Latest Articles

How streamlining access leads to productive development teams

  • Uncategorized

How Streamlining Access Leads To Productive Development Teams Does your access management hurt your team’s productivity? It does. How do we know? Let’s look at the data. Access and productivity in numbers The average employee has 191 passwords to keep track managing all those different usernames and passwords is a huge time suck. There’s no […]

DevOps Expert Talks: Ask Me Anything With Moshe Belostotsky

  • DevOps Leaders Spotlight

In this Q&A session with Moshe Belostotsky, Director of DevOps at, we dive into the changing role of DevOps and how security considerations are changing the way software is being built and delivered. Q: First of all, if you can tell me a little about yourself, what brought you into DevOps? A: “I was […]

The Uber Hack – Advance Persistent Teenager Threat 

  • Articles
  • Latest Articles

Uber, the ride hailing giant, confirmed a major system breach that allowed a hacker access to Vsphere, google workplace, AWS, and much more, all with full admin rights.  In what that will be remembered as one of the most embarrassing hacks in recorded history, the hacker posted screenshots to the vx-underground twitter handle, from the […]

Effective Privilege Management in the Cloud – Mission Impossible?

  • Uncategorized
  • Articles

TLDR: Overprivileged access is a natural consequence of manually granting and revoking access to cloud assets and environments. What DevOps teams need are tools to automate the process. Apono automatically discovers cloud resources and their standing privileges, centralizing all cloud access in a single platform so you don’t have to deal with another access ticket […]

What we can learn from the LastPass hack

  • Uncategorized

LastPass, a password manager with over 33M users reported an unauthorized party hacked into its development environment, the hackers were able to gain access through a single breached developer account.  Don’t act all surprised, getting hacked is a “WHEN” not an “IF” question  Everyone gets hacked eventually, the bigger a company is the bigger the […]

Top 5 AWS Permissions Management Traps DevOps Leaders Must Avoid

  • Uncategorized

As born-in-the cloud organizations grow, natively managed Identity and Access Management (IAM) tools are becoming a growing concern. Although DevOps teams tend to bear the burden of cloud IAM provisioning, the operational challenges transcend functional silos. Even when SREs and infrastructure teams are closely aligned with security leaders, using native IAM tools to provision access […]

How a DevSecOps Initiative Could Have Prevented the IKEA Canada Privacy Breach

  • Uncategorized

Earlier this week, IKEA Canada confirmed that an employee had accessed private customer information. Although the official announcement did not provide details, it’s a safe bet to assume that controls related to data governance and regulatory compliance are the primary guardrails that led to the revelation. Unfortunately, this particular case hardly represents an isolated incident.  […]