{"id":43069,"date":"2020-12-21T00:00:00","date_gmt":"2020-12-21T00:00:00","guid":{"rendered":"https:\/\/www.trendmicro.com\/en_us\/devops\/20\/l\/build-secure-well-architected-framework-for-cloud-architects.html"},"modified":"2020-12-21T00:00:00","modified_gmt":"2020-12-21T00:00:00","slug":"build-a-secure-well-architected-cloud-environment-cloud-advocate","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/","title":{"rendered":"Build a Secure Well-Architected Cloud Environment Cloud Advocate"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/devops\/20\/l\/build-a-secure-well-architected-cloud-environment\/build-a-secure-well-architected-cloud-environment.jpg\"><\/p>\n<div><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/devops\/20\/l\/build-a-secure-well-architected-cloud-environment\/build-a-secure-well-architected-cloud-environment.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<p><span class=\"body-subhead-title\">Related articles in the Well-Architected series:<\/span><\/p>\n<p>In today\u2019s operating environment, security is critical and businesses must be protected from accidental and malicious threats. These threats can come from any direction and at any moment in time. Just like any other cloud providers, Amazon Web Services (AWS) and Microsoft\u00ae Azure\u00ae have a shared security model. Each model indicates what responsibility lies with the provider and what is the responsibility of the customer, so appropriate steps can be taken to ensure security.<\/p>\n<p>To kick things off, let\u2019s review a few design principles that will help you to build well-architected environments. And while this is not a complete list, but it is a great place to start!<\/p>\n<p><span class=\"body-subhead-title\">Well-Architected Design Principles<\/span><\/p>\n<ul>\n<li><span class=\"rte-red-bullet\">Implement a strong identity foundation: Ensure that core security principles are followed, such as the principle of least privilege and the principle of separation of duties. It is exceedingly difficult to control access between applications, users, devices, and resources. Having solid policies and processes that define centralized identity management and authentication methodologies other than static credentials, such as passwords, is crucial. Controlling access can be difficult, and you must be diligent in watching over configurations (or have <a href=\"https:\/\/cloudone.trendmicro.com\/\" target=\"_self\" rel=\"noopener\">automation in place<\/a> to do this for you) to ensure that Amazon Simple Storage Services (Amazon S3) buckets haven\u2019t been granted \u2018<a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/S3\/s3-bucket-authenticated-users-full-control-access.html\" target=\"_blank\" rel=\"noopener\">Full_Control<\/a>\u2019, for example.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Enable traceability: When it comes to security incidents, the most important thing is knowing that an incident has occurred. Log collection and analysis, as well as metric tracking, are essential here. For example, enabling <a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/Redshift\/user-activity-log.html\" target=\"_blank\" rel=\"noopener\">user activity logging<\/a> on something like Amazon Redshift is a step in the right direction.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Apply security at all layers: Defense in depth has been a security staple forever, as it helps to slow down attacks by detecting and preventing them earlier. To do this properly, security needs to be applied to virtual machines, operating systems, applications, virtual private clouds (VPCs), and the list goes on.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><a href=\"https:\/\/www.cloudconformity.com\/identity\/sign-up.html?source=AWS_OFFER\" target=\"_blank\" rel=\"noopener\">Automate security best practices:<\/a> It is human nature to make mistakes, but when it comes to security, every point that requires human interaction increases the chance of a security breach. When possible, it is always best to <a href=\"https:\/\/cloudone.trendmicro.com\/\" target=\"_blank\" rel=\"noopener\">automate security controls<\/a> to lessen the odds of an error occurring and enable more rapid expansion while controlling costs.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Protect data in transit and at rest: Someone is always listening, watching, and waiting for data to be left in the clear. Why make it easy for hackers? Always protect data in transit and at rest, with encryption.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Keep people away from customer data: The more access granted, the more likely an account will be compromised. With so many data regulations, direct access to customer data needs to be tightly controlled.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Prepare for security events: It will happen. There will be a hack. There will be a compromise. Have teams and procedures in place to respond to those incidents. From detection to recovery, the more automated the tools are, more effective the teams will be that rely on them. A good starting point is to ensure you have the <a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/SNS\/\" target=\"_blank\" rel=\"noopener\">right subscribers to Amazon Simple Notification Service (SNS)<\/a> messages. This is to ensure the right people get the messages and the wrong do not.