AlgoSec

CSPM & Beyond - AlgoSec live demo

Mon, 30 Dec 2024 20:50:21 GMT

Double down on cloud security webinar

Thu, 30 May 2024 09:10:24 GMT

The cloud offers fantastic benefits, but it also comes with new security challenges.
Join our Double Down on Cloud Visibility: See Threats, Eliminate Risks & Secure Your Network webinar and empower yourself to confidently secure your cloud environment.
In this session, you'll gain valuable insights on:
Gain a unified view of your entire multi-cloud environment, including accounts, assets, and network security controls (e.g., AWS, Azure firewalls).  No more switching between dashboards!
Identify and eliminate network security risks by confidently removing risky network configurations.
Effortlessly identify and address compliance gaps across your multi-cloud network

AlgoSec cloud product demo

Mon, 13 May 2024 10:24:41 GMT

Watch AlgoSec cloud in action and learn how you can:

• Enhance visibility across the hybrid multi-cloud estate with central management

• Prioritize risks according to business applications and severity

• Reduce manual labor, errors, and their associated risks and costs

• Cleanup unused network security rules to reduce attack vector and better utilize resources

SANS and AlgoSec: Addressing network and configuration risks

Thu, 18 Jan 2024 11:27:30 GMT

Discover the latest in cloud security in our upcoming webinar. We'll tackle the challenges of configuration and network security in cloud environments, analyze real-world breach cases, and highlight overlooked risks. Learn about essential tools and practices to fortify your cloud infrastructure. Join us for insights into keeping your organization secure against evolving threats.

5 Pillars for advanced cloud security

Tue, 19 Dec 2023 10:16:11 GMT

Secure your cloud environment with just 5 Pillars. Learn how Prevasio CNAPP’s innovative features and robust architecture, offers a comprehensive defense mechanism that goes beyond traditional security measures.
Try Prevasio free here

Hybrid Cloud Security with Google and AlgoSec- Webinar

Thu, 16 Nov 2023 06:00:00 GMT

In this short webinar we will discuss the challenges in these hybrid networks and how Google Cloud and AlgoSec are helping companies leverage cloud technologies to add more capacity and business applications without increasing their exposure to security risk.

Securing cloud DevOps with Avishai Wool

Wed, 08 Nov 2023 11:57:54 GMT

The cloud has revolutionized the way we develop and deploy software, but with great power comes great responsibility. In this exclusive video, Avishai Wool, a seasoned professional in the field, takes you on a comprehensive journey through the crucial aspects of securing your DevOps practices in the cloud.

Introducing Prevasio CNAPP

Tue, 31 Oct 2023 11:46:49 GMT

Prevasio CNAPP gives you an extensive view of your east-west and north-south traffic. It empowers you to detect both configuration and IaaS network risks, identify drift from safe setups, and spot risky behavior in container apps—all without agents.
Request a demo today to experience how Prevasio CNAPP can revolutionize your cloud security.

Joint webinar with Microsoft Azure- Understanding Hybrid Network Security

Fri, 15 Sep 2023 06:30:00 GMT

In this joint webinar with Microsoft, we discuss the challenges in these hybrid networks and how Microsoft Azure and AlgoSec are helping companies leverage cloud technologies to add more capacity and business applications without increasing their exposure to security risk.

During the webinar you will hear Yuval Pery, the Product Manager for Azure Network Security at Microsoft, review and discuss the security features and options available with Microsoft Azure. We also have Yoav Yam-Karnibad, the Product Manager for Cloud Network Security at AlgoSec, show the integrations that exist today between AlgoSec and Microsoft Azure that help improve visibility and identify and prioritize risk in today's hybrid environments.

What's new in AlgoSec cloud

Thu, 13 Jul 2023 14:04:12 GMT

Dive into the latest innovations and advancements in AlgoSec Cloud, revolutionizing cloud security management. Simplify and streamline your approach, gain visibility and control, and stay ahead in the dynamic digital landscape. Don't miss out on this game-changing opportunity to strengthen your security posture in the cloud.

