Month: December 2022

Deploy a secure serverless architecture (+terraform)

Please refer to Secure Serverless Blueprint Guide and accompanying Terraform repo update for more detail. Serverless architectures enable customers to avoid the time-consuming process of applying security patches, controls¬† and agents to the underlying operating system and application servers.¬† The responsibility for safeguarding the data center, network, servers, operating systems, and their configurations is shifted …

Deploy a secure serverless architecture (+terraform) Read More »

Design and step by step to build your Google Cloud Landing Zone (Organization – Folders – Projects)

Some of my customers ask about best practice/reference on how to design an organization for their Google Cloud environment. This is one of the best sample on how to design this: Example Organization Your Organization – Folders – Projects Explanation of the strategy can be read from here: https://services.google.com/fh/files/misc/google-cloud-security-foundations-guide.pdf Step by step on how to …

Design and step by step to build your Google Cloud Landing Zone (Organization – Folders – Projects) Read More »

Resources, including code and templates, that can be used to deploy cloud resources in recommended configurations

Resources, including code and templates, that can be used to deploy cloud resources in recommended configurations. Deployable blueprints Security foundations deployable assets Terraform modules that can be composed to build a security-centric Google Cloud foundation. The supplied structure and code is a starting point with pragmatic defaults based on our guide. You can customize the scripts …

Resources, including code and templates, that can be used to deploy cloud resources in recommended configurations Read More »

Google Cloud security best practices

During my interaction with customers and partners, best practice and guidance always been asked by them. Best practices guides provide specific, informed guidance on helping secure Google Cloud deployments and describe recommended configurations, architectures, suggested settings, and other operational advice. This is one of the most comprehensive guide to ensure Security is properly implemented in …

Google Cloud security best practices Read More »

How to protect your website using Google Cloud Armor as Web Application Firewall

Some typical questions that I often get from customers is how to protect your web application against DDoS attack, forcing HTTPS, implementing OWASP 10 protection ([SQL] Injection, Broken authentication, Sensitive data exposure, XML external entities (XXE), Broken access control, Security misconfiguration, Cross-site scripting (XSS), Insecure deserialization, using components with known vulnerabilities, insufficient logging & monitoring). …

How to protect your website using Google Cloud Armor as Web Application Firewall Read More »