APN Partners offer hundreds of industry-leading products that are equivalent, identical to, or integrate with existing controls in your on-premises environments. These products complement the existing AWS services to enable you to deploy a comprehensive security architecture and a more seamless experience across your cloud and on-premises environments.

Find below the products and solutions pre-qualified by the AWS Partner Competency Program to support you in multiple areas including: infrastructure security, policy management, identity management, security monitoring, vulnerability management, data protection, and consulting services.

Designed to identify and protect your applications and data from cyber-attacks and other advanced threats vectors.

Alert Logic

Fully managed cloud-based suite of security and compliance solutions for hybrid IT infrastructures.

Cloud Defender allows organizations to protect web applications, identify and mitigate network threats and vulnerabilities, and detect security and compliance issues from log data by a team of certified security experts 24x7.


Armor Anywhere delivers managed scalable security across your AWS workloads

Armor delivers security outcomes through 24/7 Security Operations Center monitoring and response to all cloud network threats, actively protecting your AWS workloads, matching the scale, complexity, and speed that your company demands.


Barracuda NextGen Firewalls are the industry’s first solutions purpose-built for cloud – engineered to leverage the AWS platform and native services. Scale out secure remote access, secure office-to-cloud connectivity, and cloud network segmentation.

The Barracuda NextGen Firewall is a purpose-built Cloud Generation Firewall engineered for rapid deployment and operation within dispersed, highly dynamic, and security-critical environments on AWS. Available via a license-less model – deploy firewalls everywhere and pay only for secured traffic.


Working seamlessly with your AWS environment to provide instant security —anytime, anywhere.

AWS-hosted applications choose Barracuda due to its continuous monitoring and policy tuning by world-class security experts. Barracuda’s dynamic profiling, application-aware technologies minimize false positives and protect against emerging threats.

Check Point

Check Point Software Technologies is a worldwide leader in network security solutions.

Check Point CloudGuard for Amazon Web Services (AWS) protects services in AWS VPC from sophisticated threats and attacks. The CloudGuard software portfolio includes Firewall, VPN, IPS, Application Control, Antivirus, Anti-Bot and advanced threat protection.


Works out-of-the box, detects & reacts to malware, misuse, and threats in AWS & on-prem environments.

Observable Networks' Dynamic Endpoint Modeling consumes VPC Flow Logs, and CloudTrail and Config events among others, to generate noise-free security alerts. An intuitive portal & programmable APIs enable scalable, automated security. 

F5 Networks

Comprehensively protect apps and data from both known and unknown threats, bot attacks and potentially damaging application vulnerabilities with the industry’s leading Web Application Firewall solution.

Powered by F5’s BIG-IP ASM VE, this solution secures applications against L7 DDoS attacks, malicious bot traffic, application vulnerabilities and all OWASP top 10 threats, while leveraging automated learning capabilities to prevent even the most sophisticated attacks from reaching your servers.  


Fortinet is a worldwide leader in network security solutions and provides multi-layered security for AWS with high-availability and auto-scaling to streamline your cloud workload deployments.

FortiGate for AWS, powered by consistent FortiOS threat intelligence, protects cloud workloads in AWS regions from advanced threats and attacks. It includes Next-Generation Firewall, VPN, IPS, Application Control, Antivirus, Antispam and advanced Threat Prevention features.


Directly protects website, apps, and the data behind them from industrialized, multi-vector attacks

Imperva SecureSphere Web Application Firewall analyzes all web application traffic and stops the sophisticated, multi-vector attacks that slip by traditional security defenses before they reach your applications and data.


ProtectWise™ provides Cloud-Powered Network Detection & Response (NDR) to secure Enterprise, Cloud and Industrial networks.

ProtectWise™ provides Cloud-Powered Network Detection & Response (NDR). Organizations can achieve defense-in-depth via advanced analytics in Enterprise, Cloud and Industrial environments with real time and retrospective detections. Full-fidelity packet captures, indexed and retained indefinitely, create a perfect, rapidly searchable network memory. By unifying detections and forensics in an intuitive and immersive visualizer, The ProtectWise Grid™ delivers unique advantages over current security products. The platform integrates with hundreds of existing security products, features the ease and cost-savings of an on-demand deployment model and enables companies to consolidate multiple, disconnected point products.


