Now that you have chosen to manage your business on the cloud you will have to ask yourself how to protect the integrity of your information. AWS has a variety of tools to help you with things like enforcement, visibility and the management of your applications and data. Let’s take a look at some of the key security applications that are being offered today.
A monitoring and observability service for Development Operations, developers, site reliability engineers (SREs), and IT managers. From here you will be able to monitor your applications by viewing operational data in several different metrics. This allows you to view to detect anomalies, respond to changes, set alarms or troubleshoot and take action if need be.
A threat detection service that continually monitors for unauthorized behavior and activity. With this tool, you will save valuable time that could be spent by security teams who would analyze logs for any security threats. When coupled with CloudWatch, you will be able to put into action any events or alerts that are needed.
A fully managed data security and data privacy service that uses machine learning and pattern matching to discover and protect your sensitive data. Managing large amounts of data can be tedious and time consuming. Macie automates this process based on how you configure your data. You will be alerted when sensitive data is discovered and when coupled with CloudWatch you will be able to take any necessary action.
Web Application Firewall helps protect your web applications or APIs against common exploits that may compromise your security or harness your application and consume excessive resources. WAF allows you to control who is able to reach your application and set up blocks or filters for common patterns of attack. Or you can take advantage of the pre-configured rules that are managed by AWS.
A managed Distributed Denial of Service (DDoS) protection. Shield safeguards your applications from downtime and inactivity. There are two levels of service available, standard and advanced. All customers are protected with the standard level of Shield that guards your application from the most common DDos attacks. Shield advanced will protect your applications running on Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing (ELB), Amazon CloudFront, AWS Global Accelerator and Amazon Route 53 resources. This level of protection also provides advanced detection and mitigation against large and sophisticated DDoS attacks with almost real-time visibility into these attacks. When integrated with WAF you will also have 24x7 access to the AWS DDoS Response Team (DRT)
ISG Grizzly Shield Security Services
We take an easy three step approach to helping organizations Secure their AWS environment:
Pinpoint – Understand the level of maturity your security program has achieved and the possible gaps that may be present.
Jump Start – Develop Project plan/Roadmap for initiatives required to bring your Organization to the point where 24 X 7 monitoring can be leveraged, and data consumed by an MSP or internal staff or a combination of the two.
Monitoring, Training, and Ongoing Management – 24 X 7 monitoring and alerting based on defined SLAs.