Category: Security, Identity, & Compliance

Cyber-attacks are going to happen; vulnerabilities and exploits are going to be identified. Having a solid security-in-depth strategy, coupled with the right tools and people that understand how to respond, will put your company in stronger position to minimize exposure and risk. AWS has security-in-depth strategies for their global infrastructure that cover processes, people, and technology that protect the physical and foundational layers of their offering.

AWS Security Hub’s Custom Actions allow you to initiate responsive actions against findings selected through the console. Your workflow benefits from these defined actions, reducing the dwell time to investigate and remediate findings in Security Hub. We introduce the process of creating Custom Actions with two examples: (1) sending findings to email; and 2) sending findings to Slack. This post will help you understand the process to create your own Custom Actions for utilization in Security Operations playbooks.

Dome9’s integration with Amazon GuardDuty brings to the table a way of surfacing security findings, providing context and creating automated remediations. Users that identify a finding can look through their Dome9 console and pinpoint the exact instance, VPC, and security group associated with it. This helps customers identify the compromised instance, as well as potential instances that may have a similar posture, thereby allowing you to mitigate the risk before exposure.

Symantec is an AWS Security Competency Partner that has integrated Amazon’s SSM Agent with their cloud-native Symantec Cloud Workload Protection (CWP) solution, which automates core security controls for AWS workloads, enabling business agility, risk reduction, and cost savings for organizations, while easing DevOps and administrative burdens. Customers can now deploy the CWP agent directly from the CWP console or just use a simple REST API call.

Cloud Insight Essentials is an Alert Logic solution available in AWS Marketplace. It is a vulnerability assessment solution allowing customers to find risky configurations that go against AWS Security Best Practices. The solution does this by analyzing AWS APIs and scanning AWS CloudTrail events looking for unsafe configurations. Cloud Insight Essentials also provides security context for the complete list of Amazon GuardDuty findings so customers can take short- and long-term actions to reduce potential security threats.

Ensuring that proper security measures are in place calls for robust security testing mechanisms. GuardiCore’s Infection Monkey is an open source Breach and Attack Simulation (BAS) tool that tests and evaluates the effectiveness of your network security configurations during post-breach attacks. You can simulate a breach by “infecting” a server with a “Monkey” that runs around your network using various methods to enter propagation paths and attacks each point of vulnerability it discovers.

Since AWS has announced that all our services comply with the General Data Protection Regulation (GDPR), we wanted to explore some of the ways AWS can help you on your road to compliance. In this post, we walk through the support AWS offers across the APN as well as the AWS Premium Support and AWS Professional Services organizations. We explain how these teams are working with customers and APN Partners in Europe and around the world to support them with questions related to GDPR and AWS.

Data security is a concern for all enterprises and HashiCorp’s Vault Enterprise helps you achieve strong data security and scalability. Vault is a trusted secrets management tool designed to enable collaboration and governance across organizations. It enables developers, operators, and security professionals to deploy applications in zero-trust environments across public and private datacenters. Through a unified API and AWS integration, Vault can be integrated into your development at any stage.

AWS Solution Space allows AWS Competency Partners to showcase customer-ready solutions based on architectures validated by AWS. These are quick, cost effective, repeatable solutions meant to create new business leading to production workloads. Customers can also request AWS support for launching each solution. At launch, we are featuring 10 customer-ready solutions: 5 for Big Data, 3 for Machine Learning, one for Security, and one for End User Computing.

Cadence Design Systems, Inc. selected Dome9 Security, an APN Advanced Technology Partner, to provide network security management and automated compliance. The Dome9 Arc platform has a deep visualization tool, Dome9 Clarity, which provides a granular view of customers’ AWS Cloud assets. Dome9’s efforts provide Cadence with many benefits, including lower costs and accelerated time-to-market for products.