5 essential tools for improving your game studio’s security awareness

As a game studio, the focus is usually on delivering new features to improve your customers gaming experience. Many studios are small and probably don’t have a security team. Even larger studios might not have a full security practice and and as many resources fully dedicated to security as they would like. Not having enough people dedicated to security can be a risk for an organization because it also means that there will be less voices around the table to oppose de-prioritization of security in the face of crunch and deadlines. Still, security should be a constant priority.

If your opponent is building better swords, maybe you should think about upgrading your defenses. In previous entries, we covered how to:

• Defend your games against DDoS attacks
• Authenticate Players for a Game Backend Service
• Protecting your game against Data Breaches
• Introducing the Ransomware Risk Management on AWS Whitepaper

Today, we will focus on AWS solutions that you can add to your inventory to improve your security preparation and focus on operational excellence:

• Centralized Logging
• Real-Time Insights on AWS Account Activity
• AWS Limit Monitor
• AWS Security Hub
• AWS Security Hub Automated Response and Remediation

Centralized Logging

As a first step, let’s call out a solution that most game studios are already aware of: Centralized Logging. Centralized logging helps organizations collect, analyze, and display Amazon CloudWatch Logs in a single dashboard. This solution consolidates, manages, and analyzes log files from various sources. We are including it here as reference architecture on how to deploy centralized logging and as a quick solution that provides a turnkey environment to begin logging and analyzing your AWS environment and applications.

Real-Time Insights on AWS Account Activity

Monitoring Amazon Web Services (AWS) account activity can provide valuable insight into who is accessing your resources and how your resources are being used. This insight can help you make better-informed decisions that increase security and efficiency, facilitate compliance auditing, and optimize costs.

The Real-Time Insights on AWS Account Activity guidance automatically provisions and configures the services necessary to record and visualize resource access and usage metrics for your AWS account(s) in a couple of minutes. This guidance is designed to provide a framework for visualizing access and usage metrics, allowing you to focus on adding new metrics rather than underlying infrastructure operations.

This could prove to be a valuable tool as an early detection system for data breaches and allow you to minimize their impact by closing them as fast as possible. For a game studio, a data breach could take different forms like leaking player’s information losing trust in the process, losing game source code that could potentially create future issues or leak information about unreleased projects and intellectual property preventing your marketing team from managing the agenda and building up the hype properly.

AWS Limit Monitor

One other way to track rogue resource creation would also be via monitoring your resource limits. These limits define how you can use the different AWS services. A unexpected change into those limits could help you bring to light that you have a rogue account creating resources in a region you do not usually use for example.

This solution helps you proactively track resource usage and send notifications when you approach quotas. It leverages the AWS Trusted Advisor Service Limits checks and Service Quotas to help you display your usage and quotas for specific AWS services, and centrally manage your quotas.

AWS Security Hub

AWS Security Hub is a cloud security posture management service that performs automated, continuous security best practice checks against your AWS resources. Security Hub aggregates your security alerts (i.e. findings) from various AWS services and partner products in a standardized format so that you can more easily take action on them. To maintain a complete view of your security posture in AWS, you need to integrate multiple tools and services including threat detection from Amazon GuardDuty, vulnerabilities from Amazon Inspector, sensitive data classifications from Amazon Macie, resource configuration issues from AWS Config, and AWS Partner Network Products. Security Hub simplifies how you understand and improve your security posture with automated security best practice checks powered by AWS Config rules and automated integrations with dozens of AWS services and partner products.

Security Hub enables you to understand your overall security posture via a consolidated security score across all of your AWS accounts, automatically assesses the security of your AWS accounts resources via the AWS Foundational Security Best Practices standard and other compliance frameworks. It also aggregates all of your security findings from dozens of AWS security services and APN products in a single place and format via the AWS Security Finding Format, and reduces your Mean Time To Remediation (MTTR) with automated response and remediation support. Security Hub has out-of-the-box integrations with ticketing, chat, Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), threat investigation, Governance Risk and Compliance (GRC), and incident management tools to provide your users with a complete security operations workflow.

You can integrate Security Hub with AWS Organizations to automatically enable the service in all accounts in your organization.

AWS Security Hub Automated Response and Remediation

This AWS Solution is an add-on that works with AWS Security Hub and provides predefined response and remediation actions based on industry compliance standards and best practices for security threats. It helps AWS Security Hub customers to resolve common security findings and to improve their security posture in AWS.

Conclusion

It is not because your adversaries are sharpening their swords that you cannot still topple their attacks and come out victorious. If the “Zerg Rush” can be countered by the right strategy, the same applies to security threats if you have the right tools in your kit. With the right tools and the right strategy, it allows you to do more with less because that automation will enable your security team to spend more time on their other priorities.

Thank you for exploring defense strategies and tools with us today. To stay up to date on Security focused content, follow the AWS Security Blog, the Game Tech Security Blog and to stay up to date on AWS for Games focused content follow the AWS for Games Blog and the AWS for Games website.