AWS Security Review
How well protected are your information systems and applications? Where is your business exposed and what is the level of risk?
Strategic Security
Are you playing catch up with customers’ security expectations? Are you gapping on ISO27001, PCI-DSS or FedRAMP compliance?
Relax: We can transform your platform security from a liability to an asset.
Prevent
Detect
Respond
Remediate
Security, Identity, & Compliance services
- Discover and protect your sensitive data at scale
- Key storage and management
- Hardware based key storage for regulatory compliance
- Provision, manage, and deploy public and private SSL/TLS certificates
- Rotate, manage, and retrieve secrets
- Securely manage access to services and resources
- Cloud single-sign-on (SSO) service
- Identity management for your apps
- Managed Microsoft Active Directory
- Simple, secure service to share AWS resources
- Central governance and management across AWS accounts
- Network security
- DDoS protection
- Filter and control outbound DNS traffic for your VPCs
- Filter malicious web traffic
- Central management of firewall rules
- Automate AWS security checks and centralize security alerts
- Protect AWS accounts with intelligent threat detection
- Automate vulnerability management
- Record and evaluate configurations of your AWS resources
- Track user activity and API usage
- Investigate potential security issues
- Scalable, cost-effective application recovery to AWS
- Continuously audit your AWS usage to simplify how you assess risk and compliance
- AWS Artifact is your go-to, central resource for compliance-related information that matters to you
How well protected are your information systems and applications? Where is your business exposed and what is the level of risk?
The Soimplement Health Check Programme include:
- Secure AWS accounts or virtual private cloud (VPC) design
- Secure network design
- Host and network firewalls
- Access to secure network only by VPN
- Encrypting all data at rest
- Encrypting management service traffic in transit
- Central user identity and password management
- An audit trail for all AWS changes (CloudTrail)
- Role-based access control to sensitive resources.
For organisations that must take a high security posture to comply with standards such as Level 3 PCI DSS we would also include:
- Two-factor authentication on admin users
- Egress traffic filtering / virus scanning
- Web application firewalls
- Anti-virus scanning of hosts
- Intrusion detection
- Cloud provider(s) security review, focusing on:
- Services in use, volumes of consumption etc.
- Regions, HA, resiliency, latency
- Compliance, security and best practices
- Costs, efficient use of purchase units and optimisations
- Secure Configuration
- Access Control Review
- IAM, groups, roles
- Access keys, X.509 certificates, SSH keys
- Passwords and MFA devices
- SSO
- Use of Data Encryption and Security
- Secure Release Process Review
- Patching Cycle Review
- 3rd Parties Level of Access Review
- Performance and Service Limits
- Cost Optimisation and potential savings
- Kubernetes security review
- Version management and patching
- Security
- Ingress / Egress
- CNI
- Node utilization
- Secrets & certificates management
- Segregation of workloads
- Infrastructure Architecture Review
- Performance
- Resilience
- Efficiency