Sponsored Content

Augmenting AWS Security Controls

Augmenting AWS Security Controls

Appropriate use of native security controls in AWS and other CSPs is fundamental to managing cloud risk and avoiding costly breaches.

Has the onslaught of lackluster webinars over the past few months left you wanting more? Are you seeking practical, relevant, and usable information and advice on how to stay secure in the cloud? Well, you’re in luck! DivvyCloud, the leading provider of cloud and container security and compliance, is partnering with AWS to offer an incredible (and completely free!) opportunity to anyone who’s interested in making the most out of the native security controls within AWS.

This is an important topic because avoiding a data breach has been and continues to be a significant hurdle for any organization seeking to innovate securely in the cloud. It’s important to recognize that the issue at hand is breaches of data in the cloud, not breaches of the underlying infrastructure of the cloud service provider (CSP). This distinction between the CSP and the customer is vital, and there is an explicitly shared responsibility relationship. 

CSPs, like AWS, are responsible for securing the underlying components of cloud services. On the other side, the customer is responsible for securing how they use the cloud services, including properly configuring identity and access management, storage and compute settings, threat analysis and defense, and the security of the application and data processed and stored in the cloud. 

In a majority of data breach scenarios, the underlying cloud infrastructure is secure, and it is the CSP customer that is not fulfilling their part of the deal. As Gartner states, “through 2022, at least 95 percent of cloud security failures will be the customer’s fault.” Appropriate use of native security controls in AWS and other CSPs is fundamental to managing cloud risk and avoiding costly breaches. However, many organizations struggle with determining when and how to use these native security controls, how to manage them consistently, and how and when to augment these controls to ensure continuous security and compliance. 

Because cloud breaches are typically due to misconfigurations, organizations must implement controls that quickly – and automatically – prevent or detect and remediate these errors. To this end, CSPs, including AWS, offers a plethora of security controls. For example, Amazon AWS provides more than 30 different cloud-security related services (e.g., GuardDuty, CloudTrail, CloudHSM, CloudWatch, etc.). These controls are essential, playing a primary role in secure cloud configura- tions, though just turning them on does not guarantee secure cloud configurations.

Join AWS Partner Solution Architect Jon Myer and DivvyCloud by Rapid7 VP of Cloud Security Sales Chris Hertz as they discuss:

  • how and when to use native cloud security controls
  • why and when you may want to augment these controls
  • how to leverage automation to gain continuous security and compliance in the public cloud

If you are looking for an opportunity to get the most out of your time and attention, don’t miss DivvyCloud’s upcoming webinar on August 19 at 1:00 p.m., EDT. Register now!

Suggested articles