AWS Partner Network (APN) Blog

Category: Security

Aqua-AWS-Partners

Deploying DevSecOps on Amazon EKS with Aqua Security — Part 1

Customers running their microservices-based applications on Amazon EKS come to Aqua Security looking for guidance about architecting end-to-end CI/CD pipelines using DevSecOps principles. Sometimes called security as code, DevSecOps integrates security best practices into a DevOps pipeline instead of bolting them on at the end. Aqua Security has formulated a security portfolio that provides coverage throughout the application development lifecycle while also securing the underlying infrastructure.

How to Deploy a Rapid7 InsightVM Scan Engine for AWS Graviton2-Based EC2 Instances

With the recent launch of Amazon EC2 M6g instances, the new instances powered by AWS Graviton2 Arm-based processors deliver up to 40 percent better price and performance over the x86-based current generation M5 instances. At Rapid7, an AWS Security Competency Partner, thousands of customers use InsightVM scan engine to assess their EC2 instances for vulnerabilities. Learn how to deploy the InsightVM scan engine in an AWS Graviton2-based environment.

TCS-AWS-Partners-1

How TCS Cloud Exponence Monitors Security and Compliance Across AWS Accounts

The move to primarily cloud-based operations has pushed enterprises to prioritize digital security mechanisms and regulatory compliance controls to safeguard weaknesses and reduce effects of an attack. TCS Cloud Exponence is a multi-cloud operations solution with a focus on a range of critical security operations such as cloud perimeter monitoring, patch management, vulnerability assessment, compliance monitoring, alerting, and reporting.

Capgemini-AWS-Partners

Developing Payment Card Industry Compliant Solutions on AWS to Protect Customer Data

Financial institutions possess and process data that are very sensitive and have immense business value. In recent years, regulations like open banking and data residency law have forced organizations to be even more adaptive to frequent challenges to systems storing and processing the data. Explore how Capgemini developed an application to address this customer challenge and learn how the approach helped worldwide credit card provider comply with PCI DSS security standards.

Managing Red Hat Enterprise Linux Systems on AWS with Red Hat Insights

Red Hat Insights helps you manage Red Hat Enterprise Linux (RHEL) Systems on AWS by analyzing physical, virtual, container, and hybrid private and public cloud environments, comparing them to more than 1,000 rules. These rules identify potential threats that could lead to business disruptions. Insights scans your environments daily, summarizes any identified risks in its dashboard, and provides remediation steps for those risks.

Cloud Conformity_AWS Solutions

How to Add Security and Compliance Auto-Remediation with the Cloud Conformity Platform

Automation is becoming more and more critical to organizations needing to manage and govern cloud infrastructure. Cloud Conformity’s auto-remediation tool helps to alleviate security and compliance concerns by using AWS Lambda to fix any non-compliant resources within your AWS account. Cloud Conformity is an assurance and governance tool that continuously monitors one or more AWS services based on AWS Well-Architected best practices.

Microchip_AWS Solutions

Implementing Secure Authentication with AWS IoT and Microchip’s Trust Platform

The ultimate potential of IoT will only be achieved if the security of such a vastly powerful and complex system can be maintained. Doing so requires security implementations to be simple and mainstream. Microchip Technology is a leading provider of microcontroller and analog semiconductors, providing low-risk product development, lower total system cost, and faster time to market for thousands of diverse customer applications worldwide.

WhiteSource_AWS Solutions

How to Bake Open Source Security into Your AWS CodeBuild Pipeline

Managing open source vulnerabilities can be challenging, especially at scale in a fast-moving continuous integration pipeline. Developers and DevOps professionals depend on CI pipeline tools like AWS CodeBuild to help them develop and test software at a breakneck pace, pushing out new software with greater efficiency and flexibility. In this post, learn how to integrate WhiteSource into CodeBuild pipeline to fuse open source security into existing build processes without having to compromise on speed or agility.

HashiCorp_AWS Solutions

How to Secure Enterprise Cloud Environments with AWS and HashiCorp

Security isn’t always top of mind for developers because it can slow down software releases. HashiCorp Vault helps eliminate much of the security burden developers experience while trying to comply with security team requirements. Vault was built to address the difficult task of passing sensitive data to users and applications without it being compromised. Within Vault, all transactions are token-based, which limits potential malicious activity, and provides greater visibility into whom and what is accessing that information.

AWS Security

Closed Loop Security and Compliance Helps You Safely Migrate to and Expand AWS Usage

DevOps staff in many organizations are one misconfiguration away from compromising their AWS resources to attackers as they migrate to and grow their adoption of existing and new AWS services. In this post, AWS Security Partner Cavirin proposes “Closed Loop Security” based on unifying proactive and reactive risk signals as a key strategy for DevOps staff to protect their AWS infrastructure from misconfigurations and vulnerabilities.