Zscaler and AlgoSec demo

Fri, 23 Jun 2023 00:14:20 GMT

This short demo highlights the integration between Zscaler and AlgoSec.
This includes capabilities such as policy visibility, risk analysis, change history, compliance reports, policy optimization, and traffic simulation query.

Moving to zero trust- Hybrid cloud security with Zscaler and AlgoSec.mp4

Wed, 26 Apr 2023 17:37:45 GMT

As more organizations adopt hybrid cloud environments, securing data and applications has become increasingly complex. The traditional perimeter-based approach to security is no longer enough to protect against advanced threats and targeted attacks. In this webinar, experts from Algosec and Zscaler will discuss how to move toward a Zero Trust security architecture in hybrid cloud environments.

Join us for a conversation about:
• Why organizations are moving toward zero trust
• How to manage legacy and new network technologies together
• A demo showing how these solutions are integrated

Intersection of cloud and application security - CSA survey results

Tue, 04 Apr 2023 09:10:43 GMT

Watch an exciting joint webinar between AlgoSec and the Cloud Security Association, where we will explore the latest trends and challenges in cloud security and container adoption.

Our experts will cover the following topics:
• The current state of cloud security and emerging threats
• Best practices for securing cloud environments
• Strategies for integrating container security into your overall security posture
• The role of automation in managing security policies in containerized environments

AWS and Hybrid Cloud Security.mp4

Mon, 03 Apr 2023 18:21:44 GMT

With all the advantage that cloud technologies bring, how can companies embrace and maintain a healthy security posture across hybrid cloud environments. In this short webinar we discuss how AWS and AlgoSec are helping companies leverage cloud technologies to add more capacity and business applications without increasing their exposure to security risk.

Watch now to learn about: security of the cloud/security in the cloud, security challenges in hybrid environments, and the latest capabilities to help catch security policy and connectivity issues before code is deployed.

What's new in AlgoSec SaaS -Q3 2022

Tue, 18 Oct 2022 19:22:59 GMT

A short update on our new SaaS features released in Q3 2022

IaC Connectivity Risk Analysis: Identify risks from your pull requests

Thu, 15 Sep 2022 19:04:40 GMT

The AlgoSec cloud Infrastructure-as-Code (IaC) Connectivity Risk Analysis seamlessly integrates into your CI/CD pipeline, scanning code for vulnerabilities in GitHub or GitLab before cloud deployment. It offers developers instant risk assessments and remediation steps directly within their workflow, enhancing security without slowing down development. Learn how this feature streamlines secure code deployment in your cloud infrastructure.

Journey to the Cloud.mp4

Sun, 10 Jul 2022 10:28:15 GMT

Efficient cloud management helps simplify today’s complex network environment, allowing you to secure application connectivity anywhere. But it can be hard to achieve sufficient visibility when your data is dispersed across numerous public clouds, private clouds, and on-premises devices.

Today it is easier than ever to speed up application delivery across a hybrid cloud environment while maintaining a high level of security. In this webinar, we’ll discuss:

- The basics of managing multiple workloads in the cloud
- How to create a successful enterprise-level security management program
- The structure of effective hybrid cloud management

Skills Acceleration Workshops: Hybrid Cloud

Sun, 27 Mar 2022 14:55:49 GMT

Top 5 Predictions & Best Practices for 2022

Tue, 21 Dec 2021 14:09:54 GMT

In this video, Prof. Avishai Wool, AlgoSec CTO and co-founder, provides his expert opinion on the Top 5 ongoing and new challenges in cybersecurity and network security management expected to take place in 2022 and offers invaluable best practices. To learn more, please contact us to set up a demo at https://www.algosec.com/lp/request-a-demo/

How to Modernise Your Infrastructure Without Neglecting Your Security

Mon, 14 Jun 2021 13:40:34 GMT

Alex Hilton Chief Executive, CIF | Kyle Wickert Worldwide Strategic Architect, AlgoSec | Michael Meyer CRP, MRSBPO

Episode 2 of Keeping Up-to-Date with Your Network Security

There is a lot of value in moving enterprise applications onto the cloud. These benefits range from security and data protection and business agility, to financial benefits and faster time to markets. However, efforts can sometimes be misplaced, which causes disruption to the network and leaves you with inadequate security and compliance measures. Cloud network security is made up of multiple layered security, and before making the decision to use enterprise applications in the cloud, you must thoughtfully consider the variety of security controls you will use to secure your data.

