AWS Partner Network (APN) Blog

Category: Security

Infosys-AWS-Partners

Automate Your AWS DevOps Validation Pipeline with the Infosys Cloud Infrastructure Validation Solution

An often-overlooked aspect of migration is the configuration checks on the underlying cloud infrastructure. In order to make sure the foundational infrastructure is safe, secure and compliant, there’s a need to validate the cloud configuration early in the migration cycle. Infosys has developed an innovative automation solution that addresses the need for secure configuration reviews, while ensuring agility and reliability through the migration journey.

Read More
Security-10

How to Mitigate Security and Privacy Resistance in Secure Data Migrations

One of the first steps for organizations adopting AWS is migrating data from an on-premises environment or existing cloud to AWS. Many legal and regulatory requirements make it imperative to know the cause and reason for collection, storage, and usage of data, as well as the exact physical location of the data. Learn how Dataguise, a PKWARE company, helps organizations minimize risk and cost during the data migration process.

Read More
Radware-AWS-Partners

How Radware CNP Uses Amazon Route 53 Query Logging for Threat Detection

AWS recently launched a new feature as part of its Amazon Route 53 service, called Route 53 Resolver Query Logging. This new service enables organizations to retrieve logs of their Domain Name System (DNS) queries originating from resources within their VPCs. Learn how these logs can be analyzed as part of the Radware Cloud Native Protector Service (CNP), which provides a range of fully managed, enterprise-grade cloud security solutions to protect applications running in public clouds.

Read More
Sysdig-AWS-Partners

Unifying Threat Detection for Cloud and Containers to Reduce Risk Using Sysdig

Implementing effective threat detection for applications in the cloud requires visibility into all aspects of your infrastructure and workloads. By taking advantage of AWS services, you’re freed to focus on the applications that drive your business. Security in the cloud is a shared responsibility between AWS and the customer, however, and Sysdig’s cloud security platform helps you follow security best practices and simplify the work of securing your AWS account and workloads.

Read More
Cisco-Stealthwatch-Cloud-AWS-Partners

Cloud Posture and Threat Analytics with Cisco Secure Cloud Analytics

As organizations continue to adopt AWS, their risk footprint increases from both an infrastructure and network perspective as it relates to compliance posturing, configuration risk, and network threats. Explore the integration between AWS and Secure Cloud Analytics, a SaaS-delivered Network Detection (NDR) offering from Cisco that monitors multi-cloud and hybrid environments for threats and policy violations and provides comprehensive visibility for any environment.

Read More
Virtusa-AWS-Partners

Exposing Private APIs Across AWS Accounts Only for Authorized Access Methods

Virtusa recently received a requirement to make an application programming interface (API) accessible across another AWS account. The API was an internal-only API hosted in a private subnet, and could be accessed only from within the network. The requirement also stipulated Virtusa make only a few read-only (Get) methods accessible, and not all the methods from the API. Learn how Virtusa addressed the customer’s challenge by designing a solution that uses Amazon API Gateway with IAM authentication.

Read More

Embracing DevSecOps: Building Security into Cloud-Native Development Workflows

Automation and integration are critical to producing applications with fewer flaws at a speed that won’t slow developers down. However, this is only possible with a well-planned DevSecOps program and the right tools embedded into your software development lifecycle. Dig into the importance of the digital shift and how you can implement DevSecOps into existing workflows with the combined control of Veracode’s scanning tools and AWS integrations.

Read More
Baffle-AWS-Partners

How to Tokenize and De-Identify Your Data in Amazon RDS with Baffle

Baffle Data Protection Services (DPS) provides a data-centric protection layer allowing customers to tokenize, encrypt, and mask data in Amazon RDS at the column or row level, without any application code modifications while supporting a BYOK or HYOK model. Review the architecture for Baffle DPS, and walk through how to launch and test Baffle DPS from an AWS CloudFormation template with Amazon RDS databases to encrypt data at the column level.

Read More
PwC-AWS-Partners

Approaching Least Privilege – IAM Policies with Usage-Based Analytics

AWS customers are increasingly searching for new ways to manage access in a scalable way that maintains the benefits of an agile DevOps delivery model. However, the traditional and highly-manual processes for assessing and certifying access quickly demonstrates they cannot keep up with the speed of DevOps changes. Learn how PwC designs and implements baseline IAM roles for customers while leveraging usage-based analytics to identify overprivileged roles.

Read More
Bridgecrew-AWS-Partners

Using AWS CodeBuild and Bridgecrew to Prevent Misconfigurations in AWS CloudFormation and Terraform

Scanning for misconfigurations as part of your CI/CD pipeline helps maintain a solid security posture for all changed resources before provisioning them to a running environment. Learn how to integrate infrastructure as code security and compliance scanning using AWS CodeBuild and Bridgecrew, a cloud security platform for developers. Bridgecrew is generally used to find security misconfigurations and policy violations across Amazon Web Services (AWS) and in configuration frameworks.

Read More