<\/span><\/li>\n<\/ul>\n<p><b>Operational excellence applied to your cloud workload<\/b><br \/>Security must always be tailored to fit each individual business. To choose business-appropriate security controls, threat modeling and a risk assessment must be done. Once you have the results of those processes, you may need to revise your security decisions, especially within the cloud. Automated tools should be used to continuously scan your machine images, applications, APIs, or any other part of your infrastructure as code (IaC). You should be going through the exercise of threat modeling and assessing risk on a regular basis to ensure that you are up to date with the current threat landscape.<\/p>\n<p><b>Cloud account management for architects<\/b><br \/>Unfortunate lessons have been learned by companies like Code Spaces, who saw their business devastated by hackers who were able to compromise the company\u2019s corporate AWS account. To reduce the risk of this happening to your business, access to the root account within AWS or Azure controlled with multi-factor authentication (MFA) is recommended. As well, separate accounts should be established for production, development, testing, because if one account becomes compromised, the others can remain secure.<\/p>\n<p><a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/Organizations\/aws-organizations-in-use.html\" target=\"_blank\" rel=\"noopener\">AWS Organizations<\/a> should be used to centrally managing all of the AWS accounts within a corporation. When using AWS Organizations, it is critical to ensure all settings are appropriately chosen. To control all accounts appropriately, <a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/Organizations\/all-features.html\" target=\"_blank\" rel=\"noopener\">all features should be enabled<\/a>.<\/p>\n<p>Want to never have to manually check for adherence to AWS Organizations\u2019 best practices again? Have your AWS and Azure cloud infrastructure scanned for adherence to 750+ cloud guidelines by signing up for our free trial.<\/p>\n<p><span class=\"body-subhead-title\">Identity and access management (IAM)<\/span><\/p>\n<p>IAM is extremely crucial to protecting your business, as it allows organizations to control who can and cannot access data, accounts, etc. If someone or something cannot access our data, then they should not be able to alter or steal it, however, this is not the only tool we need.<\/p>\n<p>When controlling access, we need to control both humans and machines. When it comes to access control for humans, we are talking about users, administrators, developers, and customers. While machines are usually less obvious, AWS placed all virtual machines, APIs, applications, servers, routers, and switches into this category.<\/p>\n<p>There are a few critical things that we should be doing with our identities.<\/p>\n<ol>\n<li>Centralize control: When it is decentralized, we often have overlapping permissions, gaps in our control, inconsistent permissions, and the list goes on. Centralized control allows for greater visibility and management. In the cloud, this can be done by an identity provider (IdP), whereas with AWS, you can federate individual AWS accounts using SAML 2.0.<\/li>\n<li>Single sign-on (SSO): If users need access to multiple accounts, then AWS SSO can be utilized. AWS SSO can connect with AWS Organizations to manage accounts with greater ease. You can also connect AWS SSO to your Microsoft Active Directory (AD) environment.<\/li>\n<li>Group users together: If there are many users with similar access needs, it is best to group them together, saving you from managing each individual user.<\/li>\n<li>Strong sign-in procedures: The days of relying on a password to authenticate a user should be long behind us, but unfortunately this is not the case. This needs to change, especially when controlling access to cloud resources. When dealing with users, at a minimum, we need to utilize multi-factor authentication (MFA). However, with machine identities, utilizing temporary credentials with access keys is normal. Frequent rotation of these keys is critical. There are also scenarios where IAM is not used, such as database logins, in which case secrets are used. If using AWS, you can take advantage of AWS Secrets Manager to securely store this information, but always <a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/SSM\/parameters-encrypted.html\" target=\"_blank\" rel=\"noopener\">verify that it is securely storing that information<\/a>.<\/li>\n<li>Permissions management: Once identities are provisioned, you must determine the level of access to grant. There are key security principles to apply here, such as the principle least privilege and need-to-know principle.