TrustOnCloud provide cloud control catalogs for each Cloud service; based on threat models, audit-ready, and always up-to-date.
Joined January 2021
- Tweets 216
- Following 40
- Followers 244
- Likes 108
90 Photos and videos
May 8
๐ฃ๐ฟ๐ผ๐ฑ๐๐ฐ๐ ๐๐ฝ๐ฑ๐ฎ๐๐ฒ: Data flow diagrams are now interactive. Across ๐ฒ๐๐ฒ๐ฟ๐ cloud service we cover.
Hereโs whatโs new:
โ ๐๐ผ๐๐ฒ๐ฟ any component to surface its threats
โ ๐ฃ๐ถ๐ป the popup to keep it visible while you explore
โ ๐๐น๐ถ๐ฐ๐ธ through to the full threat detail
For our customers, log in and try it across every service youโre covered for.
Try it with the Amazon S3 model: demo.app.trustoncloud.com/daโฆ.
#ProductUpdate #DataFlowDiagrams #CloudSecurity #AWS #S3
1
1
65
Apr 28
CloudTrail is where your regulators, your SIEM, and your auditors all look. So when a service starts quietly writing customer details into it, that's a problem.
1
1
1
65
Apr 28
Two things worth doing this week:
1๏ธโฃReview where CloudTrail logs are stored and who can read them
2๏ธโฃSpot-check what the services handling your most sensitive data are actually writing to the event record
1
16
Apr 28
Kudos to Usman at @TrustOnCloud for flagging this and helping AWS ship the fix, and to @Hacker0x01 for a structured disclosure path that actually moves.
#CloudSecurity #AWS #CloudTrail #TrustOnCloud #CloudService
19
Apr 16
We made our cloud security research more explorable.
Browse our cloud security research for Amazon S3 (also covers AWS S3 glacier), Azure Storage (also Azure blobs, files), BigQuery (BigQuery Data Transfer Service, Analytics Hub).
Each service includes:
โ threat scenarios with data flow diagrams
โ prioritised controls mapped to 180 frameworks
โ continuous updates as cloud providers ship changes
View now ๐
demo.app.trustoncloud.com/daโฆ
#cloudsecurity #multicloud #trustoncloud #ai #onboarding
1
2
74
Mar 11
66% of your cloud controls aren't covered by default Wiz rules. we know because we mapped every single one across AWS S3, Azure Storage, and GCP BigQuery.
then we open-sourced 50 custom rules to close it. used by 4 global systemic banks. free on Github: trustoncloud.com/blog/wiz-cuโฆ
#cloudsecurity #CNAPP #infosec #Cloudcontrols
1
1
83
Feb 26
1/ We just open-sourced @wiz_io CCR packages for AWS S3, Azure Storage & GCP BigQuery.
Default Wiz coverage: ~34% for these services. Here's what's missing and why it matters for regulated enterprises ๐งต
1
1
2
74
Feb 26
4/ GCP #BigQuery: 3% covered. 34 of 35 controls missing. Most are medium severity: IAM entity access, row-level security, authorized encryption.
1
2
36
Feb 26
5/ Each package includes: mapping of default Wiz rules โ our controls Rego CCRs for every gap. All open-source. Learn more: trustoncloud.com/blog/wiz-cuโฆ
2
25
Feb 4
๐จ Using AWS "What's New" #RSS feed for cloud monitoring? You might be missing critical updates.
A few years back, our dashboards stayed green while we went blind to changes. Here's what happened ๐งต
1
1
34
Feb 4
Before the next re:Invent:
โ
Pull daily during burst weeks
โ
Use the API, not just RSS
โ
Add completeness checks: make "missing updates" an alert, not an accident
(4/5)
1
1
17
Feb 4
We learned the hard way: RSS isn't reliable for cloud change monitoring. AWS API pagination completeness checks = table stakes now.
#CloudSecurity #AWS #DevSecOps #ThreatIntelligence
1
21