Many organizations turn to AWS to strengthen their security posture. Using AWS in conjunction with control frameworks like NIST and CIS help achieve desired security outcomes. Organizations can gain an additional layer of security with NTT DATA's Trust Acceleration Platform (NTAP). NTAP provides real-time automated security configuration monitoring, management, and remediation to help ensure that your AWS system configurations remain in their desired, compliant state, thereby giving you system confidence. NTAP reduces risk caused from misconfiguration by automating the verification of NIST and AWS CIS benchmark controls. In addition, NTAP helps secure endpoints that connect to the cloud, ensuring security through to routers, laptops, and more. NTAP inventories and ‘fingerprints’ your AWS environment, and can identify and manage correct configurations. Configurations for critical systems like Amazon Simple Storage Service (Amazon S3), AWS Elastic Load Balancing (AWS ELB), Amazon Virtual Private Cloud (Amazon VPC) and AWS Web Application Firewall (AWS WAF) are continuously monitored and managed against baseline and customized security controls to ensure continuous compliance. NTAP supports custom security controls, pre-defined control frameworks like CIS for AWS benchmarks and features built in support for NIST 800-53A and NIST 800-171.

How it Works

NTAP validates even the most complex configuration environments for compliance, reducing risk caused by misconfiguration. With real-time compliance of the entire information system security controls ecosystem, NTAP addresses security silos with automation that enables most security tools to be unified under a single interface, thereby simplifying implementation, maintenance, and costs. NTAP discovers and assesses your environment, identifying and managing to correct configurations. Configurations are continuously monitored (in agent or agentless mode) and managed with a rules engine that checks against baseline and customized security controls to ensure continuous compliance. Non-compliant configurations are automatically remediated or NTAP can alert for manual remediation. Last, NTAP offers configurable real-time system compliance dashboards and reporting as well as real-time authority to operate (ATOs) with a Digital System Security Plan (SSP).