Security in a multi-account environment

To improve security posture across a multi-account environment, organizations need to implement controls such as vulnerability assessment, firewalls, and intrusion prevention. AWS Marketplace offers integrated software solutions for AWS Control Tower that help organizations secure diverse workloads and provide broader visibility into assets, events and vulnerabilities.

These are just a few examples of security in a multi-account environment solutions. Scroll down or use the drop-down menu to learn more about each solution.

Choose a solution
  • Choose a solution
  • Alert Logic
  • Aqua Security
  • CloudKnox
  • CrowdStrike
  • Palo Alto Networks
  • Sonrai Security
  • Tenable
  • Trend Micro

Alert Logic

Alert Logic Managed Detection and Response (MDR) is always on, providing protection across your entire organization and delivering unrivaled security through five key elements: intelligence driven by data and humans, a scalable MDR platform, security experts named to your account, security insights at your fingertips, and protection tailored to each asset in your environment.

Alert Logic MDR (US) features include:

  • A named MDR concierge with 24/7 threat management and a 15-minute escalation SLA
  • Real-time reporting, intrusion detection, and user behavior anomaly detection
  • Hybrid asset and risk discovery
  • Essential compliance coverage
  • Vulnerability scanning and Endpoint protection
  • Cloud configuration assessment

How it works

Additional resources from Alert Logic


ClubCorp is the largest owner and operator of private clubs nationwide with 200+ country clubs, city clubs, athletic clubs, and stadium clubs. The company has adopted a multi-cloud, hybrid environment in relentless pursuit of the ultimate member experience. With constant growth, a constantly changing IT footprint, and an urgent need to keep member data secure, ClubCorp turned to Alert Logic. With Alert Logic MDR, the company has mitigated security concerns saving both time and resources.

quotes icon

We needed an environment that was going to be secure, stable and scalable. We’ve had that with AWS and Alert Logic.

Zach Vinduska, Vice President, Infrastructure, Security & Compliance, ClubCorp

Aqua Security

Aqua Wave provides a SaaS-based, cloud security posture management (CSPM) solution for AWS Control Tower. Aqua CSPM continually audits your cloud accounts for security risks and misconfigurations. This is performed across hundreds of configuration settings and compliance best practices, enabling consistent, unified multi-account security. It also provides self-securing capabilities to help ensure your cloud accounts do not drift out of compliance by leveraging a policy-driven approach. 

Aqua CSPM features include:

  • Continuous auditing of hundreds of settings for infrastructure risks and misconfigurations
  • Enterprise-ready scale supports hundreds of cloud accounts and integrates with AWS Control Tower and leading productivity tools
  • Scan AWS CloudFormation templates (Infrastructure-as-code) for weaknesses
  • Self-securing with detailed and actionable advice or automatic remediation

How it works

Additional resources provided by Aqua Security


CloudKnox is an entitlements management platform that uses a patented activity-based authorization protocol to protect enterprises from machine and human identities with excessive high-risk permissions. CloudKnox works across your AWS accounts to support continuous, adaptable risk-based decision making, alerting organizations of unexpected and excessive risk caused by privilege misuse. 

CloudKnox Cloud Security Platform features include:

  • Comprehensive visibility and automatic remediation of all over-permissioned identity and resources including cross account access
  • Deliver Permissions-on-Demand which are time and resource bound
  • Detect, alert, and remediate infrastructure anomalies
  • Monitor and remediate cloud resources for configuration violations through custom alerts and automated reports
  • Measure compliance against regulatory frameworks - CIS, NIST, PCI and custom policies

How it works

Additional resources provided by CloudKnox


Guidewire needed a tool to automate permissions management and monitor priority access
across the enterprise. Adopting CloudKnox eliminated the need to use scripts and spreadsheets to track identify access and clean up unused account permissions, saving hours of work. As a result, Guidewire can now aggregate and gather all the data it needs to achieve the goal of least privilege in just minutes. 

quotes icon

CloudKnox provided insight into identities where full administrator access was granted and gave guidance to help account administrators proceed in the path of least privilege access. CloudKnox also provided an easy means to create and deploy these new more restricted policies reducing workload and saving significant time.

