APN Partners offer hundreds of industry-leading products that are equivalent, identical to, or integrate with existing controls in your on-premises environments. These products complement the existing AWS services to enable you to deploy a comprehensive security architecture and a more seamless experience across your cloud and on-premises environments.

Find below the products and solutions pre-qualified by the AWS Partner Competency Program to support you in multiple areas including: infrastructure security, policy management, identity management, security monitoring, vulnerability management, and data protection.

Designed to identify and protect your applications and data from cyber-attacks and other advanced threats vectors.

Alert Logic

Fully managed cloud-based suite of security and compliance solutions for hybrid IT infrastructures.

Cloud Defender allows organizations to protect web applications, identify and mitigate network threats and vulnerabilities, and detect security and compliance issues from log data by a team of certified security experts 24x7.


Working seamlessly with your AWS environment to provide instant security —anytime, anywhere.

AWS-hosted applications choose Barracuda due to its continuous monitoring and policy tuning by world-class security experts. Barracuda’s dynamic profiling, application-aware technologies minimize false positives and protect against emerging threats.

Check Point

Check Point Software Technologies is a worldwide leader in network security solutions.

vSEC for Amazon Web Services (AWS) protect services in AWS VPC from sophisticated threats and attacks, it includes: Firewall, VPN, IPS, Application Control, Antivirus, Anti-Bot and advanced Threat Prevention software.


Directly protects website, apps, and the data behind them from industrialized, multi-vector attacks

Imperva SecureSphere Web Application Firewall analyzes all web application traffic and stops the sophisticated, multi-vector attacks that slip by traditional security defenses before they reach your applications and data.


UTM layered security for AWS with WAF that auto-scales is simple to deploy and is cost-effective.

All-in-one security including WAF, Auto Scaling, IPS, & VPN protection that scales automatically to wind up or down as your needs demand.

Trend Micro

Comprehensive security, seamlessly integrated with AWS, to protect workloads without slowing you down

Defend AWS workloads against attacks, malware and vulnerabilities with Trend Micro Deep Security. Our host-based intrusion detection & prevention, anti-malware, and log & integrity monitoring protects workloads, without impacting agility. SaaS, software & AWS Marketplace options.

Palo Alto

Application aware protection for your AWS environment, deploy application-specific threat prevention.

Using the application as the basis for your AWS security policy enables you to leverage the deny-all-else premise that a firewall is based upon for both gateway and VPC-to-VPC protection.

Help define and manage access policies to enforce business governance including, user authentication, SSO, and enforcement.


Okta is an integrated identity and mobility management service. We enable easy employee access and IT control for business apps.

Okta simplifies and secures the internal administration of AWS users and access by connecting to existing infrastructure used to manage people like Active Directory. Okta also helps developers launch products quickly by offering pre-built authentication and user management.


Control User Identity and Access to All Apps, from All Devices, Anywhere with One Cloud Solution

The innovator in cloud Identity and Access Management as a Service, providing secure single sign-on (SSO), multi-factor authentication, integration with common directory infrastructures such as Active Directory, LDAP and Workday, automated user provisioning & de-provisioning and more.

Ping Identity

Ping Identity delivers a flexible platform to enable SSO to all of your application using your IAM investments

Ping Identity is used by enterprise customers to migrate their existing on-prem investments to EC2. Ping helps them provide identity and API security for apps across the Amazon Cloud, SaaS and on-prem. 50+ of the Fortune 100 trust us to provide flexibility across their cloud deployments.

Maintain visibility and auditability of activity in your application infrastructure, while providing policy-driven alerting, and reporting.


Splunk® delivers analytics-driven security solutions that enable organizations to detect and respond to external attacks, malicious insiders, and costly fraud by providing valuable context and visual insights to help make optimal security decisions.

Perform flexible, scalable security investigations, real-time security forensics, correlation & alerting, automatic knowledge extractions, interactive compliance and audit reporting to gain real-time operational visibility and business intelligence.



Sumo Logic's purpose built SaaS service enables organizations to configure KPIs and scale on demand to capture, audit and analyze logs and data across any needed dimension to insure continuous compliance and provide always on threat analysis.

Monitor multi-dimensional KPI’s with dynamic thresholds and predict future events with linear predictive analysis. Reduce mean time to identification by correlating logs across various data sources, lower false-positives and reduce hundreds of thousands of pages of results into a handful of meaningful patterns. Expedite root cause analysis by surfacing components of complex transactions across distributed environments. Visualize all contextual data sets to comprehend complex interactions in real-time.