So, how can you elevate digital transformation and cloud migration efforts, without neglecting your security? Does it have to be one or the other, and if not, what steps should be taken in your transformation journeys to ensure that network security remains a priority?

Join us in this session to learn more about:

- What is required to move the security portion of your application

- Challenges and solutions to lower the cost, better prepare for the migration and reduce the risks involved

- How to enhance visibility, and why this is so important when modernising your infrastructure

- How to unify your network security management across a hybrid and multi-cloud environment

Click here for a personal demo: https://www.algosec.com/lp/request-a-demo/

Gaps between CloudOps, NetOps & SecOps teams

Tue, 01 Jun 2021 16:08:00 GMT

Hear from network security experts as they discuss the gaps faced by CloudOps, NetOps, and SecOps teams.

Click here for a personal demo: https://www.algosec.com/lp/request-a-demo/

How to manage your cloud journey

Wed, 12 May 2021 12:07:03 GMT

Episode 1 of Keeping Up-to-Date with Your Network Security

Speakers:
Alex Hilton Chief Executive, CIF

Oren Amiram Director, Product Management, AlgoSec

Stephen Owen CISO

Securing your data was once much simpler. It’s grown more complex in recent years. As the workforce becomes more distributed, so does your data. Spreading your data across multiple public and private clouds complicates your network. Today’s data sits in multiple locations and geographies, and is made up of multiple public clouds, private clouds and other on-premises network devices. Therefore, managing your cloud journey can be tiresome and complicated.

Enter cloud management.

In this episode we’ll discuss:
- How to manage multiple workloads on the cloud
- What successful security management looks like for today’s enterprises
- How to achieve simple, effective security management for your hybrid network Click here for a personal demo: https://www.algosec.com/lp/request-a-demo/

The 6 best practices to stay secure in the hybrid cloud

Sun, 02 May 2021 16:13:13 GMT

Omer Ganot(AlgoSec) | April 2021

Doug Hurd (Cisco) Henrik Skovfoged (Conscia) Oren Amiram (AlgoSec) Tsippi Dach (AlgoSec)
What if we told you that there were just six things that you can start doing to be more secure in your hybrid cloud environment?
In this session, you’ll get clear insight on what you can do right away to tighten your hybrid cloud network security. From visibility through network management, to risk and cleanup – security expert Omer Ganot will guide you through the steps to help you stay secure. Click here for a personal demo: https://www.algosec.com/lp/request-a-demo/

AlgoSec cloud Integration | Hybrid Network Connectivity Check

Mon, 01 Mar 2021 16:24:09 GMT

Running a connectivity check in AlgoSec cloud allows you to observe how traffic is routed across your entire hybrid network. You can use this information to troubleshoot, reduce risk across the whole hybrid network, and more.

Cloud migrations made simpler: Safe, Secure and Successful Migrations Webinar

Wed, 28 Oct 2020 18:45:32 GMT

Migrating applications to the cloud – without creating security holes, application outages or violating compliance – is within reach!

In this webinar, Avivi Siman-Tov, Director of Product at AlgoSec, will guide you on how to simplify and accelerate large-scale complex application migration projects.

