Janos Zold - Savayon

AWS Logging Best Practices: 3 to Add to Your Checklist

This post was originally published on Scalyr. Logging and monitoring should be critical components of your organization's IT governance. Without logging in place, troubleshooting technical issues is more difficult, and gaining operational insight and intelligence is almost impossible. Logging is as important as ever in the era of the cloud,

AWS Redshift Monitoring: The Complete Guide

Would you like to detect problems in your Amazon Redshift environments? Does your team need a high-level overview of what monitoring options they can choose from when they deploy Redshift nodes and clusters?

Information security, risk assessment, security controls

How to Mitigate Security Threats to Data Assets: A Guide

Have you ever wondered how you could reduce security threats and risks against your data assets? Or even better, how you could eliminate threats to your organization’s data entirely? If so, this article about how to mitigate security threats to data assets is for you.

data security, big data security

What Makes Big Data Security Unique?

This post is about big data security and what makes big data security unique compared to regular data security.

What Is the Difference Between Data Integrity and Security?

This post discusses what data integrity is, how to use it, and highlights how data integrity is different from data security. Then the post shares a common myth about encryption and answers the question: Can you use encryption for data integrity?

What Is Data Security Management? An Introductory Guide

What is data security management? What does it do? Why do you need data security management in the first place? Today let's discuss and find the answers to these questions. You'll also find a few tips to start your data security management journey.

AWS, security

Integrate your Windows Defender scan logs with AWS Security Hub using PowerShell

Integrage Windos Defender logs into AWS Security Hub

AWS, Security, Accreditation

AWS Certified Security - Speciality exam completed

Welcome back! Today I'm happy to announce that I've completed the AWS Certified Security Speciality exam. If you are in the process to prepare or just curious, read on! First I have to start with a confession. I wanted to get this exam done a bit sooner, Amazon had sent

Powershell, security

A better way to store application credentials using KeePass and Powershell

AWS has recently launched a new service offering called AWS Secrets Manager to help organisations with the challenge of storing secure credentials. This new service allows to store and retrieve passwords and any other sensitive credentials. Even more, it can also rotate and change those credentials automagically based on a

Cyber security

Key tips for preparing an efficient Security Incident Response Plan - Part1

Welcome to this post. Today I'd like give you a few tips on how to prepare and approach a security incident response with a few examples. The reason why I thought this could be useful because according to 'The Third Annual Study on the Cyber Resilient Organization' organisations continue to

Cyber security

Have you heard about the Cyber Essentials scheme?

According to the latest version of the Cyber Security Breaches Survey the Cyber Essentials scheme it is not widely known in the UK amongst small and medium sized organisations. Today I'd like to talk about why this scheme may deserve your attention. This is not going to be about the

AWS, security

AWS GuardDuty is on duty

Happy Monday everyone! Today I'd like to talk about AWS GuardDuty, a security monitoring service Amazon recently announced - last November to be specific. Cybersecurity and security threats in general are main focus areas and/or concerns C-level executives have on their agenda. It's no surprise: companies get compromised day

PCI DSS, security

Outsourcing PCI DSS IT operations myth

Janos Zold Today I'd like to talk about a really interesting conversation I had with one of my clients about outsourcing IT operational tasks mandated by PCI DSS. To be more specific the conversation went like this: The client: "We want to outsource our IT security and IT operational