Listing Thumbnail

    AWS Cloud Security Assessment

     Info
    Improving your workloads’ security and protecting your data in the AWS cloud, starts with assessing the current posture of your AWS environment. Once a comprehensive report is laid in front of you, now you can start prioritizing, planning and addressing the different risks and gaps.
    Listing Thumbnail

    AWS Cloud Security Assessment

     Info

    Overview

    The security assessment is a point in time snapshot of your AWS cloud infrastructure posture, which provides you insight to your environment security. The assessment is conducted by querying your environment’s infrastructure using AWS management read-only APIs. In addition to assessing infrastructure configurations and some access perspectives, CCOE architects inspect the processes you are implementing to manage your infrastructure and security.

    Focus areas

    • Misconfiguration of AWS resources/services which may increase your environment attack surface. The resources configuration is checked against industry standards (CIS v1.4.0, NIST SP 800-53 Rev. 5, AWS FSBP). (!) This will be done on a single specific account of the customer selection.
    • Over permissive entitlements which should be reviewed and reconsidered. For example: External access for third parties to S3 bucket, or a cross account role to a sensitive account, etc. Service roles of EC2 instances (IAM Instance Profile), EKS clusters (OIDC), and Lambda functions (execution roles). (!) This will be done on a single specific account of the customer selection.
    • Development and deployment procedures: Security of the deployment pipeline and security in the pipeline. Architecture security review process.
    • Tools and Processes around the following pillars: Cloud Security Posture Management, Cloud Infrastructure Entitlement Management, Incident Management (detection and response), and Incident response readiness.

    Ideal for

    Understanding your environment security posture is a crucial step towards mitigating risks and harming your environment security, thus, it is a mandate that the assessment should be desired by any organization who consumes the AWS cloud for either production or lower level environments. If you are not comfortable with your environment protection level, consider to assess your posture.

    Key Activities

    1. Establish the engagement with an introduction between the team and an overview of the assessment process.
    2. Initial discovery - CCOE architects will work with you to understand which areas to focus the assessment is on, and validate the best approach to run the assessment tools.
    3. Set up required access and/or deployment of assessment tools (according to customer environment and business requirements).
    4. Run the assessment: Running automation tools and scripts. Interviewing platform engineering, security operations, and enterprise architecture teams.
    5. Delivering and presenting the final report.

    Cost

    The assessment is delivered by CCOE for free, however, the automation procedures and services within the AWS cloud might incur some cost, by AWS services, depending on the chosen delivery method.

    Timeframe

    Depending on the availability of the customer, the size of the environment and optional restrictions/limitations in the environment, running the assessment might last between a week to few weeks. Once data is collected allow a week for the delivery of the final report.

    Outcomes

    By the end of this engagement you will get a thorough report of your AWS cloud environment infrastructure security posture, including tailored recommendations for improving your environment security.

    Highlights

    • Get insight into your environment security for free.
    • Engage with AWS experts to align your TOP 10 security gaps to tackle.

    Details

    Delivery method

    Pricing

    Custom pricing options

    Pricing is based on your specific requirements and eligibility. To get a custom quote for your needs, request a private offer.

    How can we make this page better?

    We'd like to hear your feedback and ideas on how to improve this page.
    We'd like to hear your feedback and ideas on how to improve this page.

    Legal

    Content disclaimer

    Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

    Support

    Vendor support

    When you engage with us for our Security Foundations service, you can expect a high level of support to ensure you gain the most value from our offering. Our dedicated team is available to assist you with any questions or issues that may arise.

    You can reach out for support at any time via email at sales@ccoe.io . We strive to respond to all inquiries within 24 hours.

    Visit our website at www.ccoe.io  for more information and access to additional resources.

    We are committed to providing exceptional support to ensure you have a seamless experience with our Free Security Assessment service. Please do not hesitate to contact us if you have any questions or need assistance.