Involta offers a free (for a limited time only) professional services engagement delivered by Involta Security Specialists and powered by Alert Logic’s industry-leading security solutions. This review provides you with a clear understanding of your current security posture and exposure to threats and grades you against the Center for Internet Security (CIS) AWS Foundations Benchmark. The AWS security review is an Amazon Web Services native security service that continuously discovers, visually maps, and assesses AWS workloads and Amazon EC2 instances for misconfigurations that don’t follow AWS security best practices. The review produces an evidence-based report that Involta delivers to summarize your AWS account(s) security posture, grades you against the CIS AWS Foundations Benchmark, and gives AWS/Involta a reference point for additional consulting.
This will be presented and explained during the 60-min consultation with Involta and Alert Logic.
CIS BENCHMARK SECURITY REVIEW
YOUR ENVIRONMENT’S SECURITY THROUGH THE LENS OF
AN INDUSTRY RECOGNIZED BENCHMARK
The CIS Benchmark Security Review assesses your security posture and exposure to threats. Your baseline is measured against the CIS Amazon Web Services Foundations Benchmark. This testing methodology provides a consistent means of understanding and tracking your improvement.
Here are some of the critical items found in your review and the potential impact:
ENSURE HARDWARE MFA IS ENABLED FOR THE ‘ROOT’ ACCOUNT: This means there is no way to disable ‘root’
user. If not fixed, this could give someone the keys to the kingdom if the root account is compromised.
ENSURE CLOUDTRAIL IS ENABLED IN ALL REGIONS: CloudTrail records all the API calls into your AWS account.
Without this enabled you may not be able to see possible negative activity until it’s too late.
How do I sign up for an AWS Security Review?
You can sign up by reaching out to your Involta Account Executive.
What do I need to have in order to obtain an AWS Security Review report and free consultation?
You will need to have access to your AWS environment, be able to deploy an AWS CloudFormation Template (CFT) in your AWS account, acknowledge that AWS CloudFormation might create IAM Resources, and send an ARN Role to Involta, who will contact you to enable the AWS Security Review report and set up a 60-minute consultation to review the results.
What kind of results can I expect from running the AWS Security Review?
There are more than 50 CIS Benchmark points within 4 different check categories within this review, including Identity & Access, Logging, Networking, and Monitoring. The results report breaks down the CIS Benchmark check results into three buckets: Passed checks, Partially Passed checks, and Failed Checks. The summary of the report includes an overall Review Score (0 thru 100) that is an average of all the check scores. For each check, the report also provides the detailed description, including the individual check score and the overall rating of Passed, Partially Passed, and Failed for your environment. Finally, the report includes customized observations that are high priority items specific to your environment.
What is Involta role in enabling the AWS Security Review?
Involta has already been certified by AWS to have a strong security practice by completing certain Managed Service Provider (MSP) requirements with AWS. They are also best suited to explain the AWS Security Review checks and recommendations, and then guide the discussion about how those may need to be resolved.
Will Involta remove the CloudFormation template and ARN role from their environment?
After you have completed your consultation meeting and any additional review around your AWS account, Involta will confirm they have deleted your AWS environment profile. After this confirmation, you may go into the AWS Management Console to delete the CloudFormation Stack where the cross-account was created for the AWS Security Review.
What IAM policy will be implemented with the AWS Security Review? Do you have documentation?
Yes, there is documentation for the IAM Policy for the review. Please request this documentation from Involta.
How long will it take for Involta to run the AWS security review?
Once you provide the AWS IAM ARN role to Involta, the review should take about 24 hours to run. Involta will provide more information and next steps.
What happens after the AWS Security Review is run?
Once the AWS Security Review is complete, Involta will reach out to you to schedule a 60-minute consultation. During this consultation meeting, they will deliver the report to you and review the results.
More Questions? Contact us