/tags/security/ Recent content in Security on FivexL. Cloud Engineering Specialists Hugo en-us info@fivexl.io (FivexL) info@fivexl.io (FivexL) Mon, 04 May 2026 00:00:00 +0000 /blog/just-in-time-access-aws/ Mon, 04 May 2026 00:00:00 +0000info@fivexl.io (FivexL) /blog/just-in-time-access-aws/ <p>You have logs. You do not have proof.</p> <p>That is the gap most startups in regulated industries like healthcare or fintech discover during their first HIPAA or SOC 2 audit. The IAM policies are there. The roles are configured. Permissions are restricted. But when an auditor asks &ldquo;who had access to this system on March 12th, and what did they do?&rdquo; the answer involves digging through months of logs trying to reconstruct a timeline that was never recorded in the first place.</p> <p>A failed audit does not just cost time. It costs the partnership or enterprise contract that required it.</p> <p>This is the problem just-in-time access solves - and it is simpler than it sounds.</p> /blog/from-leadership-values-to-security/ Tue, 24 Mar 2026 00:00:00 +0000info@fivexl.io (FivexL) /blog/from-leadership-values-to-security/ <p>In a recent webinar, <a href="https://www.linkedin.com/in/rustyatkinson/">Rusty Atkinson</a>, SVP, Technology at Clearway Health, joined FivexL&rsquo;s <a href="https://fivexl.io/specialist/andrey-devyatkin/">Andrey Devyatkin</a>, Co-Founder and Principal Cloud Engineering Consultant, and <a href="https://fivexl.io/specialist/guilherme-ferreira/">Guilherme Ferreira</a>, Senior Cloud Engineering Consultant, to discuss a question that matters to every company operating under regulatory pressure: how do leadership values actually turn into secure, audit-ready architecture when deadlines hit?</p> <p>FivexL has worked closely with Clearway Health on building their HIPAA-compliant AWS infrastructure - so this was not a theoretical discussion. Rusty brought the leadership and culture perspective; Andrey and Guilherme brought the architecture and engineering depth. The session connected principles like integrity, clarity, and courage to the operational choices that make security real: least-privilege access, clear tenant boundaries, traceable change management, and HIPAA-aligned evidence practices.</p> <p>When Guilherme asked Rusty directly how he saw the FivexL partnership, Rusty&rsquo;s answer was blunt: <em>&ldquo;In my career, I never had a vendor that I trusted more. You presented to me something that resonated immediately as the answer to the question that I didn&rsquo;t ask - how do you build it when the non-negotiable is security and privacy, when you don&rsquo;t have an army of engineers, and you&rsquo;re running fast? You answered that question before I even asked it.&rdquo;</em></p> <p>That trust - between people, between teams, between an organisation and its infrastructure - was the thread running through the entire conversation.</p> /case-studies/neverless-case-study/ Fri, 13 Feb 2026 00:00:00 +0000info@fivexl.io (FivexL) /case-studies/neverless-case-study/ FivexL delivered a secure, production-ready AWS foundation for a London fintech company expanding beyond Google Cloud. /blog/aws-news-you-can-use-2026/ Thu, 12 Feb 2026 00:00:00 +0000info@fivexl.io (FivexL) /blog/aws-news-you-can-use-2026/ <p>AWS ships fast. At AWS re:Invent 2025, AWS made 500+ announcements. Most teams don’t have time to read every release - but we did.</p> <p>We did it for one reason: to stay on top of the technology (and help you do the same). Below is our shortlist of AWS updates worth adopting in 2026 if you want to stay ahead of the competition.</p> <p>These updates help you lower the chance of security incidents, make audits less painful, and remove day-to-day operational friction. Here’s what you can do now to tighten security and compliance.</p> /blog/mvp-on-aws-part-3/ Tue, 16 Dec 2025 00:00:00 +0000info@fivexl.io (FivexL) /blog/mvp-on-aws-part-3/ <p>A lot of MVP teams pick PostgreSQL because it&rsquo;s familiar, powerful, and boring in the best way. Then they open the AWS console, click through defaults, and accidentally create a database that&rsquo;s hard to secure, annoying to operate, and painful to make audit-friendly later.</p> <p>In our work with startups, this is one of the most common patterns: the product ships fast, the first customers arrive… and suddenly you need tighter security, better logging, sane network boundaries, and fewer &ldquo;who created this?&rdquo; mysteries.</p> /blog/mvp-on-aws-part-1/ Thu, 13 Nov 2025 00:00:00 +0000info@fivexl.io (FivexL) /blog/mvp-on-aws-part-1/ <p>If you&rsquo;re building an MVP on AWS - especially in healthcare or fintech - the account setup decisions you make in week one will determine how easy or hard your first audit is. This guide covers the minimum viable AWS foundation: the security, cost, and compliance controls that every startup needs before deploying anything. If you&rsquo;re in a regulated industry, there&rsquo;s a specific section at the end on what HIPAA readiness adds to this baseline.</p> /blog/aws_acm_certificate/ Wed, 19 Feb 2025 00:00:00 +0000info@fivexl.io (FivexL) /blog/aws_acm_certificate/ Encountering the “Invalid for_each argument” and “UnsupportedCertificate” errors when configuring AWS ACM certificates via Terraform is surprisingly common. By removing dynamic for_each logic based on unknown attributes and using the aws_acm_certificate_validation resource to wait for certificate issuance, you can sidestep these pitfalls and ensure successful integration with resources like ELB listeners. /blog/container-hardening-guide/ Thu, 15 Feb 2024 00:00:00 +0000info@fivexl.io (FivexL) /blog/container-hardening-guide/ Comprehensive and continuously updated list of best practices for securing containerized workloads. From build to execution. /case-studies/firi-case-study/ Thu, 16 Mar 2023 00:00:00 +0000info@fivexl.io (FivexL) /case-studies/firi-case-study/ FivexL rebuilt and migrated infrastructure to AWS Elastic Container Service for the Norwegian cryptocurrency exchange. /blog/lprobe/ Mon, 16 Jan 2023 00:00:00 +0000info@fivexl.io (FivexL) /blog/lprobe/ Find out how to securely conduct a local health check without wget, curl, or your proprietary code. LProbe is a reliable open-source solution. /case-studies/qameta-case-study/ Mon, 14 Nov 2022 00:00:00 +0000info@fivexl.io (FivexL) /case-studies/qameta-case-study/ FivexL designed and implemented a cost-efficient, scalable, and secure Cloud-based SaaS. /case-studies/ovrture-case-study/ Wed, 12 Oct 2022 00:00:00 +0000info@fivexl.io (FivexL) /case-studies/ovrture-case-study/ FivexL implemented infrastructure as code, reduced costs, and provided the ability to scale for a philanthropic communications platform. /blog/fivexl-reaction/ Thu, 22 Sep 2022 00:00:00 +0000info@fivexl.io (FivexL) /blog/fivexl-reaction/ FivexL shares its outlook on AWS Security Guidelines for startups. Find out how to improve your AWS security efficiently. /blog/security-basics-in-aws/ Wed, 24 Aug 2022 00:00:00 +0000info@fivexl.io (FivexL) /blog/security-basics-in-aws/ Security Manual for Startups: How To Secure Your AWS Account in Several Steps /blog/vault/ Fri, 22 Jul 2022 00:00:00 +0000info@fivexl.io (FivexL) /blog/vault/ Security basics in AWS or how to get rid of hardcoded credential and reduce data leakage risks with aws-vault.