Prioritizing security ops in the cloud: overview of an AWS and SANS Institute educational webinar

Security practitioners designing and implementing solutions on Amazon Web Services (AWS) have a breadth of AWS services and third-party Independent Software Vendor (ISV) security solutions to help them customize and control security. AWS services can help you enable relevant controls for key security use cases and lay the foundation for a stronger overall security posture. If you’re considering using a framework such as the NIST CSF, NIST Cybersecurity Framework: Aligning to the NIST CSF in the AWS Cloud shows you how to use AWS services to provide risk-based, outcome-focused guidance to inform your foundational security activities in the cloud. There are also AWS Quick Starts, accelerators built by AWS solutions architects and partners, which can help you implement NIST, FedRAMP, HIPAA, and PCI on AWS.

ISV’s provide a broad selection of security solutions in AWS Marketplace, a curated digital software catalog where security practitioners can find, try, buy, deploy, and manage software that runs on AWS. AWS Marketplace brings you hundreds of ISV security software solutions that are ready to deploy to your environment. These solutions use vendor-built Amazon Machine Images, which are templates that deploy new EC2 instances that contains the OS and software already configured. AWS Marketplace also provides SaaS solutions, AWS WAF rules, and container-based products. AWS Marketplace brings the same consumption-based pricing to these solutions as you experience with other AWS services. In many cases, you can pay for software by the hour, without long-term contracts, and can take advantage of annual pricing for cost savings and even BYOL options.

To help you identify helpful third-party security solutions, AWS Marketplace has joined forces with the SANS Institute to offer a series of practical education sessions and guidance for security practitioners.

The first installment is How to Prioritize Security Ops in the Cloud. There is an accompanying whitepaper titled How to Optimize Security Operations in the Cloud through the Lens of the NIST Framework. In both, SANS outlines how:

• AWS provides an opportunity to significantly reduce security risks through the use of automation, native AWS security services and ISV security products. However, the adoption of cloud services doesn’t eliminate the areas of vulnerability exploited in on-premises environments.
• The NIST CSF is an ideal starting point for putting security controls in action. This helps you move from addressing due- diligence security and compliance needs in the cloud to achieving advanced capabilities.
• Across all five functions of the NIST CSF, security practitioners can extend the types of third-party solutions that they’re using on-premises or implement new tools to run in the cloud.
• Running common security tools across the cloud and on-premises is key to maintaining effectiveness and doing it efficiently without requiring new staffing or resources.
• The automation possible with AWS services APIs helps you improve your security through discovery of inventory and events and providing automated responses to incidents.
• You can make big gains by encrypting stored data, which can be easier to achieve in the cloud with the right approach and toolset.

AWS Marketplace also explains how:

• Understanding how AWS services and third-party solutions in AWS Marketplace work together can help you automate the functions in the NIST CSF.
• Security organizations today are using these combinations to enable key security use cases in AWS, such as governance, risk, and compliance; security visibility; and endpoint detection and response.
• AWS Marketplace makes it quick and easy to test and evaluate third-party solutions with AWS services and other existing technologies so that you can optimize security ops in the cloud.

This is the first of a series of SANS and AWS Marketplace webinars and whitepapers that you can use to inform your security priorities and solutions as your organization moves additional workloads to the cloud. To find out more about each topic in the series, click its link: How to prioritize security ops on AWS, How to automate compliance and risk management for cloud workloads, How to build a security visibility strategy in the cloud, and How to secure a modern web application in AWS.