Help inspect your application deployments for security risks and vulnerabilities, while providing priorities and advice to assist with remediation.


Cavirin provides continuous security assessment and remediation across physical, public, and hybrid clouds.

Cavirin has been at the forefront in implementing AWS CIS Foundation Benchmarks, Security Hardening, and the PCI DSS Quick Start. The company’s solutions offer continuous visibility, are agentless and multi-tenant, and scale to the largest physical and virtual infrastructures. They offer up-to-the-minute compliance assessments, supplying audit-ready evidence as measured by every major regulatory and security best practice framework including CIS, DISA, PCI and HIPAA. With Cavirin, companies are empowered to make the right decisions faster and de-risk their cloud migrations.


Automated discoveries, checks, and alerts to ensure visibility and control of users' environments.

Gain automated security with 350+ proprietary best practice checks, 24 hour change monitoring with CloudTrail and Config integration, and customizable security alerts.


Comprehensive security on-demand, any scale and anywhere (AWS public cloud, VPC, or hybrid).

CloudPassage® Halo®, an agile security platform, empowers enterprises to take full advantage of AWS with the confidence that critical business assets are protected by delivering a comprehensive set of layered security and compliance functions.

Comprehensive security on-demand, any scale and anywhere (AWS public cloud, VPC, or hybrid).
Comprehensive security on-demand, any scale and anywhere (AWS public cloud, VPC, or hybrid).
Comprehensive security on-demand, any scale and anywhere (AWS public cloud, VPC, or hybrid).


Simplifies cloud secops, removes operator misconfigs, reduces attack surface and speeds compliance.

Dome9 is purpose-built to secure your entire AWS cloud infrastructure and is designed to perform as your cloud security operations console. It is trusted by over a thousand customers, including the world’s leading service providers and enterprises.


Automated monitoring, detection and guided remediation of security risks across the organizations' entire AWS infrastructure.

Evident is the first and only infrastructure security solution to provide complete coverage of an organization’s entire AWS environment. ESP combines automated detection of security risks with guided remediation and audit capabilities to meet compliance requirements - all in one solution.


Qualys Virtualized Scanner Applaince allows customers to scan Amazon EC2 IT assets and web applications for improved security and compliance

Qualys Virtualized Scanners are qualified to run on cloud platforms such as Amazon EC2. The Virtualized Scanners can manage all EC2 instances from a centralized Qualys account to scan and audit IT assets and web applications for security and compliance.


Identify risks. Enforce security policies. Access lifecycle management. Privilege Access Management.

Saviynt delivers security management and governance for AWS Console and resources. Saviynt provides preventive controls to enforce security policies with ability to stop launch of EC2 instances, revert unauthorized changes or notify violations.


Nessus is pre-authorized for vulnerability, compliance and threat scans of AWS environments with the largest collection of network security checks and configuration and compliance audits.

Nessus assessment and management solutions are pre-authorized for vulnerability, compliance and threat scanning for AWS developers and customers. Our cloud products provide patch, configuration, and compliance auditing; mobile, malware, and botnet discovery; sensitive data identification; and vulnerability analysis for AWS EC2 environments and instances.

Threat Stack

A cloud-native, continuous security monitoring that responds to changes in your environment.

Threat Stack allows growth-driven companies running on AWS to scale with confidence by identifying and verifying threats. Get instant visibility into insider threats, external attacks, data-loss, all while automating your compliance operations.

Assist with safeguarding your data from unauthorized disclosure and modification, through encryption, key management, and policy-driven controls.


Delivers full disk encryption of Amazon EC2 instances so you securely migrate sensitive data to the cloud.

Organizations retain control of encryption keys at all times. ProtectV encrypts the entire machine instance and attached storage volumes. No machine instance is launched without proper authorization from ProtectV StartGuard pre-boot authentication.


Ensures data-at-rest security, control and compliance with on-premise key custodianship.

Vormetric Transparent Encryption for AWS secures cloud data-at-rest with on-premise key management, granular data access controls, and detailed data event logs to meet compliance audit requirements.

Organizations of all sizes are moving their workloads to AWS because of its agile, scalable and secure cloud infrastructure. These workloads often have unique security needs and that's what our security partners provide to AWS customers. Security on AWS is a shared responsibility, and one that applies differently for different customers. It requires that partners and AWS work with the customer to achieve desired outcomes.

The following featured security partners can help you deploy built-for-AWS, automated, and scalable security solutions designed to grow as your infrastructure grows. 

View featured APN Partners


Partners interested in listing their security product or solution must have achieved the Security Competency through the AWS Competency Program.

Learn more about the Competency Program
AWS Security