UTM layered security for AWS with WAF that auto-scales is simple to deploy and is cost-effective.

All-in-one security including WAF, Auto Scaling, IPS, & VPN protection that scales automatically to wind up or down as your needs demand.


Symantec Cloud Workload Protection automates core security controls for AWS workloads, enabling business agility, risk reduction, and cost savings for organizations, while easing DevOps and administrative burdens.

Symantec Cloud Workload Protection provides strong hardening, application control, application level firewall, system integrity monitoring, and exploit prevention for your AWS instances. Cloud-native integration allows DevOps to build application protection directly into deployment workflows and automate agent deployment. Support for DevOps tools like Chef, Puppet, and Ansible automates complete security controls for the workload and its applications. In addition, Docker security ensures that the host, Docker manager, containers, and their data are protected while integrity monitoring identifies anomalous behavior.

Trend Micro

Comprehensive security, seamlessly integrated with AWS, to protect workloads without slowing you down

Defend AWS workloads against attacks, malware and vulnerabilities with Trend Micro Deep Security. Our host-based intrusion detection & prevention, anti-malware, and log & integrity monitoring protects workloads, without impacting agility. SaaS, software & AWS Marketplace options.

Palo Alto

Application aware protection for your AWS environment, deploy application-specific threat prevention.

Using the application as the basis for your AWS security policy enables you to leverage the deny-all-else premise that a firewall is based upon for both gateway and VPC-to-VPC protection.

Help define and manage access policies to enforce business governance including, user authentication, SSO, and enforcement.


Okta is an integrated identity and mobility management service. We enable easy employee access and IT control for business apps.

Okta simplifies and secures the internal administration of AWS users and access by connecting to existing infrastructure used to manage people like Active Directory. Okta also helps developers launch products quickly by offering pre-built authentication and user management.


Control User Identity and Access to All Apps, from All Devices, Anywhere with One Cloud Solution

The innovator in cloud Identity and Access Management as a Service, providing secure single sign-on (SSO), multi-factor authentication, integration with common directory infrastructures such as Active Directory, LDAP and Workday, automated user provisioning & de-provisioning and more.

Ping Identity

Ping Identity delivers a flexible platform to enable SSO to all of your application using your IAM investments

Ping Identity is used by enterprise customers to migrate their existing on-prem investments to EC2. Ping helps them provide identity and API security for apps across the Amazon Cloud, SaaS and on-prem. 50+ of the Fortune 100 trust us to provide flexibility across their cloud deployments.

Maintain visibility and auditability of activity in your application infrastructure, while providing policy-driven alerting, and reporting.

Alien Vault

Threat detection, incident response, and compliance management—all in one platform.

AlienVault USM Anywhere™ delivers powerful threat detection, incident response, and compliance management across your cloud and on-premises environments—all from one unified SaaS platform. It combines multiple security technologies for asset discovery, vulnerability management, intrusion detection, behavioral monitoring, SIEM, and log management, as well as continuous, automatic threat intelligence updates from AlienVault Labs. USM Anywhere is compliant to PCI DSS, SOC 2, and HIPAA.


Splunk® delivers analytics-driven security solutions that enable organizations to detect and respond to external attacks, malicious insiders, and costly fraud by providing valuable context and visual insights to help make optimal security decisions.

Perform flexible, scalable security investigations, real-time security forensics, correlation & alerting, automatic knowledge extractions, interactive compliance and audit reporting to gain real-time operational visibility and business intelligence.



Sumo Logic's purpose built SaaS service enables organizations to configure KPIs and scale on demand to capture, audit and analyze logs and data across any needed dimension to insure continuous compliance and provide always on threat analysis.

Monitor multi-dimensional KPI’s with dynamic thresholds and predict future events with linear predictive analysis. Reduce mean time to identification by correlating logs across various data sources, lower false-positives and reduce hundreds of thousands of pages of results into a handful of meaningful patterns. Expedite root cause analysis by surfacing components of complex transactions across distributed environments. Visualize all contextual data sets to comprehend complex interactions in real-time.

Help inspect your application deployments for security risks and vulnerabilities, while providing priorities and advice to assist with remediation.