<\/li>\n<\/ol>\n<p>Protecting the AWS accounts you are managing access to is also critical. This starts with defining guardrails for the organization, which allows configurations with service control policies (SCP) to prevent the deletion of common resources. It is critical to ensure you have the right <a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/Organizations\/\" target=\"_blank\" rel=\"noopener\">configurations within AWS Organizations<\/a>. You can see the many <a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/IAM\/\" target=\"_blank\" rel=\"noopener\">IAM best practices<\/a> on the Trend Micro Cloud One\u2122 \u2013 Conformity Knowledge Base, such as ensuring <a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/IAM\/access-keys-rotated-30-days.html\" target=\"_blank\" rel=\"noopener\">access keys are rotated<\/a>, multi-factor authentication (MFA) is enabled for the AWS root account, and that AWS IAM roles cannot be used by untrusted accounts via cross-account access feature.<\/p>\n<p><span class=\"body-subhead-title\">Misconfiguration detection<\/span><\/p>\n<p>As previously mentioned, it is critical to know when an incident occurs. Without knowing, it is impossible to respond, fix, or correct. If detection takes too long and your response does not mitigate damage early on, you may be faced with higher fines by violating the regulations of GDPR or HIPAA. So, how can this be prevented? With proper configurations and investigations.<\/p>\n<p>Having the proper configuration for your systems to log and alert your network operations center (NOC) or security operations center (SOC) is the first step. AWS offers a variety of tools to build a comprehensive and automated detective environment. These include:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\"><a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/CloudTrail\/\" target=\"_blank\" rel=\"noopener\">AWS CloudTrail<\/a>\u2014creates a record of all account activity.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/Config\/\" target=\"_blank\" rel=\"noopener\">AWS Config<\/a>\u2014provides you with a detailed inventory of your AWS resources and their current configurations.\u202fIt also allows for auto-remediation if actions are taken to change configurations in appropriately.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/GuardDuty\/\" target=\"_blank\" rel=\"noopener\">Amazon GuardDuty<\/a>\u2014Think of this as your guard dog. It will monitor your cloud, looking for malicious activity and unauthorized behavior.<\/span><\/li>\n<li><span class=\"rte-red-bullet\"><a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/SecurityHub\/\" target=\"_blank\" rel=\"noopener\">AWS Security Hub<\/a>\u2014A tool that gathers, organizes, and prioritizes notifications, alerts, and findings from both AWS and third-party products<\/span><\/li>\n<\/ul>\n<p>The challenge is to ensure those products are properly configured. Trend Micro <a href=\"https:\/\/www.trendmicro.com\/en_us\/business\/products\/hybrid-cloud\/cloud-one-conformity.html\">Cloud One\u2122 \u2013 Conformity<\/a> ingests the data from these services and products (along with 90 other AWS and Azure cloud services and resources) and automatically checks for misconfigurations from the Conformity Knowledge Base.<\/p>\n<p><a href=\"https:\/\/www..trendmicro.com\/public-cloud-risk-assessment\/\">Interested in knowing how well-architected you are?<\/a> See your own security posture in 15 minutes or less.<\/p>\n<p>It is critical to have the ability to investigate and respond to incidents. When an incident is detected, there should be a playbook of processes for investigation. This will enable teams to respond effectively to an incident, however, this is just part one, part two is having an automated response configured for certain events.<\/p>\n<p><span class=\"body-subhead-title\">Cloud infrastructure protection<\/span><\/p>\n<p>Infrastructure protection is broken down by AWS into network and compute protection mechanisms. Network protection involves traditional tools such as firewalls and access control lists. Compute protection involves tactics such as code analysis and patching.<\/p>\n<p>Network protection mechanisms start with the traditional security concept of defense in depth. Having a single protection mechanism in front of a resource is not sufficient. As we construct our networks, it is necessary to ensure that logging and alerts are enabled, so responses can be initiated immediately. AWS offers Amazon Virtual Private Cloud (Amazon VPC), which allows for network segmentation and control to create a virtual network where you can specify and configure your IPv4 or IPv6 addresses, as well as decide whether or <a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/VPC\/endpoint-exposed.html\" target=\"_blank\" rel=\"noopener\">not it is accessible from the public internet, among other things<\/a>. It is critical that you get everything setup correctly within Amazon VPC to protect your resources. Conformity has several rules that you can use to manually <a href=\"https:\/\/www.cloudconformity.com\/knowledge-base\/aws\/VPC\/\" target=\"_blank\" rel=\"noopener\">check your own Amazon VPC configuration<\/a>, or if you <a href=\"https:\/\/cloudone.trendmicro.com\/\">start a trial<\/a>, your entire environment will be automatically scanned for misconfigurations.