The webinar will cover:
• Why organizations choose to migrate their applications to the cloud
• What is required in order to move the security portion of your application and how long it may take
• Challenges and solutions to lower the cost, better prepare for the migration and reduce the risks involved
• How to deliver unified security policy management across the hybrid cloud environment

Overcoming the Challenges of Managing a Hybrid Environment

Thu, 01 Oct 2020 15:58:19 GMT

Omer Ganot, Cloud Security Product Manager (AlgoSec), Stuti Deshpande, Partner Solution Architect (AWS) | Sep 2020

Public clouds such as Amazon Web Services (AWS) are a critical part of your hybrid network. It is important to keep out the bad guys (including untrusted insiders) and proactively secure your entire hybrid network.

Securing your network is both the responsibility of the cloud providers, as well as your organization’s IT and CISOs – the shared responsibility model. As a result, your organization needs visibility into what needs to be protected, as well as an understanding of the tools that are available to keep them secure.

In this webinar, Omer Ganot, AlgoSec’s Cloud Security Product Manager, and Stuti Deshpande's, Amazon Web Service’s Partner Solutions Architect, will share security challenges in the hybrid cloud and provide tips to protect your AWS and hybrid environment, including how to:

• Securely migrate workloads from on-prem to public cloud
• Gain unified visibility into your network topology and traffic flows, including both public cloud and on-premises assets, from a single console.
• Manage/orchestrate multiple layers of security controls and proactively detect misconfigurations
• Protect your data, accounts, and workloads from misconfiguration risks
• Protect web applications in AWS by filtering traffic and blocking common attack patterns, such as SQL injection or cross-site scripting
• Gain a unified view of your compliance status and achieve continuous compliance

AlgoSec cloud central Policy Management

Tue, 08 Sep 2020 23:06:11 GMT

In this video we will demonstrate the power of central policy management of cloud security controls.
Save time, identify and prevent human error and risk by managing a single policy set instead of doing the same for multiple similar security controls.

AlgoSec cloud rule usage and cleanup

Tue, 08 Sep 2020 23:01:09 GMT

In this video we will demonstrate how AlgoSec cloud can provide great value with flow logs-based rule usage and cleanup.
With this capability you can easily observe usage tied to risky rules as well as identify unused rules and remove them to reduce risk and avoid bloated policies without compromising business continuity.

Achieving Visibility and Security in AWS and across the Hybrid Network | AWS...

Tue, 07 Jul 2020 10:39:58 GMT

As enterprises rapidly migrate data and applications to public clouds such as Amazon Web Services (AWS), they achieve many benefits, including advanced security capabilities, but also face new security challenges.

AWS lets organizations operate applications in a hybrid deployment mode by providing multiple networking capabilities. To maintain an effective security posture while deploying applications across complex hybrid network environments, security professionals need a holistic view and control from a single source.

Yet, security isn’t just the responsibility of the cloud providers alone. Organizations need to understand the shared responsibility model and their role in maintaining a secure deployment. While AWS’s cloud framework is secured by AWS, the challenge of using the cloud securely is the responsibility of your organization’s IT and CISOs. As multiple DevOps and IT personnel make frequent configuration changes, the shared responsibility model helps achieve visibility and maintain cloud security.

In this webinar, Yonatan Klein, AlgoSec’s Director of Product, and Ram Dileepan, Amazon Web Service’s Partner Solutions Architect, will share best practices for network security governance in AWS and hybrid network environments.

Optimize your Juniper Investment with Intelligent Network Security Automation

Wed, 25 Mar 2020 19:30:22 GMT

Max Shirshov, EMEA Solutions Architect (AlgoSec) | March 24, 2020
Are you maximizing all the capabilities that your Juniper solutions offer? Expand its potential and maximize your ROI. Discover how to secure your homogeneous and multi-vendor network with intelligent automation.

In this webinar, Max Shirshov, EMEA Solutions Architect at AlgoSec, will demonstrate how to assess risk and audit the firewall estate for regulatory compliance, address security breaches caused by misconfigured network devices, and provide fast and efficient change management utilizing the AlgoSec Security Management solution for your Juniper devices.

