security-bytes

How Cloud Service …

Introduction In this post, I’m going to talk about a commonly discussed idea that cloud service providers (CSPs) are responsible for managing the risks associated with their services, in partnership with their customers. The shared responsibility model is commonly used to describe the …

What are shadow admins in …

Cover Photo by David East on Unsplash Introduction In this post, I’m going to talk about a concept you may have heard of (shadow admins), what they are, why they are a problem you need to care about, and what to do about them. What is a shadow admin? The name should be fairly self explanatory …

Security Bytes: What is …

Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked about the many challenges of implementing Least Privilege. You may have been forgiven for thinking this is all just too hard to do right from day …

Security Bytes: What is …

Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked at a high level about what Least Privilege actually is. In this post, I’ll explore common approaches taken/tooling used to address some of …

Security Bytes: What is …

Welcome to the latest of my Security Bytes posts, where I dig into areas of interest in Infosec/CyberSec, and offer my opinion. In my last post, I talked at a high level about the history of computers and privileged access. In this post, I want to get into a term you may hear a lot of if you work in …

Security Bytes: What is …

This post is the first in a series of posts on the challenges of balancing privileged access with a robust security posture and a challenging delivery pipeline. It is also the first of my Security Bytes posts, where I dig into areas of interest in Information Security/Cyber Security, and offer my …