There is a range of AWS security tools, including Identity and Access Management, virtual private clouds, as well...
as a variety of encryption options and auditing tools. But cloud customers in regulated industries like finance and healthcare will almost certainly want to look into third-party tools to secure public cloud resources and improve their information security controls. Here are some options to consider.
Alert Logic offers a number of services for AWS customers, including its Threat Management product, which provides vulnerability scanning and network intrusion-detection services. The product analyzes network operations to detect malicious activity that host-based intrusion detection systems can miss. Threat Management also has PCI-approved reporting.
Alert Logic Log Manager combines automated log collection and analysis with human expert review. The vendor also offers Web Security Manager, which is designed to block common attacks, such as SQL Injection.
While AWS security tools include Web Application Firewall service, there are several other firewall options on the market to secure public cloud data and resources. The Fortinet FortiWeb-VM is a Web application firewall designed to block application-layer denial of service attacks and other malicious activity. Fortinet products are available in the AWS Marketplace; charges are based on EC2 instance size and duration of use. Imperva SecureSphere WAF AV1000 Gateway is another Web application firewall option.
The Center for Internet Security (CIS) has documented best practices for hardening Linux operating systems. While IT teams could implement these recommendations, another option for a secure public cloud is to use one of the hardened OS machine images available from CIS in the AWS Marketplace. Options include hardened versions of Amazon Linux, Red Hat Enterprise Linux, CentOS Linux and Ubuntu. CIS images are available at a cost of $0.02 per hour.
Security groups can be difficult to manage in the cloud. Dome9 Security offers a number of products to help automate and centralize security group management, improve remote access controls and mitigate the risk of zero-day vulnerabilities.
For AWS customers looking for multifaceted approach to secure public cloud resources, there are tools like Trend Micro's Deep Security, which implements intrusion detection, antimalware, monitoring, log inspection and content filtering.
Native and third-party tools protect AWS
The difference between security groups and traditional firewalls
Dig Deeper on AWS security
Related Q&A from Dan Sullivan
Docker's recent upgrade introduced support for hardware signing and in the future, automated security analysis on Docker images. Expert Dan Sullivan ... Continue Reading
Cisco's new project Contiv automates operational policies for containerized applications in the cloud. Expert Dan Sullivan explains the benefits of ... Continue Reading
Dropbox API abused by attackers posing as legitimate users in a huge spear phishing campaign. Expert Dan Sullivan explains how to mitigate the risks ... Continue Reading