, but they are actually increasing in frequency by the month. Why are things so bad? And why do businesses seem so helpless to make them better? Those are complicated questions without simple answers, of course – but I believe that a major part of the answer has to do with the fact that, at most organizations, security remains the domain of elite security teams.

Identity Access Management (IAM) Automation - Intro to Torq Webinar

Security teams are struggling to keep up with the increasing number of attack surfaces and the demands on remediating those attack surfaces in real-time. Security automation is the key to unlocking your security team’s productive potential, but traditional SOAR platforms (Security Orchestration, Automation, and Response) are complex and can take months of development to implement your first automation response sequence.

Open Source Cybersecurity: Towards a Democratized Framework

Today, anyone can contribute to some of the world’s most important software platforms and frameworks, such as Kubernetes, the Linux kernel or Python. They can do this because these platforms are open source, meaning they are collaboratively developed by global communities. What if we applied the same principles of democratization and free access to cybersecurity?

Sponsored Post

Fix the Broken State of Security with a "Security for all" mindset

Which cultural values empower businesses to thrive today? That's an open question, of course. But I suspect most employees, managers, and analysts would include items like collaboration, transparency, and creativity on the list of essential ingredients in business success. Indeed, you could argue that these values are at the core of a variety of modern organizational and technical innovations, from DevOps (which is all about collaboration) to open source software (which centers on collaboration and transparency) and the creator/maker movement (which is, of course, all about creativity).

SOAR Security: 7 Disadvantages of SOAR Solutions

We’ve said it before, and we’ll say it again: Security Orchestration, Automation and Response (SOAR) platforms are great tools for helping teams work smarter, faster, and more efficiently against security risks. But, used on their own, SOARs are far from perfect for meeting the full security needs of the modern organization.