Alert Logic

See vulnerabilities and misconfigurations in minutes with automated, pre-authorized, credentialed, agentless scanning for software Common Vulnerability & Exposures (CVE) and AWS configuration issues (EC2, S3, IAM, ELB, RDS, and more...)

Cloud Insight continuously discovers and inspects assets across all your environments for software vulnerabilities & risky misconfigurations, displayed via interactive topology map. Prevent exploits with clear & prioritized step-by-step guidance. Launches in minutes, no security experience required.


Cavirin provides continuous security assessment and remediation across physical, public, and hybrid clouds.

Cavirin has been at the forefront in implementing AWS CIS Foundation Benchmarks, Security Hardening, and the PCI DSS Quick Start. The company’s solutions offer continuous visibility, are agentless and multi-tenant, and scale to the largest physical and virtual infrastructures. They offer up-to-the-minute compliance assessments, supplying audit-ready evidence as measured by every major regulatory and security best practice framework including CIS, DISA, PCI and HIPAA. With Cavirin, companies are empowered to make the right decisions faster and de-risk their cloud migrations.


Automated discoveries, checks, and alerts to ensure visibility and control of users' environments.

Gain automated security with 350+ proprietary best practice checks, 24 hour change monitoring with CloudTrail and Config integration, and customizable security alerts.


Comprehensive security on-demand, any scale and anywhere (AWS public cloud, VPC, or hybrid).

CloudPassage® Halo®, an agile security platform, empowers enterprises to take full advantage of AWS with the confidence that critical business assets are protected by delivering a comprehensive set of layered security and compliance functions.

Comprehensive security on-demand, any scale and anywhere (AWS public cloud, VPC, or hybrid).
Comprehensive security on-demand, any scale and anywhere (AWS public cloud, VPC, or hybrid).
Comprehensive security on-demand, any scale and anywhere (AWS public cloud, VPC, or hybrid).


Security and compliance automation on AWS delivering full visibility, control and faster time to protection as organizations scale

Dome9 delivers peace of mind to enterprises through security and compliance automation as they scale in the cloud. The Dome9 Arc SaaS platform gives organizations full visibility and control over their security posture on AWS, allowing them to minimize the attack surface and protect against vulnerabilities, identity theft, and data loss.


Automated monitoring, detection and guided remediation of security risks across the organizations' entire AWS infrastructure.

Evident is the first and only infrastructure security solution to provide complete coverage of an organization’s entire AWS environment. ESP combines automated detection of security risks with guided remediation and audit capabilities to meet compliance requirements - all in one solution.


Qualys Virtualized Scanner Applaince allows customers to scan Amazon EC2 IT assets and web applications for improved security and compliance

Qualys Virtualized Scanners are qualified to run on cloud platforms such as Amazon EC2. The Virtualized Scanners can manage all EC2 instances from a centralized Qualys account to scan and audit IT assets and web applications for security and compliance.


Effective threat defense for AWS environments

With RedLock, organizations can ensure compliance, govern security, and enable security operations across AWS environments. The RedLock Cloud 360 platform takes a new AI-driven approach that correlates disparate security data sets including network traffic, user activities, risky configurations, and threat intelligence, to provide a unified view of risks across fragmented cloud environments.


Identify risks. Enforce security policies. Access lifecycle management. Privilege Access Management.

Saviynt delivers security management and governance for AWS Console and resources. Saviynt provides preventive controls to enforce security policies with ability to stop launch of EC2 instances, revert unauthorized changes or notify violations.


Nessus is pre-authorized for vulnerability, compliance and threat scans of AWS environments with the largest collection of network security checks and configuration and compliance audits.

Nessus assessment and management solutions are pre-authorized for vulnerability, compliance and threat scanning for AWS developers and customers. Our cloud products provide patch, configuration, and compliance auditing; mobile, malware, and botnet discovery; sensitive data identification; and vulnerability analysis for AWS EC2 environments and instances.

Threat Stack

A cloud-native, continuous security monitoring that responds to changes in your environment.

Threat Stack allows growth-driven companies running on AWS to scale with confidence by identifying and verifying threats. Get instant visibility into insider threats, external attacks, data-loss, all while automating your compliance operations.


Automated Guardrails for Cloud

Preventive, Detective and Corrective Controls that empower, protect, and accelerate your cloud team. Turbot is an automated member of your cloud team enforcing best practices that ensure your cloud infrastructure is secure, compliant, scalable and cost optimized.

