Skip to main content

AWS Native and Third-Party Tools: New White Paper

November 14, 2019

Thanks in part to the ease of infrastructure implementation, public cloud service providers (CSPs) are quickly becoming more popular with enterprises. However, cybersecurity in the cloud is complex; while CSPs are responsible for the security “of” the cloud, you’re responsible for security “in” the cloud. Enterprises must still protect data and are responsible for the secure configuration of the resources provisioned.

Iaas AWS Screenshot

Despite the many advantages offered by CSPs there are intricacies and Amazon Web Services (AWS) users might have a host of questions. For instance:

  • What tools does AWS offer to assess vulnerabilities and exposures?
  • How easy or difficult is it to understand AWS security data?
  • What gaps exist in AWS native tools?
  • How do third-party tools work with AWS to augment and/or strengthen cloud security?

We’ve developed IaaS Security – AWS Native and Third-Party Tools to help you better understand the cloud infrastructure assessment tools provided by AWS, Palo Alto Networks and Tenable. The paper offers tool-specific observations that allow security practitioners to understand the interdependencies of native and third-party infrastructure assessment tools and grasp the basics of configuration, key features, metrics, reports and other capabilities. This allows practitioners to make informed decisions about how and when to use which tools in their AWS-hosted environments.

Some key takeaways:

Manageability: For hybrid and multi-cloud environments, AWS lacks a single view in which to consolidate information. Third party tools help bridge this gap with consolidated views of the environment, helping speed up an understanding of enterprise risk.

Security Standards: AWS offers the CIS Foundation Benchmark v1.2 while other solutions include a wider breath of standards. Palo Alto Networks Prisma Cloud includes compliance checks for: National Institute of Standards and Technology (NIST) SP 800-53, General Data Protection Regulation (GDPR), International Organization for Standardization (ISO)27001, PCI DSS and others.

Auto-Remediation: AWS requires users to define several items before automated remediation can take place. Prisma, in comparison, offers remediation out of the box on some events and an interface to configure actions on existing or custom rules.

Log Data: The setup time, configuration and initial ingestion of log data was notably longer for the third-party tools compared to AWS native tools.

Prerequisites for Use of Third-Party Tools: Some AWS native services, such as CloudTrail, must be configured prior to the use of third-party cloud security platforms. Costs for both native and third-party tools apply.

Threat Detection: Native and third-party tools use the same logs and various AWS services, but third-party solutions run AWS log data against their own detection technologies to identify inconsistencies that pose a risk.

Both native and third-party approaches have distinct advantages and disadvantages at present. You should expect to use both native and third-party security solutions in concert for the foreseeable future, and this research paper provides a rich understanding of how this can be best accomplished.

Related Blogs

July 11, 2018

Agile and Proactive Security Assessments of AWS Cloud Deployments

Most companies have security personnel, but their expertise in the cloud may be limited. To have a team of highly trained AWS security experts on staf...

See Details

January 13, 2016

I Want the Cloud, But Where Do I Start?

… It is a question many admins and technology professionals are starting to ask. Well, to be fair, as long as ‘The Cloud’ has been a buzzword, people...

See Details

January 30, 2017

Cloud Powered Without Compromise

Security OF the cloud versus security IN the cloud. This by no means is intended to be a riddle. In fact, the irony is that cloud computing has solved...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.