Category: Security, Identity, & Compliance

Integrating security scanning into infrastructure as code (IaC) allows detecting misconfigurations early in development. This post explores using the KICS plugin from Checkmarx with AWS CDK. Learn how KICS performs static code analysis to find vulnerabilities and compliance issues in IaC and scans the CDK code to report findings, failing the command for high-severity issues. This shifts security left, mitigating risks in deployed infrastructure.

Enterprise cloud adoption enables scalability but can introduce security and compliance challenges from decentralized builders and disparate growth. Accenture’s Secure Cloud Foundation on AWS provides a well-defined, automated account provisioning process with guardrails to enable secure and streamlined self-service innovation across teams. It establishes robust cloud foundations to automate security and break organizational barriers for accountability and outcomes.

Achieving FedRAMP authorization is critical for cloud service providers serving government agencies. Orca Security’s cloud-native platform on AWS provides comprehensive coverage to help companies navigate the complexities of FedRAMP. By determining impact levels, deploying in FedRAMP-compliant AWS regions, leveraging approved services, implementing security controls, preparing for authorization, and enabling continuous monitoring, Orca and AWS streamline the journey to FedRAMP compliance.

AWS Backup simplifies policy-based data protection at scale, and observability offers insights into the backup process for monitoring, issue detection, troubleshooting, and optimization. This ensures backup dependability, efficiency, and security. CloudQuery enables managing and visualizing AWS Backup across accounts, including backup health, configuration, and protected resources to facilitate building a robust compliance posture.

Symmetry Systems DataGuard is a data security posture management solution to enhance protection of sensitive data in AWS environments. It seamlessly integrates with AWS services to discover where sensitive data resides, map permissions, and identify risks—all without extracting data. Overall, the combination of AWS security services and Symmetry Systems DataGuard enables organizations to securely unlock the full potential of the cloud.

As systems generate increasing data, making sense of it is critical. Application logs are unique and not standardized. Leidos addresses logging issues using the Open Cybersecurity Schema Framework (OCSF) and Amazon Security Lake via the Leidos OCSF Integration Suite (LOIS), which bridges applications to generate OCSF-compliant messages and ingest them into Amazon Security Lake for analysis and visualization.

Marriott’s CISO Arno Van Der Walt manages cybersecurity through a “human-centered, data-driven, technology-enabled” approach aimed at making security frictionless. Critical partnerships with AWS, Deloitte, and Palo Alto Networks leverage AI/ML to share threat data and empower “impossible” autonomous security. Together, their tri-party services provide an end-to-end platform unifying business and security data to detect threats and enable quick response.

As online commerce grows, so do opportunities for fraud. Businesses lose billions annually to bots and attacks like scraping and payment fraud, making effective and scalable protection essential. DataDome provides accurate, real-time detection and mitigation without compromising user experience. By deploying globally on AWS and optimizing performance, DataDome achieves sub-millisecond response times to inspect every request while minimizing false positives.

Uptycs and AWS Systems Manager integration provides automated, consistent deployment of Uptycs sensors across Amazon EC2 instances. This enhances security by ensuring full coverage, reducing misconfigurations, and streamlining management. Uptycs is an AWS Specialization Partner offering cloud-native application protection and endpoint detection and response. The integration leverages AWS Systems Manager’s capabilities for centralized instance management.

Cisco Multicloud Defense is a highly scalable, on-demand as-a-service solution that provides cloud-native and flexible security to your multicloud infrastructure. It unifies security controls across cloud environments, protects workloads from multiple directions, and drives operational efficiency with automation and orchestration of cloud-native constructs. Cisco Multicloud Defense consists of two major components: Multicloud Defense Controller and Cisco Multicloud Defense Gateway.