Assist with safeguarding your data from unauthorized disclosure and modification, through encryption, key management, and policy-driven controls.


Delivers full disk encryption of Amazon EC2 instances so you securely migrate sensitive data to the cloud.

Organizations retain control of encryption keys at all times. ProtectV encrypts the entire machine instance and attached storage volumes. No machine instance is launched without proper authorization from ProtectV StartGuard pre-boot authentication.


Ensures data-at-rest security, control and compliance with on-premise key custodianship.

Vormetric Transparent Encryption for AWS secures cloud data-at-rest with on-premise key management, granular data access controls, and detailed data event logs to meet compliance audit requirements.

Accelerating people and processes with modern security tools and frameworks to provide security capabilities that are uniquely available on the AWS Cloud.


Benefits of 8KMiles Secure Cloud Framework: Security pain point discovery, design, implement, recommend correct AWS Services, analyze customer infrastructure, monitor & bridge security gaps, continuous and automated compliance.

Key Capabilities: Admin/User Policies, User Activity Log & Monitor, Secure Data at Rest & Transit, VPC Security Checks, AWS Services' Security - Network, Compute, Application, Storage, Device & Analytics Security, Threat & Risk Assessment, Secure Implementation & Mgmt of Key Stores, MFA, and VPN.


Our security offerings lower risk and accelerate adoption of hybrid and cloud deployments. We support automated configuration of native AWS security capabilities and compliance through third-party tools and by providing security as a managed service.

The AABG Security Services offering integrates AWS security best practices leveraging the AWS Cloud Adoption Framework along with Accenture’s deep expertise in areas: Digital Identity, Application Security, Threat Intelligence, and Managed Services to build comprehensive solutions for our clients.


AllCloud Security Experts has been working for years with top SaaS organization to Architect Build and Manage their AWS operation, we help them to achieve consistent operation and compliance by leveraging creativity mixed with 3rd party technologies.

AllCloud transforms businesses to the Next-Generation, Hyper Scale SaaS. Our engineers are skilled to design security at scale starting from Infrastructure-as-code, continuous deployment integrated with tight security controls and monitoring. We deliver HIPAA, SOC2, and PCI-DSS compliant solutions. 

Cloud Technology Partners

CloudZone's 2 phase approach to cloud security includes leveraging AWS's security tools and services such as IAM, CloudTrail & AWS Config. We then complement those with 3rd party tools for Audit, Endpoint protection, Logging and Application Security.

We have processes in place to ensure maximum protection across your entire AWS environment including tools for Vulnerability Testing & Intrusion Detection/Prevention which keep your environment safe from malicious attacks. All that while meeting strict compliance regulations such as HIPAA & PCI-DSS.

Cloud Technology Partners

CTP’s Cybersecurity Program utilizes AWS, CSA, NIST and other industry best practices to ensure delivery of the world’s most secure environments on Amazon Web Services.

CTP’s Cybersecurity Program addresses the following challenges: Infrastructure Security and Network protection, Data Security, Identity and Access Management, Logging, Monitoring and Audit Trail, Governance, Risk & Compliance, and utilizes Industry Standards.


Deloitte’s Cyber Risk Services for AWS are built on leading cloud security technologies, leveraging pre-built integrations and our Secure.Vigilant.Resilient™ Cyber Risk Management Framework.

Deloitte’s Cyber Risk Services for AWS incorporate security capability areas built on our experience serving clients, industry leading practices, and applicable regulatory requirements. The services allow an organization to assess AWS capabilities to manage risks with their control responsibilities.


GuidePoint delivers a security-focused approach to AWS architecture, compliance, cloud engineering services including special projects, vulnerability management, systems hardening, cloud security governance, and cloud security platform integrations.

GuidePoint Security provides innovative cyber security solutions and expertise that enable organizations to successfully achieve their missions. By embracing new technologies, GuidePoint helps clients recognize threats, understand solutions, and mitigate risks within their evolving IT environments.


HeleCloud provides strategic technology consultancy, engineering, and Cloud-based managed services and training.

By taking advantage of everything the Cloud has to offer, organizations can reduce operational costs, accelerate innovation, focus on their core business, and have more confidence around data security and compliance.