<\/p>\n<p>Compute protection is about the edge computing resources. To start, you\u2019ll want to have tools for code analysis, as clean code is critical to ensuring their aren\u2019t open doors that hackers or their malicious software (malware) can get through. Once applications\/software\/operating systems\/etc. are deployed, updates or patches need to be applied as the flaws or bugs are revealed.<\/p>\n<ul readability=\"7\">\n<b>Other infrastructure protection best practices:<\/b><\/p>\n<li><span class=\"rte-red-bullet\">Harden the system. The Center for Internet Security (CIS) and National Institute of Standards and Technology (NIST) provide useful documentation on configurations that are product specific.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Reduce unused components (applications, software modules, OS packages)<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Automate administrative tasks, using products like AWS Lambda, Amazon Relational Database Service, and Amazon Elastic Container Service (Amazon ECS)<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Validate software integrity by using code signing. Signatures and checksums establish source and integrity of software<\/span><\/li>\n<\/ul>\n<p><span class=\"body-subhead-title\">Data protection<\/span><\/p>\n<p>Protecting data at rest and in transit is essential, using methods such as encryption and classification. Data classification is essential to understanding what data we possess and what needs to be done to protect it appropriately. Data and resources can be tagged so the systems can recognize what kind of resource it is, and then utilize service control policies (SCP) to control access utilizing attribute-based access control.<\/p>\n<p>Cryptography can be used to protect data at rest and in transit. Drives, folders, and buckets can be encrypted while resting on AWS servers. As always, it is critical that configurations are done correctly.. For example, you must ensure that encryption is enabled for Amazon Athena query results, especially since there are multiple ways to configure this, such as server-side encryption (SSE) or client-side encryption (CSE).<\/p>\n<p>When encrypting data in transit, there are many different configuration options as well. It is not as simple as ensuring that Transport Layer Security is enabled. Controlling certificates is critical here, and there are many things to manage with AWS Certificate Manager.<\/p>\n<p>Key management is essential to cryptography for data in transit and at rest. If done properly, compliance with PCI-DSS, GDPR, and other regulations is supported. One choice to consider is a hardware security module (HSM) or tokenization.<\/p>\n<p><span class=\"body-subhead-title\">Incident response<\/span><\/p>\n<p>When an adverse event or incident occurs, correct, efficient, and effective responses are essential.<\/p>\n<ul readability=\"7\">\n<b>Here are the AWS incident response phases:<\/b><\/p>\n<li><span class=\"rte-red-bullet\">Educate\u2014Education for our incident response teams and security operations staff is crucial. If they do not understand the cloud, your services, or available information, they will not be able to respond effectively.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Prepare\u2014Having plans and procedures is critical for effective responses. The teams must understand those plans and know what tools are available to be able to respond.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Simulate\u2014The saying \u201cpractice makes perfect\u201d holds true here. While responses will never be perfect, practice will help to continually improve.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Iterate\u2014Deconstruct the simulations and build automated responses. This allows incident response to start immediately as an incident occurs, rather than waiting for humans to intervene.<\/span><\/li>\n<\/ul>\n<p>As more security breaches hit the news and data protection has become a key focus, meeting this pillar\u2019s standard should always be in mind. Conformity can help you stay compliant to the well-architected framework with its 750+ best practice checks. As mentioned above, if you are <a href=\"https:\/\/www..trendmicro.com\/public-cloud-risk-assessment\/\">interested in knowing how well-architected you are<\/a>, see your own security posture in 15 minutes or less. Learn more by reading the other articles in the series, here are the links: 1)&nbsp;<a href=\"https:\/\/www.trendmicro.com\/en_us\/devops\/20\/l\/well-architected-framework-guide.html\">overview of all 5 pillars<\/a>&nbsp;2)&nbsp;<a href=\"https:\/\/www.trendmicro.com\/en_us\/devops\/20\/l\/achieve-operational-excellence-in-cloud-workload.html\">operational excellence<\/a>&nbsp;3)&nbsp;<a href=\"https:\/\/www.trendmicro.com\/en_us\/devops\/21\/a\/create-efficient-well-architected-cloud-infrastructure.html\">performance efficiency<\/a>&nbsp;4)&nbsp;<a href=\"https:\/\/www.trendmicro.com\/en_us\/devops\/21\/a\/how-to-build-a-reliable-well-architected-framework.html\">reliability<\/a>&nbsp;5)&nbsp;<a href=\"https:\/\/www.trendmicro.com\/en_us\/devops\/21\/b\/leveraging-cost-optimization-for-well-architected-environments.html\">cost optimization.