Amazon Web Services (AWS) is a cloud services platform, offering compute power, database storage, content delivery and other functionality. AWS provides native security controls to help its customers protect cloud deployments. However, many AWS customers are not fully leveraging these controls, lack visibility into the dynamic environment and are exposed to security gaps.
With Alcide, customers can visualize and protect their cloud instances and get in-context meta-data from their cloud platform. AWS Security groups are automatically imported for all workloads, enabling AWS customers to granularly control policy segmentation, see all the data related to the policies and make sure no risk is imposed as a result of a rule change or East/West threat posed by attackers.
To track and manage cloud workloads on AWS environment, the need for a real-time map of the infrastructure as well as the ability to see changes over time is crucial. Alcide’s panoramic visibility of the AWS cloud deployment includes accounts, regions, VPCs VM and security groups data. The panoramic real-time view continuously tracks and visualized all of AWS components and network activities.
AWS console provides the ability to see a list view of a single account and region and its related VMs. The Alcide platform adds a visual map with real-time mapping of the entire AWS environment and network activity which helps troubleshoot and mitigate security issues. As new workloads spin up or down Alcide map is immediately updated.
Satisfy all stakeholder requirements and address multi-layered concerns with centrally orchestrated and automatically enforced security policies. The Alcide’s Firewall enables you to seamlessly adopt a Bring Your Own Security Policies (BYOSP) model and control your security policies in AWS deployments. Security Groups are monitored to identify and alarm in real time risks created by exposing instances and monitoring changes across multiple accounts and regions.
Instead of having SecOps, DevOps, (or DevSecOps,) engineers, and security fight for policy dominance, Alcide facilitates a proper separation of DevOps duties through the policy plane bridging the gap between Security and DevOps teams. AWS security groups are automatically imported with their inbound and outbound rules. Policies are visualized on Alcide’s map with a simplified view allowing you to quickly understand what security groups are associated to each of your AWS VM
Visibility and policy orchestration are good starting points but they’re not enough. Alcide enforcement capabilities ensure that infrastructure, policies and network activities on your AWS deployment stay compliant. A combination of enforcement and advanced threat detection capabilities ensure malicious activities are identified in real-time and remediation actions take place, reducing vulnerability and risk imposed by attackers.
In AWS you can see a list of the network activities on a single VPC which resides in a single account and region. To be able to protect the environment, DevSecOps teams need to have a wider picture of what’s happening in their environment and quickly identify a security threat, including filtering by account and region, contextual metadata, network activity and alerts on non-compliant activity, behavior anomaly and threat detections.
Want to learn more? Download AWS Security Best Practices paper today