Join the webinar to learn how to:

Gain complete visibility into your Juniper-estate as well as multi-vendor and hybrid networks
Intelligently push security policy changes to your Netscreen and SRX firewalls, MX routers and Juniper Space, as well as other vendors’ security devices, SDN and public clouds
Automate application and user aware security policy management and ensure your Juniper devices are properly configured
Assess risk and ensure regulatory compliance across your entire enterprise environment

Managing Effective Security Policies Across Hybrid and Multi-Cloud Environments

Wed, 18 Mar 2020 14:04:50 GMT

Yitzy Tannenbaum, Product Marketing Manager | Oct 25 2018

Enterprises are not only migrating applications to the cloud from on-premise data centers, but they are developing multi-cloud strategies to take advantage of availability and cost structures as well as to avoid vendor lock-in. In fact, IDC has predicted that more than 85% of IT organizations will commit to multi-cloud architectures already by the end of this year.

In complex, multi-cloud and hybrid environments, security teams need to understand which network flows and security controls impact application connectivity, including cloud-specific security controls (Network ACL and security groups) as well as virtual and physical firewalls that protect cloud resources. They need to manage policies that maintain their compliance posture across multiple clouds and hybrid environments.

In this webinar, Yitzy Tannenbaum illuminates security-policy issues in multi-cloud and hybrid environments and show you how to achieve:

Visibility across the multi-cloud network topology to ensure deployment of security controls that support network-segmentation architecture
Uniform security policy across complex multi-cloud and hybrid environments
Automatic monitoring of multi-cloud and hybrid network-security configuration changes to analyze and assess risk and to avoid compliance violations
Instant generation of audit-ready reports for major regulations, including PCI, HIPAA, SOX and NERC, in the context of multi-cloud environments
Automatic provisioning of application connectivity flows across a variety of security controls in hybrid environments

Securely Managing Application Connectivity – Best Practices

Sun, 16 Jun 2019 11:42:42 GMT

Yoni Geva, Product Manager | June 12, 2019
New business applications are added, changed or removed every day, forcing implementation of complex, time-consuming network security changes. Migrating business applications to the cloud adds additional complexities, such as understanding the network connectivity of each application prior to deployment, provisioning the relevant firewalls and routers in the cloud, and then migrating and adjusting existing network connectivity to support them.

In this webinar, Yoni Geva, Product Manager at AlgoSec will present:

•Innovative application-discovery technologies
•Application-centric use cases, including policy cleanup and documentation
•How to simplify and accelerate rule recertification through automation
•How to prevent breaches by associating vulnerabilities to business applications and
firewall rules
•How to ensure ongoing compliance and audit-readiness

CSA Study: Security Challenges in Cloud Environments

Sun, 26 May 2019 12:02:05 GMT

John Yeoh, Global VP of Research (CSA) & Yitzy Tannenbaum Product Marketing Manager (AlgoSec) | May 22 2019

Cloud computing provides improved security, agility, and flexibility. However, integrating this new service into legacy IT environments comes with great concern.

In a recent report published by the Cloud Security Alliance (CSA), security, data loss and compliance were identified as the top 3 concerns when moving to the cloud. In the face of increasingly complex environments, cloud visibility and expertise are essential to ensuring a manageable, secure and fluent transition to a native cloud, hybrid or multi-cloud environment.

Join our special webinar with John Yeoh, Director of Research with expertise in cybersecurity, cloud computing, information security, and next generation technology from the Cloud Security Alliance (CSA).

We will cover various topics from the new CSA report Cloud Complexity: The Use of Hybrid and Multi-Cloud Environments, including:

• Workloads being used in or moved to the cloud and how they are being deployed/migrated
• Types of cloud platforms being used by companies
• Common security challenges faced by companies when moving workloads to the cloud
• Methods of managing risk and vulnerabilities in the cloud environment
• Causes of network or application outages and the amount of time it took to remediate

Taming the storm clouds: managing network security across hybrid and multi-cloud

Thu, 28 Mar 2019 13:04:00 GMT

Yonatan Klein, Director of Product Management | Mar 27, 2019

Good old perimeter security, enforced by traditional firewall protection, is now combined with distributed firewalls, public cloud native security controls and third-party security services. The shared-responsibility security model means that IT organizations need to assume accountability for the data and overall security posture, as this is not exclusively the cloud providers’ responsibility.