Jay Brothers, Identify and Access Engineer, Guidewire


Crowdstrike Falcon Endpoint Protection uses advanced artificial intelligence (AI), machine learning, behavioral protection, kernel level visibility and proactive threat hunting to identify potential attacks in real-time. For organizations who are adopting or migrating to cloud workloads, CrowdStrike Falcon Endpoint Protection provides comprehensive visibility and breach protection allowing customers to rapidly adopt and secure technology across any workload.

CrowdStrike Falcon Endpoint Protection Premium features include:

Workload Discovery: Automatically discover all existing cloud workload and containers deployments to get full visibility into the scope and nature of your cloud footprint

Observability: Improve cloud hygiene with real-time information about workloads and containers, including metadata on configurations, networking and security.

Runtime Protection: Protect against malware and sophisticated attacks for Amazon EC2 instances running Linux

EDR for Cloud Workloads: EDR for cloud workloads and containers helps prevent silent failure by capturing raw events for complete event monitoring and visibility

API-Led Integrations: Seamlessly integrate with DevOps and CI/CD pipelines and leverage AWS Cloud Formation, Terraform, Ansible, Chef, Puppet, etc

How it works

Additional resources from CrowdStrike

Oak Hill Advisors

Oak Hill Advisors relies on CrowdStrike for in-context visibility and streaming protection of their cloud workloads. CrowdStrike has become integral to both managing and updating the tools Oak Hill offers its customers as well as growing and innovating the firm’s technological footprint. A comprehensive overview of AWS accounts, VPCs, security groups, and EC2 instances helps their security team operate with their cloud-first strategy.

quotes icon

One security challenge of the cloud is that your systems cannot sit behind a perimeter. Another challenge is the dynamism of the infrastructure. We introduce changes daily, which in the past was not the case. And even if it were, because we were behind a firewall it took more time to discover and mitigate security issues. In the cloud, your vulnerability can be exposed within minutes or seconds. That’s where CrowdStrike is truly valuable for us. Our security team can continue to work on what they need to work on.

Sajawal Haider, Chief Information and Security Officer, Oak Hill Advisors

Palo Alto Networks

Prisma Cloud provides cloud security posture management (CSPM) and cloud workload protection (CWP) as a single pane of glass for comprehensive visibility and control. Securely provision automated account registrations, continuous governance, and enterprise-wide management of multiple AWS accounts in just a few clicks. Prisma Cloud also extends cloud automation to integrated Lambda serverless remediation and manages it through a common policy and governance framework.

Prisma Cloud features include:

  • CSPM to monitor posture, detect and respond to threats, and maintain compliance
  • CWP to secure hosts, containers, and serverless across the application cycle
  • Cloud network security to gain network visibility, enforce microsegmentation, and secure trust boundaries
  • Cloud infrastructure entitlement management to enforce permissions and secure identities across workloads
  • Full lifecycle and multi-account security for any cloud native workload or application

How it works

Additional resources provided by Palo Alto Networks


After switching to AWS, 3-GIS needed a SecOps solution to manage security, compliance, and visibility, while their company scaled. By integrating with Prisma Cloud, 3-GIS was able to spin up an account in 10 minutes and adopt a “set it and forget it” approach. This allowed a single employee to manage everything, saving valuable time and resources.

quotes icon

AWS gives us the ability to compute and run our application, and Prisma Cloud by Palo Alto Networks helps us make it more secure. AWS grew to about a third of our business—but we still had only one person running everything with Prisma Cloud.

