Q
Get started Bring yourself up to speed with our introductory content.

What AWS security tools are available for the cloud?

While our enterprise uses an array of AWS tools, we'd like to improve our data security measures. What AWS security tools are available to help secure data and resources?

There is a range of AWS security tools, including Identity and Access Management, virtual private clouds, as well...

as a variety of encryption options and auditing tools. But cloud customers in regulated industries like finance and healthcare will almost certainly want to look into third-party tools to secure public cloud resources and improve their information security controls. Here are some options to consider.

Alert Logic offers a number of services for AWS customers, including its Threat Management product, which provides vulnerability scanning and network intrusion-detection services. The product analyzes network operations to detect malicious activity that host-based intrusion detection systems can miss. Threat Management also has PCI-approved reporting.

Alert Logic Log Manager combines automated log collection and analysis with human expert review. The vendor also offers Web Security Manager, which is designed to block common attacks, such as SQL Injection.

Cloud customers in regulated industries like finance and healthcare will almost certainly want to look into third-party tools to secure public cloud resources and improve their information security controls.

While AWS security tools include Web Application Firewall service, there are several other firewall options on the market to secure public cloud data and resources. The Fortinet FortiWeb-VM is a Web application firewall designed to block application-layer denial of service attacks and other malicious activity. Fortinet products are available in the AWS Marketplace; charges are based on EC2 instance size and duration of use. Imperva SecureSphere WAF AV1000 Gateway is another Web application firewall option.

The Center for Internet Security (CIS) has documented best practices for hardening Linux operating systems. While IT teams could implement these recommendations, another option for a secure public cloud is to use one of the hardened OS machine images available from CIS in the AWS Marketplace. Options include hardened versions of Amazon Linux, Red Hat Enterprise Linux, CentOS Linux and Ubuntu. CIS images are available at a cost of $0.02 per hour.

Security groups can be difficult to manage in the cloud. Dome9 Security offers a number of products to help automate and centralize security group management, improve remote access controls and mitigate the risk of zero-day vulnerabilities.

For AWS customers looking for multifaceted approach to secure public cloud resources, there are tools like Trend Micro's Deep Security, which implements intrusion detection, antimalware, monitoring, log inspection and content filtering.

Next Steps

Native and third-party tools protect AWS

Avoid common security mistakes in AWS

The difference between security groups and traditional firewalls

This was last published in April 2016

Dig Deeper on AWS security

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

Which security tools do you use in your AWS environment?
Cancel

-ADS BY GOOGLE

SearchCloudApplications

TheServerSide.com

SearchSoftwareQuality

SearchCloudComputing

Close