Today, more than ever, enterprise security teams are challenged to stretch their tried-and-true security policies to their extended deployments. They lack visibility across this growing estate, they can’t keep up with DevOps, and they are unable to properly analyze risk. They need integrated security policy management solutions for hybrid-cloud environments.

Join Yonatan Klein, Director of Product Management at AlgoSec to learn how to take advantage of all the benefits of cloud and virtual deployments while maintaining your current security fundamentals.

Yonatan will cover how to:
•Easily and automatically identify security risks and misconfigurations in your cloud
•Centrally manage security controls across accounts, regions and VPCs/VNETs
•Gain complete visibility across subnets and instances, including security groups, network security groups and NACLs
•Obtain a cross-network-estate risk analysis

Selecting the right security policy management solution for your organization

Wed, 17 Oct 2018 18:30:00 GMT

Kyle Wickert, Worldwide Strategic Architect

IT must deliver more, faster. Yet as cyber-attacks increase in volume and sophistication, IT groups are finding themselves ill-equipped to secure their networks and maintain compliance while supporting business productivity.
In this era of digital transformation, managing security across complex enterprise networks presents huge challenges. Automation will ease the pressure.
Join Kyle Wickert, Worldwide Strategic Architect at AlgoSec, for a technical webinar on tips and best practices to help you select the right security policy management solution that will help drive business agility while ensuring security and compliance.

Key topics include:

Intelligent automation is more than just adding policies
Letting a business-centric approach take the lead
Extracting the best from existing automation processes and creating new ones
Managing it all together: cloud, SDN and on-premise

Sharing Network Security Information with the Wider IT Community With Team...

Tue, 30 Jan 2018 02:00:00 GMT

Firewall Management 201: Lesson 18

Collaboration tools such as Slack provide a convenient way to have group discussions and complete collaborative business tasks. Now, these automated chatbots can be used for answering questions and handling tasks for development, IT and infosecurity teams.

For example, enterprises can use chatbots to automate information-sharing across silos, such as between IT and application owners. So rather than having to call somebody and ask them “Is that system up? What happened to my security change request?” and so on, tracking helpdesk issues and the status of help requests can become much more accessible and responsive. Chatbots also make access to siloed resources more democratic and more widely available across the organization (subject, of course to the necessary access rights).

In this video, Prof. Wool discusses how automated chatbots can be used to help a wide range of users for their security policy management tasks – thereby improving service to stakeholders and helping to accelerate security policy change processes across the enterprise.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

The Benefits of Mapping Firewall Rules to Business Applications

Fri, 05 Jan 2018 02:00:00 GMT

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

New! How to Manage Dynamic Objects in Cloud Environments

Fri, 05 Jan 2018 02:00:00 GMT

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 7: How to Prepare for Network Segmentation by Identifying the Segment...

Fri, 05 Jan 2018 02:00:00 GMT

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at

How to Intelligently Select the Security Groups to Modify When Managing...

Tue, 26 Sep 2017 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 7

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

The Different Data Sources for Application Connectivity Discovery

Tue, 26 Sep 2017 03:00:00 GMT

Managing Business Application Connectivity: Lesson 6

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

How to Automatically Identify Business Application Connectivity Needs from...

