Profile

Zachary Chu

This user account status is Approved

Comments Comments

I appreciate the highlights on IAM policies. Very often overlooked!

On Encryption options for at-rest and in-transit logs and metrics (for example, client-side and server-side, AWS Key Management Service [AWS KMS])

Really appreciate the effort in putting this together.

On Investigating unintended permissions, authorization, or privileges granted to a resource, service, or entity

Appreciate the detailed steps on setting up GuardDuty for threat detection.

On Configuring network monitoring and logging by using AWS solutions

I think there should be more discussion on AWS X-Ray. It’s critical for tracing and debugging.

On AWS services and solutions to automate tasks and processes

I second that. Incorporating both automated and manual audits is the key to a robust security posture.

On Implementing a network audit strategy across single or multiple AWS network services and accounts (for example, Firewall Manager, security groups, network ACLs)

Could someone provide an example use case for IAM roles?

On AWS Identity and Access Management (IAM)

What are some use cases where Scan might be preferable over Query?

On Differences between query and scan operations

This article really helped me understand AWS Security Hub better.

On Automating the application of security controls in multi-account and multi-Region environments (for example, Security Hub, Organizations, AWS Control Tower, Systems Manager)

What are the best practices for deploying AWS Site-to-Site VPN?

On AWS networking services and DNS (for example, Direct Connect, AWS Site-to-Site VPN, Route 53)

Appreciate the post! It’s really helpful.

On When and how to apply cleansing techniques

load more comments