> Connections to your infrastructure and non-public properties (hosted CIs, admi... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		paulddraper on May 30, 2019 \| parent \| context \| favorite \| on: SaaS CTO Security Checklist > Connections to your infrastructure and non-public properties (hosted CIs, admin interfaces, databases etc.) should only be accessible through a bounce host (in a VPC, behind a bastion host or VPN, etc.). How valuable is this? I see articles for [1] and against [2] this practice. And not a lot of interest in the subject from security SE. [3] [1] https://cloudacademy.com/blog/aws-bastion-host-nat-instances... [2] https://medium.com/@henriksylvesterpedersen/you-dont-need-th... [3] https://security.stackexchange.com/questions/194024/should-i...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact