Last month, we announced Logz.io Security Analytics — a security app built on top of the ELK Stack, offering out-of-the-box security features such as threat intelligence, correlation, and premade integrations and dashboards. In this article, I’d like to show an example of using both the ELK Stack and Logz.io Security Analytics to secure an AWS environment.

Each November, AWS re:Invent draws thousands of AWS staff, partners, and users to Las Vegas for an intense week featuring all things AWS and AWS-related. As always, Datadog will be there and we’d love to meet you in person. Our engineers are excited to show off the new features they’ve been building and to answer your monitoring questions!

As my fellow CIOs are well aware, the rapid changes to our digital economy can seem daunting. Despite the challenges of our digital world, Wyndham Hotels & Resorts, the world’s largest hotel franchisor, executed a significant digital transformation requiring change from our North American hotel owners that ultimately enabled them to provide better service to their guests.

Welcome savvy builder. If you’ve made it to our corner of the Internet and headed to re:invent, you are in the right place. We want you to leave Las Vegas with the savvy to choose how and when to apply the growing menu of serverless capabilities to your initiatives. To help you, we’re sending our serverless-first engineers to Las Vegas with three goals.

I don’t know what to say about this post… I found something weird while investigating PPS on EC2. It seems to correlate with CPU credits on t1/t2/t3 instances, but is consistently inconsistent in presentation. It only shows up when you track the stats yourself, because Cloudwatch doesn’t show the 1-second granularity needed to see these numbers.

Today, around 20% of total applications in a large to medium size enterprise are cloud-native. Assuming 10% cannot be moved to Cloud, there are roughly 70% apps still sitting in a Data Center. CIOs are mandating these 70% apps to be moved to cloud. Application migration to the cloud is either manual or automated. Manual takes time and effort to make changes to the code and deploying them on cloud (after testing it inside out).

Still referencing Best Practices for Managing AWS Access Keys, best practices recommends that root access keys are never used and should be completely removed from your AWS account. Instead, IAM users with limited permissions should be used. In fact, Skeddly even prevents root access keys from being registered with Skeddly. We always recommend using IAM third-party roles, however, access keys can still be used. And we only allow IAM user access keys to be registered.

While benchmarking packets per second (PPS) in AWS EC2 and searching for hard-coded or other software-based limitations, my early findings suggested that there definitely was a credit mechanism, complete with network throttling, in place. I now know that to be false, since finding the guaranteed throughput / best effort mechanic.

We have read with great interest the recently released The New Stack ebook entitled: Guide to Serverless Technologies. It is a great report with great insights! We encourage you to read it as well (it's free!). We have recently closed our own survey and are tabulating the results and have seen many similarities and some differences in the responses. Weighing in on the findings of the New Stack survey in advance of releasing our report, we wanted to comment on three key themes from this eBook…

According to Best Practices for Managing AWS Access Keys, if you must utilize IAM access keys, it is best to remove or disable unused keys. This will close possible security holes in your AWS account. Today, we’re happy to announce a new action to help with this task: Disable Unused IAM Access Keys. This new action will iterate through the IAM users in your AWS account, determine when any access keys were last used, and if they were not used inside a configurable threshold, disable the keys.