ScaleSec Authors

Author

Aaron Wilson

Aaron Wilson is ScaleSec’s co-founder and CTO, a cloud security expert and industry veteran.

ScaleSec Aaron's articles:

  • April 8, 2019

    Exporting Stackdriver Logs to Elastic Cloud

  • ScaleSec contributed a tutorial to the Google Cloud Community titled “Exporting Stackdriver Logs to Elastic Cloud”. Those responsible for keeping data safe in the cloud need visibility of…
  • Tags: Tutorial, Google Cloud Platform, Security, Incident Response, Cybersecurity, Compliance
  • 2 min read · Read more
  • August 18, 2018

    Exploring Container Security

  • Google Cloud blog series. Aggregating the links here for easy access.
  • Tags: Kubernetes, Security, Google Cloud Platform, Compliance
  • 1 min read · Read more
  • February 21, 2018

    Why Does Your SaaS Startup Need B2B Compliance?

  • Compliance! Everyone’s favorite topic. For this post let’s get down to business by describing the tangible benefits of compliance for a late-stage SaaS startup.
  • Tags: Startup, Cloud Computing, Compliance, SaaS, Sales
  • 4 min read · Read more

Author

Aaron Rea

Aaron Rea is a Cloud Security Consultant at ScaleSec.

ScaleSec Aaron's articles:

  • August 4, 2020

    Cloudknocking

  • Using Cloud Native Services to Obfuscate Command and Control.
  • Tags: AWS, Route53, Cloudwatch, EventBus, Command&Control
  • 4 min read · Read more
  • June 18, 2020

    IAM Patterns

  • First steps for a successful IAM implementation.
  • Tags: Automation, Cloud Security, IAM, DevSecOps
  • 4 min read · Read more

Author

Allison DiPietro

Allie DiPietro is VP of Operations and a Compliance Consultant at ScaleSec.

ScaleSec Allison's articles:

  • July 26, 2019

    GDPR- So What’s “Compliant,” Anyway?

  • tl;dr: While GDPR doesn’t yet have a formal, certifying body, it can be part of a robust compliance program for those processing European data.
  • Tags: Privacy, Compliance, Security, GDPR
  • 5 min read · Read more

Author

Anthony DiMarco

VP of Engineering at ScaleSec helping teams build guardrails in AWS and GCP.

ScaleSec Anthony's articles:

Author

Chris Leibl

Chris Leibl is VP of Consulting at ScaleSec.

ScaleSec Chris's articles:

  • June 22, 2019

    GCP Shielded VM — Integrity Monitoring

  • Google Cloud announced Shielded VM all the way back at NEXT ’18 and it went GA at NEXT ’19, however, based on our customer interactions…
  • Tags: Google Cloud Platform, Cloud Security, Google Compute Engine, Cybersecurity, Stackdriver Monitoring
  • 6 min read · Read more
  • April 29, 2019

    Event Driven Security on Google Cloud Platform

  • How to use Stackdriver logging events to trigger Google Cloud Functions to protect your cloud infrastructure.
  • Tags: Google Cloud Platform, Google Cloud Functions, Compliance, Serverless, Security
  • 4 min read · Read more
  • April 15, 2019

    Google Cloud Platform: Event Threat Detection (ETD)

  • One of the notable new security services released at NEXT `19 is Google Cloud’s Event Threat Detection (ETD). This article will focus on the high level components of ETD and how you may be able to fit ETD into your current architecture.
  • Tags: Google Cloud Platform, Etd, Next19, Cloud Security
  • 3 min read · Read more

Author

Dustin Whited

Dustin Whited is a Cloud Security Consultant at ScaleSec.

ScaleSec Dustin's articles:

  • September 10, 2020

    PassRole Control

  • How the iam:PassRole permission can be restricted and monitored in AWS.
  • Tags: AWS, Cybersecurity, AWS IAM, AWS Security
  • 4 min read · Read more
  • August 20, 2020

    AWS Log Blog

  • Knowing the various AWS log types and the information they provide is the first step to unlock security visibility in the cloud.
  • Tags: Cloudtrail, AWS, AWS Logs, AWS Security, SIEM
  • 8 min read · Read more

Author

Eric Evans

Eric is a Senior Cloud Security Consultant at ScaleSec.