Tue, 26 Sep 2017 03:00:00 GMT

Managing Business Application Connectivity: Lesson 5

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 7: How to Aggregate Network Flows Into Application Flows

Tue, 26 Sep 2017 03:00:00 GMT

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Lesson 17: PCI - Linking Vulnerabilities to Business Applications

Tue, 29 Aug 2017 03:00:00 GMT

Firewall Management 201: Lesson 17

PCI-DSS 3.2 regulation requirement 6.1 mandates that organizations establish a process for identifying security vulnerabilities on the servers that are within the scope of PCI. In this new lesson, Professor Wool explains how to address this requirement by presenting vulnerability data by both the servers and the by business processes that rely on each server. He discusses why this method is important and how it allows companies to achieve compliance while ensuring ongoing business operations.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

The Right Way to Audit AWS Policies

Wed, 12 Jul 2017 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 6

In this whiteboard video lesson Professor Wool provides best practices for performing security audits across your AWS estate.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Tips for Adding Capacity Without Changing Your Security Policies

Wed, 12 Jul 2017 03:00:00 GMT

Best Practices for Incorporating Security into DevOps

In theory adding capacity should be fairly straightforward, with minimal need for any intervention by the organization’s security team. But in practice it’s a little more complex. In this video Professor Wool provides some tips and best practices to help you add capacity without having to change your security policies, complete a security review or worse still, cause an outage or gap in the security perimeter.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

How to Integrate Security into the CI Process

Wed, 12 Jul 2017 03:00:00 GMT

Best Practices for Incorporating Security into DevOps

In previous lessons Professor Wool discussed how building security into DevOps processes at an early stage helps organizations maximize the speed and agility of application development, while minimizing the risks of problems and outages when the applications go live. In this whiteboard video Professor Wool looks at how security automation helps to speed up the practice of Continuous Integration (CI) - a core element of DevOps.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Combining Security Groups and Network ACLs to Bypass AWS Capacity Limitations

Thu, 29 Sep 2016 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 5

AWS security is very flexible and granular, however it has some limitations in terms of the number of rules you can have in a NACL and security group. In this lesson Professor Wool explains how to combine security groups and NACLs filtering capabilities in order to bypass these capacity limitations and achieve the granular filtering needed to secure enterprise organizations.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Using AWS Network ACLs for Enhanced Traffic Filtering

Mon, 26 Sep 2016 03:00:00 GMT

In this lesson Professor Wool examines the differences between Amazon's Security Groups and Network Access Control Lists (NACLs), and provides some tips and tricks on how to use them together for the most effective and flexible traffic filtering for your enterprise.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Protect Outbound Traffic in an AWS Hybrid Environment

Wed, 06 May 2015 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 2

Outbound traffic rules in AWS Security Groups are, by default, very wide and insecure. In addition, during the set-up process for AWS Security Groups the user is not intuitively guided through a set up process for outbound rules – the user must do this manually. In this lesson, Professor Wool, highlights the limitations and consequences of leaving the default rules in place, and provides recommendations on how to define outbound rules in AWS Security Groups in order to securely control and filter outbound traffic and protect against data leaks.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

The Fundamentals of AWS Security Groups

Wed, 06 May 2015 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 1

In this lesson Professor Wool provides an overview of Amazon Web Services (AWS) Security Groups and highlights some of the differences between Security Groups and traditional firewalls. The lesson continues by explaining some of the unique features of AWS and the challenges and benefits of being able to apply multiple Security Groups to a single instance.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com

Change Management, Auditing and Compliance in an AWS Hybrid Environment

Wed, 06 May 2015 03:00:00 GMT

Best Practices for Amazon Web Services (AWS) Security: Lesson 3

Once you start using AWS for production applications, auditing and compliance considerations come into play, especially if these applications are processing data that is subject to regulations such as PCI, HIPAA, SOX etc. In this lesson, Professor Wool reviews AWS’s own auditing tools, CloudWatch and CloudTrail, which are useful for cloud-based applications. However if you are running a hybrid data center, you will likely need to augment these tools with solutions that can provide reporting, visibility and change monitoring across the entire environment. Professor Wool provides some recommendations for key features and functionally you’ll need to ensure compliance, and tips on what the auditors are looking for.

Learn more about AlgoSec at http://www.algosec.com and read Professor Wool's blog posts at http://blog.algosec.com