Logicworks’ AWS Certified Engineers help you go beyond standard security practices to build an automated, continuous security system that is backed by 24x7 monitoring, maintenance, support. We are audited annually for HIPAA, SOC2, and PCI-DSS.

Logicworks manages AWS environments that are designed with AWS Security by Design Principles to meet industry and federal standards. This can include helping companies assess security, architect and build secure solutions, and continuously protect data with monitoring, automation, and reporting.


We provide security consulting service that fully supports various measures necessary for information security management with abundant experience and reliable technology.

Provide security consulting services not only in the cloud environment but also in the hybrid cloud environment with the on-premises environment required by the enterprise company. Analysts familiar with the defense logic of WAF will also monitor and analyze attacks on websites on a 24/7 basis.

REAN Cloud

REAN Cloud is a one stop shop for all of your cloud security and automation needs. Our DevSecOps practice, combined with our DevOps Accelerator Platform, enables you with a secure and error free migration.

Maintain business continuity with REAN Cloud’s DevOps Accelerator Platform that provides you with the flexibility of choosing your tools and the environment for a seamless and secure cloud experience. Responsibly accelerate your Cloud journey with REAN Cloud.

Demonstrable success in helping customers navigate and achieve successful audits and accreditation to industry assurance and certifications programs such as PCI, HIPAA, Fedramp, and many others for their workloads running in the AWS Cloud.

Booz Allen Hamilton

Booz Allen is committed to providing clients with AWS security architectures that comply with security policies, protects against advanced threats, and integrates with an organization’s cyber posture.

We are proud to partner with AWS in support of this mission. Our security partnership with AWS allows us to provide closely tailored solutions to clients that take into account the dynamic nature of cybersecurity, ensuring that our clients are protected and prepared against security threats.

REAN Cloud

REAN Cloud is a one stop shop for all of your cloud security and automation needs. Our DevSecOps practice, combined with our DevOps Accelerator Platform, enables you with a secure and error free migration.

Maintain business continuity with REAN Cloud’s DevOps Accelerator Platform that provides you with the flexibility of choosing your tools and the environment for a seamless and secure cloud experience. Responsibly accelerate your Cloud journey with REAN Cloud.


stackArmor has developed a simple and effective methodology for cybersecurity, vulnerability management and penetration testing for complying with ISO 27001, PCI, HIPAA, FedRAMP, FISMA, FFIEC and NIST standards.

stackArmor provides full-stack cloud solutions for security focused customers including security in depth design, vulnerability management and compliance for ISO 27001, FedRAMP, FISMA,FFIEC, PCI, HIPAA and NIST standards.

Proven capabilities of building scalable solutions for customers across all industry verticals and expertise in building secure infrastructure, environments, and applications from the ground up.


Cloudreach has established an impeccable reputation for transforming and operating enterprise IT security in the cloud.

Security and governance underpin all successful projects. Founded in 2009, Cloudreach’s Cloud Enablement team works with clients transforming their business on a bedrock of security best practice. Our Operations team provides the experience, insight and quick response that makes us a trusted partner.


Logicworks’ AWS Certified Engineers help you go beyond standard security practices to build an automated, continuous security system that is backed by 24x7 monitoring, maintenance, support. We are audited annually for HIPAA, SOC2, and PCI-DSS.

Logicworks manages AWS environments that are designed with AWS Security by Design Principles to meet industry and federal standards. This can include helping companies assess security, architect and build secure solutions, and continuously protect data with monitoring, automation, and reporting.

Organizations of all sizes are moving their workloads to AWS because of its agile, scalable and secure cloud infrastructure. These workloads often have unique security needs and that's what our security partners provide to AWS customers. Security on AWS is a shared responsibility, and one that applies differently for different customers. It requires that partners and AWS work with the customer to achieve desired outcomes.

The following featured security partners can help you deploy built-for-AWS, automated, and scalable security solutions designed to grow as your infrastructure grows. 

View featured APN Partners


Partners interested in listing their security product or solution must have achieved the Security Competency through the AWS Competency Program.

Note: In order to achieve the Competency, APN Partners must provide supporting documentation such as architectural designs for review by AWS and its 3rd party auditor.

Learn more about the Competency Program
AWS Security