<\/a><\/p>\n<p> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/devops\/20\/l\/build-secure-well-architected-framework-for-cloud-architects.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Explore the Security pillar of the AWS and Azure Well-Architected Framework and be guided through the fundamental security controls that should be addressed when designing, transitioning to, and operating in a cloud environment. Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":43070,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9503,9504,9572,9571,9507],"class_list":["post-43069","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-trend-micro-devops-article","tag-trend-micro-devops-compliance","tag-trend-micro-devops-conformity","tag-trend-micro-devops-how-to","tag-trend-micro-devops-multi-cloud"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Build a Secure Well-Architected Cloud Environment Cloud Advocate 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Build a Secure Well-Architected Cloud Environment Cloud Advocate 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2020-12-21T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/09\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1282\" \/>\n\t<meta property=\"og:image:height\" content=\"700\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"12 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Build a Secure Well-Architected Cloud Environment Cloud Advocate\",\"datePublished\":\"2020-12-21T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/\"},\"wordCount\":2340,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/09\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg\",\"keywords\":[\"Trend Micro DevOps : Article\",\"Trend Micro DevOps : Compliance\",\"Trend Micro DevOps : Conformity\",\"Trend Micro DevOps : How To\",\"Trend Micro DevOps : Multi Cloud\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/\",\"name\":\"Build a Secure Well-Architected Cloud Environment Cloud Advocate 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/09\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg\",\"datePublished\":\"2020-12-21T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/09\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2021\\\/09\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg\",\"width\":1282,\"height\":700},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/build-a-secure-well-architected-cloud-environment-cloud-advocate\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro DevOps : Article\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-devops-article\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Build a Secure Well-Architected Cloud Environment Cloud Advocate\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Build a Secure Well-Architected Cloud Environment Cloud Advocate 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/","og_locale":"en_US","og_type":"article","og_title":"Build a Secure Well-Architected Cloud Environment Cloud Advocate 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2020-12-21T00:00:00+00:00","og_image":[{"width":1282,"height":700,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/09\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg","type":"image\/jpeg"}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"12 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Build a Secure Well-Architected Cloud Environment Cloud Advocate","datePublished":"2020-12-21T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/"},"wordCount":2340,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/09\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg","keywords":["Trend Micro DevOps : Article","Trend Micro DevOps : Compliance","Trend Micro DevOps : Conformity","Trend Micro DevOps : How To","Trend Micro DevOps : Multi Cloud"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/","url":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/","name":"Build a Secure Well-Architected Cloud Environment Cloud Advocate 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/09\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg","datePublished":"2020-12-21T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/09\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2021\/09\/build-a-secure-well-architected-cloud-environment-cloud-advocate.jpg","width":1282,"height":700},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/build-a-secure-well-architected-cloud-environment-cloud-advocate\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro DevOps : Article","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-devops-article\/"},{"@type":"ListItem","position":3,"name":"Build a Secure Well-Architected Cloud Environment Cloud Advocate"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/43069","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=43069"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/43069\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/43070"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=43069"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=43069"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=43069"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}