The Right Start - Security Assessment

Cloud security has become a matter of huge importance, and if it has been weighing on your mind lately, we can help. With us, you can get security right by beginning with a detailed AWS Cloud Security Posture Assessment to identify misconfigurations and security loopholes in your AWS infrastructure.

Comprehensive Assessment Process

The security landscape is changing, and threat ridden, more so with transformation to cloud-based environments. To balance the benefits and speed of cloud adoption, you need to secure assets and data, and ensure continuous monitoring and quick recovery. An enhanced and adaptive security posture is the new normal in maintaining cloud security. Umbrellas’ team of cloud security experts perform a detailed Cloud Security Assessment of your AWS cloud environment. This involves a series of discussions with customer teams and an automated analysis of AWS environment using AWS and Umbrella’s tested proprietary and third-party tools.

The assessment process includes the following:

• Account Structure: AWS organisation, SCP, Control tower.
• Identity & Access Management: SSO, External Identity Federation, MFA, Rotation of credentials, Access analyser, Password Policies.
• Detective Controls: Cloud trail & AWS Config, Guard Duty, Security Hub, AWS Detective.
• Network & Application Security: Security Groups, NACLs, Network Firewalls, Private links & Service Endpoints, VPN, Web Application Firewall, DDOS.
• Monitoring and Log Management: Cloud Watch log configuration, AWS ElasticSearch, Cloud Watch log metric filter, Analysis of S3 logs using Athena.
• Data Encryption: Encryption of EBS volumes, S3 buckets, AWS Certificate Manager.
• Assessment of Security incident response plan.
• DevSecOps: Continuous compliance using config rules, Automated response to non-compliance events, Automation of application release management
• Cloud Architecture review for security implementation

Timelines

The assessment spans three weeks, with the first two weeks dedicated to discussions and reviews of policies, processes, architecture and assessment of vulnerabilities and monitoring. We work on detailed report preparation during the third week and publish a final consolidated report while sharing details of the report components.

What You Get from the Assessment

The team will submit a final report accompanied by the following:

• Summary of your existing cloud security environment
• Analysis of your cloud configuration violations against AWS and CIS Cloud best practices
• Cloud security recommendations for remediation based on priority and risk factors