Securosis

AI Will Accelerate Your Tech Debt

Sun, 22 Mar 2026 00:00:00 +0000

The Tech Debt Crisis Is Coming

Like the American middle class living paycheck to paycheck, organizations near or below the security poverty line are one big incident away from catastrophic bankruptcy. They got here through years of underinvesting in core capabilities and unified architecture, not stupidity, but a long series of decisions that prioritized shipping over sustainability. And now every smaller incident consumes the cycles that could have gone toward paying down that debt, making the hole deeper every time.

Defining Security Invariants

Thu, 09 Jan 2025 17:00:00 +0000

Note: This post has been revised to include the new capabilities released by AWS prior to re:Invent 2024.
You can also check out the re:Invent presentation we did with Securosis: “Security invariants: From enterprise chaos to cloud order” slides - video

The Universal Cloud Threat Model

Tue, 23 Apr 2024 00:00:00 +0000

The Universal Cloud Threat Model is a collaboration between PrimeHarbor Technologies and Securosis. It is a cloud-centric threat model to help organizations focus security efforts on the most-common attacks most organizations will experience. The UCTM is designed as an adjunct to other threat models.

Free Training with Cloud Security Lab a Week!

Mon, 01 Jan 2024 00:00:00 +0000

Cloud Security Lab a Week (CloudSLAW) delivers a free 15-30 minute high-quality training lab into your inbox once a week. You don’t need to know much of anything about either security or cloud to get started, so hop on in and go from Zero to Hero (not that we’re saying you are a zero, but… )

The Securosis Team

Mon, 01 Jan 2024 00:00:00 +0000

Rich Mogull, Researcher & CEO

Rich has twenty years experience in information security, physical security, and risk management. He specializes in data security, application security, emerging security technologies, and security management. Prior to founding Securosis, Rich was a Research Vice President at Gartner on the security team where he also served as research co-chair for the Gartner Security Summit. Prior to his seven years at Gartner, Rich worked as an independent consultant, web application developer, software development manager at the University of Colorado, and systems and network administrator. Rich is the Security Editor of TidBITS, a monthly columnist for Dark Reading, and a frequent contributor to publications ranging from Information Security Magazine to Macworld. He is a frequent industry speaker at events including the RSA Security Conference and DefCon, and has spoken on every continent except Antarctica (where he’s happy to speak for free – assuming travel is covered).

Totally Transparent Research

Mon, 01 Jan 2024 00:00:00 +0000

Totally Transparent Research is the embodiment of how we work at Securosis. It’s our core operating philosophy, our research policy, and a specific process. We initially developed it to help maintain objectivity while producing licensed research, but its benefits extend to all aspects of our business. Going beyond Open Source Research, and a far cry from the traditional syndicated research model, we think it’s the best way to produce independent, objective, quality research. Here’s how it works:

Training

Mon, 01 Jan 2024 00:00:00 +0000

Cloud Security Project Accelerators

Tue, 19 Dec 2023 00:00:00 +0000

Custom Research and Consulting

Mon, 18 Dec 2023 00:00:00 +0000

Deploying AWS Backup

Tue, 05 Sep 2023 09:23:37 -0400

tl;dr - here is a link to the scripts

What Ransomware in AWS looks like

In a typical ransomware attack, a threat actor will attempt to encrypt files on critical machines belonging to the victim. In exchange for a cryptocurrency payment, the threat actor will provide the decryption key and software to the victim, who then has to go through the arduous process of restoring their machines. The encrypted data is typically lost forever if the victim refuses to pay the ransom.

Leveraging AWS SSO (aka Identity Center) with Google Workspaces - version 2

Sun, 25 Jun 2023 18:25:26 -0400

This is a revised version of the original post Leveraging AWS SSO (aka Identity Center) with Google Workspaces based on the new announcement AWS IAM Identity Center now supports automated user provisioning from Google Workspace The original post is still valid, and in someways may be better, but this version has it’s own advantages.

Setting up AWS IAM Identity Center (successor to AWS Single Sign-On), hereafter called AWS SSO (because I have to pay AWS for egress on this site), is an excellent service to help you get rid of IAM users and enforce identity best practices around second-factor authentication, on and off-boarding employees, and assigning the right level of access depending on job function.

Companies using Google Workspaces for email and collaboration can also leverage their Google accounts to access AWS via AWS SSO. The process isn’t clearly documented, and the provisioning support isn’t integrated, so here is a post to help you set it all up.

Leveraging AWS SSO (aka Identity Center) with Azure AD

Tue, 16 May 2023 20:33:45 -0400

Setting up AWS IAM Identity Center (successor to AWS Single Sign-On) henceforth called AWS SSO (because AWS charges for egress), is an excellent service to help you get rid of IAM users and enforce identity best practices around second-factor authentication, on and off-boarding employees, and assigning the right level of access depending on job function.

Data Breaches and Encryption

Tue, 16 Jun 2009 00:00:00 +0000

Presentation on Data Breaches and Encryption.

The 100th Post, and a Note to My Editor

Sat, 11 Nov 2006 00:00:00 +0000

It’s hard to believe this little side project has hit 100 posts. We’re averaging 600+ unique visitors a day, which isn’t bad for a blog that’s only been around for three months, and even hit the front page of Digg once.