Detecting and Protecting PII in AWS in 2025
Cloud services offer on-demand, scalable computing resources, making them invaluable for handling large datasets, including sensitive information like Personally Identifiable Information (PII) and Protected Health Information (PHI)…
If A Secret Rotates In The Woods, Will Anyone Hear It?
While GCP provides a built-in mechanism for scheduling secret rotation, the actual implementation is left to you. After defining strategies for secret rotation, we’ll walk through some examples of how you can implement these strategies…
AWS re:Invent 2024 Security Announcements: How AI and Automation is Shaping Cloud Security
HanaByte’s AWS team attended AWS re:Invent 2024, which was a hub for groundbreaking innovations. As an AWS Partner since 2022, we have been focused on being at the forefront of technology advancements as organizations choose HanaByte for their security, governance, and compliance goals…
Terraform Best Practices
Terraform is a popular tool that allows developers to manage resources and collaboratively deploy infrastructure as code (IaC) for cloud technologies. It enables organizations to define, provision, and manage cloud resources in a consistent and automated way. Following best practices effectively is essential to ensure that Terraform configurations are reliable, maintainable, and secure…
From AFT to ATO: The Prequel
The purpose of this installment was originally to continue our journey; however, I was fortunate enough to speak on this topic in-depth at HashiTalks. Due to its technical nature, we thought it better to complete the blog series by taking a step back and providing a discussion about what the tool is, the problems it solves, and how it can empower us…
Introducing the Power of AI Security in GCP
In today’s rapidly evolving world, we recognize the immense potential of artificial intelligence (AI) across many different Industries. Google Cloud Platform (GCP) has harnessed the power of Generative AI to bring cutting-edge security capabilities to the forefront. By centralizing security findings in a streamlined and efficient manner, GCP is revolutionizing the way organizations approach cybersecurity…
A Look at the Modernizing FedRAMP Memo
The White House Office of Management and Budget (OMB) released a draft memorandum with the goals of enhancing the Federal Risk and Authorization Management Program, widely known as FedRAMP. In this blog post, we will go through a brief background on FedRAMP, then dive into the details of the OMB memo, and what it means for the future of FedRAMP…
From AFT to ATO, AWS Native FedRAMP Compliance through Terraform (Part 1)
The complexity of achieving a FedRAMP status in this sea of ever-growing cloud architectures, often led us and customers to the same conclusion: new accounts! Why go through the process of updating the entirety of their current architecture, when we only need resources in the authorization boundary to be compliant?…
Understanding Google Chrome’s Manifest V3
Written By Understanding Google Chrome’s Manifest V3 Google Chrome is a cross-platform web browser developed by Google in 2008 for accessing the World Wide Web and running Web-based applications and is currently dominating as the most popular web browser at 65.84% market share. Google Chrome extensions are one of the most beloved and implemented features […]
An Introduction to OSCAL
Written By An Introduction to OSCAL The Open Security Controls Assessment Language (OSCAL) is a set of data formats that is used to express machine-readable representations of control catalogs, baselines, and security documentation. It is important to recognize that OSCAL is not a tool, but instead a language. Using OSCAL allows us a data interchange […]
