Finding Suspicious Traffic using CloudWatch Log Insights and VPC Flow Logs

Posted on July 28


While playing around with AWS CloudWatch Log Insights to analyze VPC flow logs, I thought of a couple of fun ways to identify (probably) malicious traffic. Finding Vulnerability Scanners These are the guys that hammer your box looking for anything from silly SQL injection attacks (so 2005) to CSRF vulnerabilities. The tell: look for hosts […]

Understanding the AWS Shared Responsibility Model

Posted on June 6

As an AWS customer, you share responsibility with AWS for the security of your data the cloud. There’s a mantra: AWS handles the security of the cloud, but you handle security in the cloud. But it turns out that’s not quite true. For more, check out my guide Operating within the AWS Shared Responsibility Model.

Science is About Discovering the Truth

Posted on June 3


As someone who works in IT, I hear and read a lot of comments about science. One common but unfortunate claim is that “science is not about finding truth.” While I won’t get into the underlying philosophical reasons behind this claim, I do want to at least respond to it on its face. Etymology of […]

Studying for the AWS Certified Solutions Architect: Associate Exam (SAA-C01)

Posted on May 29

Study Guides The AWS Certified Solutions Architect Study Guide: Associate SAA-C01 Exam 2nd Edition ($30) by David Clinton and myself covers more than you need to know to pass the exam. If you don’t believe me, just click the link and look at the reviews on Amazon. If you are fairly new to AWS, you’re […]

Operational Excellence Means Automation

Posted on April 2


People use the term “operational excellence” in a lot of different ways. In its vaguest sense, it means continuous improvement as applied to operations. But you’re interested in what it means in the context of technology operations. And I’m here to tell you that it means automation. Operational Excellence is one of the five pillars […]