Browsed by
Author: bmacharia

API Logging on EKS with CloudWatch

API Logging on EKS with CloudWatch

With the API-first approach of building software products becoming prominent and APIs now making up the most common communication channel for internet traffic, API security becomes paramount.API logging and monitoring is a key component in securing APIs, amongst others that include discovery, vulnerability management and compliance. APIs should have an inbuilt mechanism to collect access and transaction activities which can aid in their monitoring to identify potentially malicious activity. Golang being one of the most popular frameworks for developing APIs…

Read More Read More

Creating a CIS Level 1 Hardened AWS AMI

Creating a CIS Level 1 Hardened AWS AMI

A security baseline configuration defines a set of agreed security configurations that an organization requires to be set during deployment of an infrastructure component such as an operating system. This allows such an organization to implement systems in an efficient and standardized manner as well as ensure that all infrastructure components meet a set of minimum security requirements. The Center for Internet Security (CIS) provides well-defined industry best practice security benchmarks to help organizations assess and improve their infrastructure security….

Read More Read More

Leveraging Cloud for Data Protection Compliance

Leveraging Cloud for Data Protection Compliance

Over the last couple of years, countries have adopted data protection regulations, appreciating the need to protect citizen data against unauthorized or unlawful processing, loss, theft, destruction, or damage. Such regulations include the General Data Protection Regulation (GDPR), Kenya Data Protection Act (KDPA) and the Uganda Data Protection and Privacy Act (UDPPA). Organizations of all sizes are required to comply with the data protection regulations as long as they collect and/or process customer data in their business operations. Many Small…

Read More Read More