Introducing New Categories of AWS Security Competency Partners
By Jacob Abbott, WW Team Lead, Partner Security/MSSP – AWS
By Roy Stephan, Global Tech Lead – Partner Security – AWS
By Christin Voytko, APN Launch Manager – AWS
The security landscape continues to evolve, making it a challenge for customers to modernize and stay up to date with use cases and threats. New tools, processes, and frameworks are continuously released, but it can be difficult to figure who, what, or how to utilize these offerings.
The AWS Partner Network (APN) launched the AWS Security Competency to help customers find the right partner to solve a given security use case.
We are excited to expand the AWS Security Competency with eight new categories to help customers find and acquire a range of partner services and software, all of which are validated by Amazon Web Services (AWS) and address a full suite of security use cases.
Each of the Security Competency’s eight new categories are comprised of use cases defined by AWS security experts, such as Zero Trust Network within the infrastructure protection category, to help customers find the specific partner software and/or services offerings for their unique needs. To keep up with the fast pace of the security marketplace, these categories will expand over time with additional use cases.
NEW! AWS Security Competency Categories
The new AWS Security Competency categories are designed for customers to locate a validated partner software offering and corresponding partner services offering to help with deployment, staff training, multi-cloud implementations, hybrid security tools, and automation.
Identity and Access Management
AWS Partners in this category have a proven track record of helping customers define, enforce, and audit permissions across internal and external services, actions, and resources, including AWS accounts.
Use cases: Cloud infrastructure entitlements management (CIEM); identity and verification (IDV); identity governance and administration (IGA); privilege access management (PAM).
Threat Detection and Response
AWS Partners need to demonstrate the ability to spot issues before they impact an account, and act on that knowledge to improve the security posture and reduce the risk profile of their customers.
Use cases: Security operations center; penetration testing; AWS-aware tooling; AWS services and customer configuration; endpoint detection and response (EDR); managed detection and response (MDR), network detection and response (NDR); eXtended threat detection (XDR); security information event monitoring (SIEM); security orchestration, automation, and response (SOAR).
AWS Partners showcase their ability to ensure systems and services within customer workloads are protected against potential vulnerabilities as well as unintended and unauthorized access. For example, you’ll define 1) trust boundaries; 2) system security configuration and maintenance; 3) operating system authentication and authorizations; and 4) other appropriate policy-enforcement points such as web application firewalls and/or API gateways.
Use cases: Distributed denial of service (DDoS); network security policy management (NSPM); cloud access security broker (CASB); secure web gateway (SWG); security services edge (SSE); zero trust network (ZTN); next generation firewall (NGFW).
Data protection focuses on understanding sensitive data in a customer environment and creating controls based on different levels of sensitivity. Controls include encrypting, categorizing, tracking, and tokenizing sensitive data to meet compliance with internal, regional, and industry compliance requirements.
Use cases: Database security (DBSEC), data loss prevention (DLP); Amazon S3 malware scanning (MAL); tokenization and masking (TOKEN); email malware security; email DLP security; keys and secrets management (KEYSEC).
Compliance and Privacy
AWS Partners in this category have a proven track record of helping customers build environments in the cloud that adhere to industry standards, pass internal/external audits regimes, and achieve third-party certification.
Use cases: Cloud workload protection platform (CWPP); cloud security posture management (CSPM); attack surface management; container security configuration scanning.
Application security is focused on helping customers test and protect their code from threats. Protections include performing code reviews, penetration testing, and mitigation of findings. AWS Partners also implement secure application environments for customers. Areas where these partner activities help include finding bugs in code, outlining secure software development practices, advising customers on choosing the appropriate encryption library, and assessing the permissions of their Amazon S3 bucket policies.
Use cases: Web application firewall (WAF); application testing; static code analysis; runtime application and self-protection (RASP); vulnerability management.
Partners who help customers implement and manage AWS Shield Advanced to protect AWS resources such as Elastic IP, Elastic Load Balancing, Amazon CloudFront, AWS Global Accelerator, and Amazon Route 53 from application threats like distributed denial of services (DDoS), SQL injection, and cross-site scripting. These partners operate 24/7 security operations centers (SOCs), which support configuring, maintaining, monitoring, and troubleshooting AWS workloads to ensure application availability and performance.
Use cases: Security operations center (SOC); distributed request handling; custom edge rules; secure content delivery; layered edge services defense; investigation policies; security information event management (SIEM); edge management.
AWS Partners in this category demonstrate broad and deep knowledge across the core categories, which are identity and access management, threat detection and response, infrastructure protection, data protection, compliance and privacy, and application security categories. Partners in this category will be provided certification in all of these core categories.
