• PLATFORM
      • Cryptosense Analyzer
        • Analyzer for Applications
        • Analyzer for PKCS#11
      • Features
        • Custom Cryptography Policies
        • LDAP and AD Integration
        • Custom Cryptography Rules
        • REST API
        • Vulnerabilities Types Found
        • All Features
  • SOLUTIONS
      • Use Cases
        • Cryptography Inventory
        • Secure Cloud Migration
        • Automated Crypto Audits
        • Crypto Testing in the SDLC
        • Automated HSM Pen-Tests
        • All Use Cases
  • RESOURCES
      • Resources
        • Whitepapers
        • Datasheets
        • Blog
        • Training Courses
        • Cloud Crypto Comparison
      • Company
        • About Us
        • Careers
        • Partners & Resellers
        • Contact
  • SUPPORT
  • GET IN TOUCH
December 7, 2018

Auditing AWS S3 Crypto Use

Amazon Simple Storage Service (S3) is one of the most widely-used cloud services. Most users of the service know it’s wise to encrypt sensitive data before storing it in S3. In this post we’ll look at how to do that securely using the AWS Java SDK, and how Cryptosense Analyzer will help you spot if you’ve done it wrong.

Note that in this post we’re talking about client-side encryption where the sensitive data must be encrypted locally before it’s sent to AWS S3 servers. There are also options for server-side encryption managed via the S3 console. These only treat the data while at rest, it will still be in clear inside AWS servers (at least briefly) each time it’s accessed.

There are several different client-side encryption modes for S3 offered by the Java S3 SDK. First you need to decide whether you want to manage your master keys yourself, or have AWS manage your master keys in their key management service (KMS).

Continue reading →

September 28, 2018

Updating our Cloud Crypto Provider Comparison

Our comparison of cloud crypto services is one of the most popular pages on our site, so we’re making an effort to keep it up to date as the “big three” providers announce new features. The latest update includes faster KMS speeds recently announced by Amazon, the PKCS#12 method for Bring-your-own-key that’s supported by Microsoft Azure (but not so easy to find details of), and the Google KMS support for asymmetric keys.

The latest version of the infographic is below. If you’re interested in integrating your application with cloud crypto services or cloud HSMs, you might want to check out our new cloud crypto whitepaper, where we compare in detail these services and various migration approaches.

cloud security comparison - AWS KMS, Google Cloud KMS, Microsoft Azure Key Vault

March 28, 2018

Cloud Crypto Providers Part III – Logging Crypto Operations

compare cloud crypto providers

This is the third post in a series about cloud crypto functionality provided by the “big three” cloud providers – Amazon Web Services, Microsoft Azure, and Google Cloud Platform (you can find parts one and two here).

Having set up an application and protected its keys with the cloud provider’s crypto API, we’d like to be able to monitor usage of these keys and any key management operations that take place, to be sure all is well and to meet audit requirements. What facilities do the big three providers offer for this?

Continue reading →

Interested in Crypto News?


There's a better way to Manage Cryptography

Find out how you can use Cryptosense Analyzer Platform to:

  • Automate detection of vulnerabilities in your cryptography
  • Map key lifecyles and library use before migrating to the cloud
  • Ensure regulatory compliance
  • Prepare for post-quantum crypto.
request a Demo now

Most Popular Posts

  • New cryptography in .NET Core 3.0
  • Parameter choice for PBKDF2
  • Dangerous Tutorials: How not to learn C# cryptography
  • The End of Triple DES
  • How Ledger Hacked an HSM
  • Detecting hard-coded cryptographic keys, passwords and credentials
  • PCI-DSS Crypto Compliance
    • Features
      • Cryptography Inventory
      • Low False Positive Rate
      • Custom Cryptography Policies
      • Custom Cryptography Rules
      • LDAP and AD Integration
      • REST API
      • Easy Installation
      • Expert Support
      • All Features
    • CS Analyzer
      • Request Demo
      • Secure Cloud Migrations
      • Automated Crypto Audit
      • Crypto Testing in the SDLC
      • Automated HSM Pen-Tests
    • Resources
      • Support
      • Whitepapers
      • Blog
      • Careers
      • Contact

Follow us on Twitter FR: +33 (0)9 72 42 35 31 US: +1 646-893-7657

info@cryptosense.com

© 2012-2019 Cryptosense | All rights reserved.

  • Cryptosense Analyzer
  • Request Demo
  • Use Cases
  • Support
  • Whitepapers
  • Contact
  • About Us
  • Blog
We use cookies to deliver our services. If you continue to use this site we assume you consent to our privacy policy.ACCEPTPrivacy policy