Overview
The Right Start - Security Assessment Cloud security has become a matter of huge importance, and if it has been weighing on your mind lately, we can help. With us, you can get security right by beginning with a detailed AWS Cloud Security Posture Assessment to identify misconfigurations and security loopholes in your AWS infrastructure.
Comprehensive Assessment Process The security landscape is changing, and threat ridden, more so with transformation to cloud-based environments. To balance the benefits and speed of cloud adoption, you need to secure assets and data, and ensure continuous monitoring and quick recovery. An enhanced and adaptive security posture is the new normal in maintaining cloud security. Umbrellas’ team of cloud security experts perform a detailed Cloud Security Assessment of your AWS cloud environment. This involves a series of discussions with customer teams and an automated analysis of AWS environment using AWS and Umbrella’s tested proprietary and third-party tools. The assessment process includes the following:
- Account Structure: AWS organisation, SCP, Control tower.
- Identity & Access Management: SSO, External Identity Federation, MFA, Rotation of credentials, Access analyser, Password Policies.
- Detective Controls: Cloud trail & AWS Config, Guard Duty, Security Hub, AWS Detective.
- Network & Application Security: Security Groups, NACLs, Network Firewalls, Private links & Service Endpoints, VPN, Web Application Firewall, DDOS.
- Monitoring and Log Management: Cloud Watch log configuration, AWS ElasticSearch, Cloud Watch log metric filter, Analysis of S3 logs using Athena.
- Data Encryption: Encryption of EBS volumes, S3 buckets, AWS Certificate Manager. Assessment of Security incident response plan.
- DevSecOps: Continuous compliance using config rules, Automated response to non-compliance events, Automation of application release management
- Cloud Architecture review for security implementation
Timelines The assessment spans three weeks, with the first two weeks dedicated to discussions and reviews of policies, processes, architecture and assessment of vulnerabilities and monitoring. We work on detailed report preparation during the third week and publish a final consolidated report while sharing details of the report components.
What You Get from the Assessment The team will submit a final report accompanied by the following:
- Summary of your existing cloud security environment
- Analysis of your cloud configuration violations against AWS and CIS Cloud best practices
- Cloud security recommendations for remediation based on priority and risk factors
Highlights
- The assessment will take into consideration your key cloud security objectives in the context of your business goals. Assessment will include AWS Cloud security controls, policies, processes, and other AWS components that help improve your current security posture.
- You get a 360° view of your security stance including governance, compliance, IAM, network and application security, monitoring, encryption, automation and more from our detailed report.
- Based on the report, we give you remediation recommendations that will help you build a robust cloud security strategy with technology and tools aligned to business needs.
Details
Pricing
Custom pricing options
Legal
Content disclaimer
Resources
Vendor resources
Support
Vendor support
The engagement will be led by a Principal Consultant throughout the entire engagement. The Principal Consultant will be in contact with you by phone, e-mail, or in fysical engagements.
For any inquiries pre or post engagement, please reach out to info.nl@softline-group.com .