Usecases: SOC implementation and incident response; business continuity (BC); ransomware protection; software composition analysis (SCA).
AWS Security Competency Launch Partners
We invite you to explore the following Security Partner offerings recommended by AWS:
- Accenture | AABG Security Services and Solutions on AWS (Threat Detection and Response)
- Alert Logic | Alert Logic MDR Professional (Threat Detection and Response)
- Aqua Security | Aqua Platform SaaS Edition (Compliance and Privacy)
- Barracuda Networks | Barracuda CloudGen WAF (Application Security; Infrastructure Protection)
- Blazeclan Technologies | cSecure – Blazeclan’s Cloud Security Framework (Identity and Access Management)
- Check Point Software Technologies | CloudGuard Network Security (Infrastructure Protection)
- Cisco Systems | Cisco ISE – Identity Services Engine 3.1 (Infrastructure Protection)
- Criptonube – Myappsoftware | Criptonube-Myappsoftware Security Experts (Identity and Access Management)
- CrowdStrike | Falcon Cloud Workload Protection (Threat Detection and Response)
- Deloitte | Deloitte Cyber Risk Services for AWS (Identity and Access Management)
- Devo | The Devo Platform (Threat Detection and Response)
- DuploCloud | DuploCloud – Automated Cloud Provisioning (Compliance and Privacy)
- DXC Technology | DXC Technology AWS Specialization (Identity and Access Management)
- Ermetic | Cloud Infrastructure Entitlement Management (CIEM) (Identity and Access Management)
- Escala24X7 | AWS Security Consulting Services (Identity and Access Management)
- Fortinet | FortiGate for AWS (Infrastructure Protection)
- Globant | Globant AWS Security Competency (Application Security)
- GuidePoint Security | AWS Cloud Security Professional Services (Compliance and Privacy)
- Ibexlabs | Security and Compliance (Identity and Access Management)
- IBM | Application Security Consulting (Application Security; Data Protection; Threat Detection and Response)
- IBM Software and Technology | IBM Security QRadar SIEM (Threat Detection and Response)
- InfusionPoints | XccelerATOr (Threat Detection and Response)
- Lacework | Lacework Cloud Security Platform (Compliance and Privacy)
- Logz.io | Logz.io Enterprise SaaS (Threat Detection and Response)
- OPSWAT | MetaDefender Core (Data Protection)
- Orca Security | Orca Cloud Security Platform (Application Security)
- Palo Alto Networks | VM-Series on AWS (Infrastructure Protection)
- Presidio | Presidio AWS Security Solutions (Application Security)
- Rapid7 | InsightIDR (Threat Detection and Response)
- SailPoint Technologies | SailPoint IdentityNow (Identity and Access Management)
- SentinelOne | SentinelOne (Threat Detection and Response)
- Sophos | Sophos Cloud Optix (Compliance and Privacy)
- Splunk | Splunk Cloud (Threat Detection and Response)
- stackArmor | ThreatAlert ATO Acceleration (Compliance and Privacy; Perimeter Protection)
- Sumo Logic | Cloud SIEM (Threat Detection and Response)
- Sysdig | Sysdig Secure DevOps Platform (Compliance and Privacy; Identity and Access Management; Threat Detection and Response)
- Tameshi | Security on AWS (Identity and Access Management)
- Tanium | Tanium Cloud (Threat Detection and Response)
- Tata Consultancy Services (TCS) | TCS Security Assessment (Compliance and Privacy)
- Tenable | Tenable.io (Application Security)
- Trellix (formerly known as McAfee + FireEye) | Detection on Demand (Data Protection)
- Trend Micro | Trend Micro Cloud One (Application Security; Data Protection; Threat Detection and Response)
- T-Systems International | AWS Security Services (Identity and Access Management)
- Veracode | Veracode Application Security Solutions (Application Security)
- Vertical Relevance | Security and Compliance Specialization (Application Security; Compliance and Privacy)
- Wipro | Cybersecurity and Risk Services (Application Security; Infrastructure Protection)
- Wiz | WIZ SaaS Solution (Compliance and Privacy)
- Zscaler | Zscaler Cloud Security – Internet and Private Access (Infrastructure Protection)
Customers: Procure Security Software and Services
AWS Security Competency Partners have deep technical expertise with security in AWS and proven customer success securing the cloud journey with their software and services offerings. We invite you to find validated offerings from AWS Security Competency Partners.
Partners: How to Join the AWS Security Competency Program
Joining the AWS Security Competency Program helps your organization differentiate and accelerate your AWS security business. Get started by reviewing the AWS Security Competency Validation Checklist (Services | Software) (login required) which provides the criteria necessary to achieve this AWS Competency designation.