<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon
strongDM logo

blog

On-Call Management | Automating Access with PagerDuty and StrongDM

On-Call Management | Automating Access with PagerDuty and StrongDM

Production incidents typically require elevated permission to get your services back online quickly, these can be automated.
Why ASICS Digital Builds 12-Factor Apps with a Focus on Infrastructure

Why ASICS Digital Builds 12-Factor Apps with a Focus on Infrastructure

John Noss is a Senior Site Reliability Engineer at ASICS Digital, formerly Run Keeper. In this talk, he shares how ASICS Digital builds 12-Factor
How Hearst Eliminates DevOps Complexity -- An Architecture Review
How Hearst Eliminates DevOps Complexity -- An Architecture Review
In this talk, Jim Mortko (responsible for leading all Internet-based engineering and digital production efforts) and DevOps Engineer Manuel Maldonado, they discuss how Hearst eliminated DevOps complexity through automation and tooling decisions. Listen as they walk through their services and application architecture and download the slides now.
How Betterment Secures Server Access - Automate the Boring Stuff
How Betterment Secures Server Access - Automate the Boring Stuff
Chris Becker is an SRE at Betterment. Previously, he did similar work on Warby Parker's Infrastructure team. At Betterment, he earned the label APT (advanced persistent threat) thanks to consistently tripping alarms with his peculiar scripts and commands. In this talk, he discusses how Betterment's approach to server access controls evolved as the team grew exponentially. With more people and keys to manage, the SRE team needed to find ways to automate more and reduce the maintenance overhead.
Why Fair Eliminated Static Credentials -- A Retrospective
Why Fair Eliminated Static Credentials -- A Retrospective
Cat Cai is currently the Director of Platform Engineering at Fair. In this talk, alongside Jack Wink and Marshall Brekka, they discuss how Fair eliminated static credentials through automation and tooling decisions. Listen as they walk through how they make sure they enforce least privileged access, and rotate credentials without causing a huge headache in the organization.
Alternatives to Teleport
Alternatives to Teleport
Gravitational Teleport is a powerful tool allowing organizations to secure access to SSH servers and Kubernetes clusters via a centralized authentication method. However, if you need to secure access to databases, Windows servers or internal web applications in addition to Linux servers/Kubernetes, there are other options to consider.
SOC 2 Terminology Glossary
SOC 2 Terminology Glossary
SOC 2 compliance, like so many things related to IT and security, is chock full of terms and acronyms to learn. If you are just getting started with SOC 2, it’s helpful to get familiar with this alphabet soup ahead of time so you can move your compliance efforts forward with confidence. Below is a SOC 2 terminology glossary to get you started:
Security Incident Response Policy (SIRP) Explained
Security Incident Response Policy (SIRP) Explained
This article will point you to the core concepts within a security incident response policy (SIRP) so that you understand the purpose of this policy, challenges, and tools to consider when writing your own.
Token Security Podcast | Senior Engineering Director at Zymergen on Code Reviews
Token Security Podcast | Senior Engineering Director at Zymergen on Code Reviews
At Token Security our goal is to teach the core curriculum for modern DevSecOps. Each week we will deep dive with an expert so you walk away with practical advice to apply to your team today. No fluff, no buzzwords. This week Jeff Burkhart, Senior Engineering Director at Zymergen talks code reviews, code review fatigue, and what to do when agile becomes tedious.
How To Prepare For Your First SOC 2 Audit A 30-90-120 Day Plan
How To Prepare For Your First SOC 2 Audit A 30-90-120 Day Plan
Despite thousands of articles, there’s shockingly little actionable advice to help startups complete SOC 2. One area that usually requires some remediation is access controls. Most teams don’t have answers when auditors ask “who has access to a specific database or server and what queries did they execute?” That’s why we started strongDM- to manage and monitor access to every database, server, & environment.
new-strongdm-desktop-app-ui
Want to learn more?
See StrongDM in action. 👀