Damion Harrylal, Solutions Engineer, 3-GIS

Sonrai Security

Sonrai Dig is an identity and data governance platform built for cloud and container environments, providing complete visibility inside your organization. It continuously identifies and monitors every trust relationship, inherited permission, and policy across all multi-account AWS environments. Sonrai Dig’s Governance Automation Engine automates workflow, remediation, and prevention capabilities across cloud and security teams to ensure end-to-end security.

Sonrai Dig - Identity and Data Governance Platform features include:

  • Auto-remediation of all identity, data, and network risks in your AWS environment
  • Continuous access monitoring finds, classifies, and minimizes access to all critical data in structured and unstructured stores
  • Over 1000 control policies and 30 frameworks spanning data, identity, cloud-platform, and container compliance regulations
  • Machine learning and graph analytics automate identifying, classifying, and prioritizing risks for responsible teams and individuals

How it works

Additional resources provided by Sonrai Security

World Fuel Services

World Fuel Services needed to consolidate its data centers to optimize costs and deliver energy
solutions more seamlessly. After deciding to migrate its legacy systems to AWS, the company adopted Sonrai Dig to maximize efficiency, increase security, and reduce risk across its enterprise. With Sonrai Dig, World Fuel Services has closed 20 of its 22 data centers while providing security controls for 200+ AWS accounts and over 6500 AWS roles.

quotes icon

Security is absolutely foundational for any large scale migration to the public cloud. Sonrai Dig on AWS is central to the World Fuel Services cloud security operating model. The elimination of identity and data risks, automation, and continuous monitoring has transformed our cloud security operations, and helped accelerate our cloud migration.

Richard Delisser, Senior Vice President, World Fuel Services


Vulnerability Management for Modern IT, provides the most accurate information about assets and vulnerabilities in your IT environment. Available as a cloud-delivered solution, features the broadest vulnerability coverage, intuitive dashboard visualizations for rapid analysis, and seamless integrations that help you maximize efficiency and increase effectiveness. features include:

  • Comprehensive assessment
  • Predictive prioritization
  • Dynamic asset tracking
  • Passive network monitoring
  • Automated cloud visibility
  • Pre-built integrations and flexible API

How it works

Additional resources from Tenable

Trend Micro

Trend Micro Cloud One™ - Workload Security is purpose-built for server, cloud, and container environments, providing visibility across your entire hybrid cloud. Automatically protect against vulnerabilities, malware, and unauthorized changes with a wide range of powerful and intelligent capabilities. Workload Security automatically integrates with the DevOps toolchain and includes a rich set of REST APIs, which facilitate deployment, policy management, health checks, and compliance reporting.

Trend Micro Cloud One – Workload Security features include:

  • Intrusion prevention, anti-malware, machine learning, behavioral analysis, application control, integrity monitoring, web reputation, firewall, and log inspection
  • Security policy automation as you migrate or create new workloads
  • Multi-platform application control to detect and block unauthorized software execution
  • API-first, developer-friendly tools to help you integrate security controls into DevOps processes
  • Integration for leading SIEM, security management, orchestration, monitoring, pipeline, and IT service management tools

How it works

Additional resources from Trend Micro Cloud One - Workload Security


Blackbaud is the world's leading cloud software company powering social good. Serving the entire social good community—nonprofits, foundations, companies, education institutions, healthcare organizations and individual change agents—Blackbaud connects and empowers organizations to increase their impact through cloud software, services, expertise, and data intelligence.

quotes icon
We compared solutions between several companies, and Trend Micro was the most complete solution. Trend Micro Cloud One - Workload Security checked all the boxes across cybersecurity and DevOps.
      Mario Mendoza, Team Lead, Cyber Security Architecture and Engagement, Blackbaud
Have questions? Have tips?

We're here to help you get started with AWS Marketplace. Ask for or give advice on the AWS Marketplace discussion forum.

Have questions? Have tips?

We're here to help you get started with AWS Marketplace. Ask for or give advice on the AWS Marketplace discussion forum.