ScaleSec Eric's articles:

  • May 21, 2020

    A Comparison of Secrets Managers for GCP

  • With so many options to manage your secrets in the cloud, the decision on how to handle secrets can be cumbersome for organizations of many sizes.
  • Tags: GCP, Secrets, Management, Security, DevOps
  • 14 min read · Read more
  • January 30, 2020

    GCP Secret Manager - First Look

  • With so many options to manage your secrets in the cloud, the decision on how to handle secrets can be cumbersome for organizations of many sizes.
  • Tags: GCP, Cybersecurity, Cloud Computing, Technology, Google, DevOps
  • 11 min read · Read more
  • December 6, 2019

    Create a Serverless AWS EKS Cluster using Pulumi

  • This week at AWS Re:Invent 2019, Fargate support for the Elastic Kubernetes Service (EKS) was announced with general availability. In this post...
  • Tags: AWS, Kubernetes, Docke, Technology, Automation
  • 3 min read · Read more
  • October 19, 2019

    A Comparison of Secrets Managers for AWS

  • With so many options to manage your secrets in the cloud, the decision on how to handle secrets can be cumbersome for organizations of many sizes.
  • Tags: AWS, Secrets, Management, Security, DevOps
  • 14 min read · Read more

Author

Ilan Ponimansky

Ilan Ponimansky is a Cloud Security Consultant at ScaleSec.

ScaleSec Ilan's articles:

  • June 30, 2020

    Rightsize Your IAM Policies

  • Quickly reduce your attack surface by securing your IAM policies.
  • Tags: AWS, Modernizing Security, IAM, IAM Policies, Cloud Security, Least Privilege
  • 6 min read · Read more

Author

Jason Dyke

Jason is a Senior Cloud Security Consultant at ScaleSec.

ScaleSec Jason's articles:

  • August 6, 2020

    Announcing the GCP Organization Policy Notifier

  • Announcing the GCP Organization Policy Notifier.Announcing the GCP Organization Policy Notifier.
  • Tags: GCP, GCP Organization Policy Notifier, GCP Org Policy Bot, @GCPOrgPolicyBot, Organization Policy Service, Slack
  • 2 min read · Read more
  • June 11, 2020

    Inventory Your GCP API Keys

  • Inventory, analyze, and report on your GCP API keys in an automated fashion.
  • Tags: GCP, Google Cloud Platform, Cloud Security, Cloud, Automation
  • 6 min read · Read more
  • February 27, 2020

    Encryption in The Cloud Pt. 2

  • A multipart exploration into cloud encryption. Part 2: Encryption in Google Cloud Storage.
  • Tags: Security, GCP, KMS, Encryption, Data, Cryptography
  • 13 min read · Read more
  • October 17, 2019

    How I Passed the CISSP

  • My personal experience with the CISSP by Jason Dyke.
  • Tags: Cissp, Security, Certification, Tips, Isc2
  • 11 min read · Read more
  • July 23, 2019

    Encryption in The Cloud Pt. 1

  • This is the first of a multipart dive into encryption in the public cloud. Part 1 will focus on encryption in Amazon S3.
  • Tags: Security, AWS, Encryption, Data, Cryptography
  • 9 min read · Read more

Author

Jeanier Anderson

Jeanier Anderson is a Cloud Security Consultant at ScaleSec.

ScaleSec Jeanier's articles:

  • March 26, 2020

    Threat Detection with AWS GuardDuty

  • This is a walkthrough of an AWS Security Workshop with scenarios covering threat detection and remediation using Amazon GuardDuty.
  • Tags: Threat Detection, AWS GuardDuty, CyberSecurity
  • 4 min read · Read more
  • February 13, 2020

    Security for the Traveling Consultant

  • Up your game when on travel, business or personal - Jeanier shares precautions you can take to ensure you have peace of mind with Security for the Traveling Consultant.
  • Tags: Travel, Security, Protection
  • 6 min read · Read more

Author

John Porter

John Porter is a Cloud Security Consultant at ScaleSec.

