AWS SECURITY REVIEW BY INVOLTA AND ALERT LOGIC

WHAT IS THE AWS SECURITY REVIEW WITH INVOLTA AND ALERT LOGIC

Involta offers a free (for a limited time only) professional services engagement delivered by Involta Security Specialists and powered by Alert Logic’s industry-leading security solutions. This review provides you with a clear understanding of your current security posture and exposure to threats and grades you against the Center for Internet Security (CIS) AWS Foundations Benchmark. The AWS security review is an Amazon Web Services native security service that continuously discovers, visually maps, and assesses AWS workloads and Amazon EC2 instances for misconfigurations that don’t follow AWS security best practices. The review produces an evidence-based report that Involta delivers to summarize your AWS account(s) security posture, grades you against the CIS AWS Foundations Benchmark, and gives AWS/Involta a reference point for additional consulting.

BENEFITS OF THE SECURITY REVIEW

  • Receive quick and simple view of your AWS environment security based on the industry standard CIS Foundation Benchmarks.
  • Establish a baseline measure of your AWS configuration security and compare it with industry averages.
  • Identify any misconfigurations or gaps that could jeopardize the security of your environment.
  • Gain a deeper understanding of where your infrastructure is most vulnerable with expert advice from Involta and Alert Logic.
  • Get customized and prioritized remediation advice to improve your security posture with the help of Involta and Alert Logic.
  • Use recommendations and mitigations to ensure improved performance under the AWS Shared Responsibility Model.

WHY INVOLTA

  • Involta is an AWS Select Consulting Partner committed to helping customers build, secure, operate, and optimize their AWS cloud environment.
  • Involta and Alert Logic offer market-leading security solutions that assess security posture and merge seamlessly across any IT environment; cloud, on-premises, or hybrid.
  • Involta owns and operates 15 purpose-built data centers in six U.S. markets, providing superior infrastructure with unmatched reliability and security.
  • Involta’s Security Operations Center (SOC) goes beyond traditional security to provide advanced monitoring and security posture analysis paired with rapid incident response protocols to ensure the security of critical assets.
  • Involta helps organizations plan, manage, and execute hybrid IT strategies using a broad range of services, including colocation, cloud computing, managed IT, cybersecurity, fiber, and network connectivity.

EXAMPLE ASSESSMENT

This will be presented and explained during the 60-min consultation with Involta and Alert Logic.

CIS_Benchmarks-large

CIS BENCHMARK SECURITY REVIEW
YOUR ENVIRONMENT’S SECURITY THROUGH THE LENS OF
AN INDUSTRY RECOGNIZED BENCHMARK

The CIS Benchmark Security Review assesses your security posture and exposure to threats. Your baseline is measured against the CIS Amazon Web Services Foundations Benchmark. This testing methodology provides a consistent means of understanding and tracking your improvement.

INV_AWS_SecRev_Graphics_2

CUSTOMIZED OBSERVATIONS

Here are some of the critical items found in your review and the potential impact:

ENSURE HARDWARE MFA IS ENABLED FOR THE ‘ROOT’ ACCOUNT: This means there is no way to disable ‘root’
user. If not fixed, this could give someone the keys to the kingdom if the root account is compromised.

ENSURE CLOUDTRAIL IS ENABLED IN ALL REGIONS: CloudTrail records all the API calls into your AWS account.
Without this enabled you may not be able to see possible negative activity until it’s too late.

AWS SECURITY REVIEW - CUSTOMER FAQs

How do I sign up for an AWS Security Review?
You can sign up by reaching out to your Involta Account Executive.

What do I need to have in order to obtain an AWS Security Review report and free consultation?
You will need to have access to your AWS environment, be able to deploy an AWS CloudFormation Template (CFT) in your AWS account, acknowledge that AWS CloudFormation might create IAM Resources, and send an ARN Role to Involta, who will contact you to enable the AWS Security Review report and set up a 60-minute consultation to review the results.

What kind of results can I expect from running the AWS Security Review?
There are more than 50 CIS Benchmark points within 4 different check categories within this review, including Identity & Access, Logging, Networking, and Monitoring. The results report breaks down the CIS Benchmark check results into three buckets: Passed checks, Partially Passed checks, and Failed Checks. The summary of the report includes an overall Review Score (0 thru 100) that is an average of all the check scores. For each check, the report also provides the detailed description, including the individual check score and the overall rating of Passed, Partially Passed, and Failed for your environment. Finally, the report includes customized observations that are high priority items specific to your environment.

What is Involta role in enabling the AWS Security Review?
Involta has already been certified by AWS to have a strong security practice by completing certain Managed Service Provider (MSP) requirements with AWS. They are also best suited to explain the AWS Security Review checks and recommendations, and then guide the discussion about how those may need to be resolved.

Will Involta remove the CloudFormation template and ARN role from their environment?
After you have completed your consultation meeting and any additional review around your AWS account, Involta will confirm they have deleted your AWS environment profile. After this confirmation, you may go into the AWS Management Console to delete the CloudFormation Stack where the cross-account was created for the AWS Security Review.

What IAM policy will be implemented with the AWS Security Review? Do you have documentation?
Yes, there is documentation for the IAM Policy for the review. Please request this documentation from Involta.

How long will it take for Involta to run the AWS security review?
Once you provide the AWS IAM ARN role to Involta, the review should take about 24 hours to run. Involta will provide more information and next steps.

What happens after the AWS Security Review is run?
Once the AWS Security Review is complete, Involta will reach out to you to schedule a 60-minute consultation. During this consultation meeting, they will deliver the report to you and review the results.

More Questions? Contact us