Effective brakes are crucial for the safe operation of any vehicle. I recently purchased a new Honda Pilot, though, and it comes with Collision Mitigation Braking System (CMBS)—a system that senses the vehicle in front of you and detects if a collision is imminent. Brakes are good. CMBS brakes that can go above and beyond to proactively avoid an accident are even better. Likewise, Amazon Web Services (AWS) security solutions are good, but AWS tools alone won’t get the job done.
When Amazon Web Services introduced Amazon GuardDuty last year, Alert Logic saw an opportunity to expand on notifications from GuardDuty and improve AWS security to provide critical context with Cloud Insight Essentials.
Cloud Insight Essentials provides context and guidance
Cloud Insight Essentials is a vulnerability assessment solution that allows customers to continuously find risky configurations that go against AWS Security Best Practices. It works by analyzing AWS APIs and scanning CloudTrail events, looking for unsafe configurations like Amazon Simple Storage Service (Amazon S3) buckets with global access, users not using Multi-Factor Authentication (MFA), or use of the root account. Cloud Insight Essentials also provides crucial, easy to understand security context for Amazon GuardDuty findings and guidance for how to address or resolve them.
Amazon GuardDuty might identify a malicious activity like a Secure Shell (SSH) brute force attack, and alert you. But, how did this attack happen? The Cloud Insight Essentials Investigation Report shows the topology of the attack, and includes details like the connected Security Group, Amazon Machine Image (AMI), subnet, VPC, and region so you’re armed with information about what caused the attack.
OK. So, now you have a better understanding of what the issue is and how it happened. Now, what should you do about it? Cloud Insight Essentials also provides a Recommended Course of Action. Alert Logic gives you both Short-Term and Structural Actions you can take through the AWS Management Console to make the changes necessary to ensure this finding doesn’t occur again.
Get started with Cloud Insight Essentials
You can get started with Cloud Insight Essentials with a 30-day free trial. Then, you pay only $49 per account per month. There are no contracts or long-term commitments and you can cancel at any time. You can also upgrade from Cloud Insight Essentials to Cloud Insight to add vulnerability scanning checks for 91,000+ Common Vulnerabilities and Exposures (CVEs) and 8,600+ software configuration issues.
About the Author
*** This is a Security Bloggers Network syndicated blog from Alert Logic - Blogs Feed authored by Tony Bradley. Read the original post at: https://blog-admin.alertlogic.com/extend-amazon-guardduty-with-alert-logic-cloud-insight-essentials/