AWS Partner Network (APN) Blog

Category: Security, Identity, & Compliance

Zscaler-AWS-Partners

How to Securely Access Amazon Virtual Private Clouds Using Zscaler Private Access

When you are migrating private applications to AWS, how your users and administrators will access them needs to be considered. VPNs do not provide the granular control desired by a Zero Trust approach, as users have access to any resource on the network and not just specific resources they are granted access to. Learn how you can implement a Zero Trust approach to access applications hosted on AWS using Zscaler Private Access (ZPA).

Quick Starts_featured-2

Building Foundational Security and Compliance Capabilities in 10 Minutes with the CIS AWS Quick Start

The Center for Internet Security (CIS) Benchmark on AWS Quick Start helps you to make securing and monitoring resources easier to implement and understand. The Quick Start was developed by Accenture, an APN Premier Partner and Managed Service Provider (MSP) with the AWS Security Competency. We also created a new video offering step-by-step best practice guidance on how to deploy the CIS Benchmark Quick Start and build foundational security capabilities into your account, in just 10 minutes.

How to Integrate AWS Security Hub Custom Actions with PagerDuty

AWS Security Hub is a great way to get visibility into your security profile for all your AWS accounts. PagerDuty gives you the ability to display, triage, and investigate events within your organization. When used together, Security Hub and PagerDuty gives you the ability to have full visibility and response to the security events happening in your AWS accounts. I invite you to explore PagerDuty and Security Hub further and see what you can do to build out your own integrations.

Alert Logic_AWS Solutions

7 Key Best Practices for Cloud Security from Alert Logic

Cyber-attacks are going to happen; vulnerabilities and exploits are going to be identified. Having a solid security-in-depth strategy, coupled with the right tools and people that understand how to respond, will put your company in stronger position to minimize exposure and risk. AWS has security-in-depth strategies for their global infrastructure that cover processes, people, and technology that protect the physical and foundational layers of their offering.

Security Hub-1

How to Enable Custom Actions in AWS Security Hub

AWS Security Hub’s Custom Actions allow you to initiate responsive actions against findings selected through the console. Your workflow benefits from these defined actions, reducing the dwell time to investigate and remediate findings in Security Hub. We introduce the process of creating Custom Actions with two examples: (1) sending findings to email; and 2) sending findings to Slack. This post will help you understand the process to create your own Custom Actions for utilization in Security Operations playbooks.

AWS Security

Automating Remediation of Amazon GuardDuty Findings with Dome9 CloudBots

Dome9’s integration with Amazon GuardDuty brings to the table a way of surfacing security findings, providing context and creating automated remediations. Users that identify a finding can look through their Dome9 console and pinpoint the exact instance, VPC, and security group associated with it. This helps customers identify the compromised instance, as well as potential instances that may have a similar posture, thereby allowing you to mitigate the risk before exposure.

Security Orchestration with Symantec Cloud Workload Protection and AWS Systems Manager

Symantec is an AWS Security Competency Partner that has integrated Amazon’s SSM Agent with their cloud-native Symantec Cloud Workload Protection (CWP) solution, which automates core security controls for AWS workloads, enabling business agility, risk reduction, and cost savings for organizations, while easing DevOps and administrative burdens. Customers can now deploy the CWP agent directly from the CWP console or just use a simple REST API call.

Alert Logic_AWS Solutions

Preventing Security Fires with Amazon GuardDuty and Alert Logic Cloud Insight Essentials

Cloud Insight Essentials is an Alert Logic solution available in AWS Marketplace. It is a vulnerability assessment solution allowing customers to find risky configurations that go against AWS Security Best Practices. The solution does this by analyzing AWS APIs and scanning AWS CloudTrail events looking for unsafe configurations. Cloud Insight Essentials also provides security context for the complete list of Amazon GuardDuty findings so customers can take short- and long-term actions to reduce potential security threats.

GuardiCore_AWS Solutions

Evaluate Network Security with GuardiCore’s Infection Monkey—a Breach and Attack Simulation Tool

Ensuring that proper security measures are in place calls for robust security testing mechanisms. GuardiCore’s Infection Monkey is an open source Breach and Attack Simulation (BAS) tool that tests and evaluates the effectiveness of your network security configurations during post-breach attacks. You can simulate a breach by “infecting” a server with a “Monkey” that runs around your network using various methods to enter propagation paths and attacks each point of vulnerability it discovers.

GDPR

How AWS Supports Customers and APN Partners on the Journey to GDPR Compliance

Since AWS has announced that all our services comply with the General Data Protection Regulation (GDPR), we wanted to explore some of the ways AWS can help you on your road to compliance. In this post, we walk through the support AWS offers across the APN as well as the AWS Premium Support and AWS Professional Services organizations. We explain how these teams are working with customers and APN Partners in Europe and around the world to support them with questions related to GDPR and AWS.