ScaleSec John's articles:

Find John elsewhere

Author

Julianna DiPrima

Julianna DiPrima is Engagement and Operations Coordinator at ScaleSec.

ScaleSec Julianna's articles:

Author

Marsha Wilson

Marsha Wilson is ScaleSec’s co-founder and CEO, a cloud security expert and industry veteran.

ScaleSec Marsha's articles:

  • August 19, 2020

    A Conversation on Leading Teams

  • CEO Marsha Wilson and Marc Marling discuss leadership style, Trusted Advisor, and consulting EQ on the Corporate Thought podcast.CEO Marsha Wilson and Marc Marling discuss leadership style, Trusted Advisor, and consulting EQ on the Corporate Thought podcast.
  • Tags: Consulting, Leadership, ScaleSec
  • 1 min read · Read more
  • March 12, 2020

    Upsides of Unexpectedly Working Remote

  • For those who are rarely given this option, this will be their time to shine. They may feel a bit lost at first, but will find that with some discipline, this could be a way to show more companies that this is a viable perk that actually brings about a higher level of productivity.
  • Tags: Working Remote, WFH, Covid-19
  • 3 min read · Read more
  • August 18, 2019

    ScaleSec Achieves AWS Security Competency

  • Cloud-native consultancy is now one of only ten organizations globally to hold both AWS Advanced Partner and Security Competency in Governance, Risk, and Compliance.Cloud-native consultancy is now one of only ten organizations globally to hold both AWS Advanced Partner and Security Competency in Governance, Risk, and Compliance.
  • Tags: AWS, Security, Cybersecurity, Governance, Risk, Compliance
  • 2 min read · Read more

Author

Ron Sivonda

Ron Sivonda currently serves as the Vice President of Cloud Security Compliance for ScaleSec.

ScaleSec Ron's articles:

Author

Roy Kalamaro

Roy Kalamato is a Senior Cloud Security Consultant at ScaleSec.

ScaleSec Roy's articles:

  • June 23, 2020

    AWS Control Tower Guardrail Alignment

  • Aligning AWS Control Tower Security Guardrails with AWS Well-Architected Framework Requirements.
  • Tags: AWS, Modernizing Security, Cloud Security, Automation, Control Tower
  • 5 min read · Read more

Author

Sarah Gori

Cloud Security Consultant at ScaleSec helping teams build guardrails in AWS and GCP.

ScaleSec Sarah's articles:

  • July 14, 2020

    Role Shopping: Embrace Your Tags

  • Role shopping and permissions creep undermines least privilege, here we discuss how to fix and avoid it in the first place.
  • Tags: AWS, Modernizing Security, IAM, Least Privilege, Cloud Security
  • 7 min read · Read more

Author

Steven Adegbenle

Steven Adegbenle is a Cloud Security Consultant at ScaleSec.

ScaleSec Steven's articles:

  • July 16, 2020

    Make Least Privilege Easier in AWS

  • Five approaches to making IAM Least Privilege easier within your AWS environments.
  • Tags: AWS, IAM, Cloud Security, Least Privilege, Cybersecurity
  • 5 min read · Read more

Here for you

Have questions? Leverage our expertise to help you meet your business goals with a strong security posture.

Join us

ScaleSec is a well-connected, fully remote team. We thrive in the great undocumented beyond. We’re hiring in most US metros.

Get in touch

Considering cloud? Want to optimize and transform your existing digital portfolio?
Reach out to us.

Gap Assessment

Get perspective. Address security comprehensively.

Prepare for compliance.

ScaleSec
San Diego, CA 92120, United States

619-SCALE15

© 2020 ScaleSec. All rights reserved. | Privacy Policy