Copyright ©2020-2021 Cloud Security Labs. All rights reserved.
AWS Security Quickstart is a service designed to remediate high and critical flaws in AWS accounts, reducing the attack surface and risk exposure. Remediation is sometimes a prerequisite before the integration of DevSecOps work is performed.
All changes are made according to the AWS Well Architected Framework and Current AWS Security Best Practices.
Note: Any intrusive security that requires the re-creation of an instance or direct modification of production systems is not in scope by default. Cloud Security Labs will make every effort to communicate detailed instructions for work that requires Cardless engineering support.
We will help you set up your AWS account based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
One of the most important aspects of any work performed is documentation. Cloud Security Labs will document all work completed so that your engineers and management will have a transparent understanding of the new infrastructure. We will also do live training sessions to bring Engineers and Managers up to speed.
We will configure and enable AWS native security services as necessary as a prerequisite to alerting and investigating issues in AWS. All services are enabled at the Organization level where supported to assure consistent configuration across all existing and new AWS accounts. SIEM setup, configuration, and operation are not included.
Identity is the new perimeter. This service will identify excessive IAM permissions in your account and work with you to create and transition to a role-based access (RBAC) model of authentication for your users.
We will review your AWS data assets and provide recommendations on data protection measures to improve resiliency and data protection from accidental or malicious deletion/modification or unauthorized data access. Cloud Security Labs will implement controls where little to no impact to production systems is expected, such as enabling S3 Versioning, MFA Delete, or block public access. Services that can only be created upon creation and not after an instance is created would require Client intervention to enable and are not in scope. Disaster Recovery and Business Continuity are also not included.
One of the most important aspects of any work performed is documentation. Cloud Security Labs will document all work completed so that your engineers and management will have a transparent understanding of the new infrastructure. We will also do live training sessions to bring Engineers and Managers up to speed.
Included with all Cloud Security Labs engagements is a security assessment of up to 5 AWS Accounts. Our assessment uses manual and automated tooling to review and inventory your AWS accounts.
Delivery of projects is dependent on resources dedicated to the delivery of projects. Cloud Security Labs will coordinate with your company on scheduling and prioritization and integrate into the existing Sprint Workflow.
Sample roles include administrator, DevOps, power user, and read-only or security roles.
We will enable MFA (password vault setup required), disable root keys, rotate passwords, and change emails (as needed).
AWS security is an expedited implementation and is expected to be completed in 2-3 weeks, but may extend longer.
We will be able to provide this service for one of your AWS accounts.