Alert Logic® has released a new Amazon Web Services (AWS)-native security service – Cloud Insight™ Essentials. This service shows you why, where, and how to respond to Amazon GuardDuty findings while continuously assessing your AWS configurations to find exposures and recommend actions that prevent future compromise.
With Cloud Insight Essentials, you can:
- Take action sooner with incident response support that explains GuardDuty findings, shows how it impacts your current assets, and recommends which actions to take first.
- Prevent future compromise with continuous checks for configuration mistakes in your AWS account and service configurations and prioritized recommendations to remediate exposures.
- Launch essential security with minimal permissions, zero footprint in your AWS environment, and no security experience required.
Read on to gain a greater understanding of how Cloud Insight Essentials helps you achieve security goals.
Incident Response Support
Cloud Insight Essentials can help you understand why, where, and how to act on GuardDuty findings by providing clear explanations of these findings, additional details about affected assets, such as tags and VPCs, and recommended responses prioritized by criticality.
With the response recommendations provided by Alert Logic, you can see incident and exposure impact in a topology view of your assets. In addition, you can efficiently manage your incidents with an automated workflow to update them, track response tasks, and resolve them.
With these features, you can more easily assess the nature of the threat, assess impact, and take action to resolve a compromise.
Prevent Future Compromise
When you deploy Cloud Insight Essentials in your AWS environment, the service continuously checks your account and service configurations against AWS best practices, such as, but not limited to:
- S3 buckets that allow unauthenticated access
- Overly permissive security groups and IAM policies
- Elastic Load Balancers using insecure ciphers
Based on these checks and your GuardDuty findings, prioritized recommendations are provided in the Alert Logic console to help you determine which configuration best practices address your GuardDuty-generated incidents.
The remediations are prioritized by criticality and quantity of exposures they will resolve, so you can act on the most impactful information first.
A few additional features of Cloud Insight Essentials include:
- Easily Expand Protection – Within the Alert Logic console, you can seamlessly upgrade to add pre-authorized software vulnerability scanning.
- Utilize Dashboards and Reports – Using Cloud Insight Essential reporting tools, you can understand and demonstrate progress on incidents and exposures by asset, attack type, and exposure type over time.
- Streamline Security into Your Continuous Integration/Continuous Deployment – With no-touch automation and REST API, you can integrate configuration into your DevOps toolchain.
For deployment information, FAQs, and in-depth coverage of Cloud Insight Essentials, refer to the articles in the Cloud Insight Essentials section of our Knowledge Base.
For more information about how GuardDuty findings are supported with Cloud Insight, refer to the 11/29/17: Cloud Insight Enhancements and Integration with Amazon GuardDuty article.