One Article Review
| Source |  AlienVault Blog |
|---|---|
| Identifiant | 920906 |
| Date de publication | 2018-11-26 18:00:00 (vue: 2018-11-26 20:00:41) |
| Titre | AlienVault Delivers Phenomenal Cloud Security for AWS Customers |
| Texte |
Viva Las Vegas! We aliens have landed at AWS re:Invent 2018 (Booth #1506), bringing phenomenal threat detection, response, and compliance to the AWS cloud. As I gear up for a full day of live product demos, I thought I’d take a moment to highlight some of the ways in which AlienVault is delivering phenomenal security to our customers’ AWS environments and beyond.
We’re monitoring more AWS services than ever, giving you deeper security visibility of your AWS infrastructure.
In 2018, we’ve expanded the number of AWS services that USM Anywhere monitors to include Amazon GuardDuty, Amazon Macie, AWS Application Load Balancer, Amazon Redshift, AWS Lambda invocations, AWS Web Application Firewall, and Amazon API Gateway. This is in addition to the other services we monitor and alert on, including AWS CloudTrail, Amazon S3 access logs, Amazon ELB access logs, Amazon VPC flow logs, AWS Config, Amazon CloudFront, and Amazon CloudWatch. Expanding our AWS threat coverage continues to be a priority for us as more and more customers undergo digital transformations and begin to leverage cloud services and applications to run their businesses. USM Anywhere continuously and automatically monitors AWS infrastructure for threats and anomalous behaviors, assesses your AWS environment for vulnerabilities and configuration errors, and simplifies logging and reporting—all from one cloud-hosted platform.
What’s more, USM Anywhere centralizes security monitoring across AWS, multi-cloud, hybrid, and on-premises networks, including SaaS applications like Office 365 and G Suite, ensuring continuous coverage even as you migrate workloads and data from the network to the cloud and helping to eliminate security blind spots. This single-pane-of-glass approach alleviates the need to invest in multiple, siloed security monitoring tools for clouds, networks, and data centers, as John Chesser, Director of Cybersecurity Solutions at DataPath, a certified AlienVault MSSP, pointed out. “There's time, money, resources that are impacted by having to use the multitude of products out there. With USM Anywhere, I've got it all."
We’re keeping your defenses current with continuous AWS-specific threat intelligence.
As part of the continuous threat intelligence subscription built into USM Anywhere, the AlienVault Labs Security Research team maintains an AWS-specific correlation rule set. Threat actors are increasingly targeting insecure cloud accounts to access exposed data or set up cryptojacking operations. Once an attacker has gained access to your AWS account, their actions and behaviors may be unique or specific to the environment, such as programmatically spinning up new services. It’s not enough to rely on traditional threat intelligence, which focuses on network threats rather than cloud-specific attacks. That’s why the AlienVault Labs Security Research Team curates AWS-specific threat intelligence, researching and analyzing millions of security events every day using a combination of machine learning, human analysis, and the community-sourced threat data of the AlienVault Open Threat Exchange (OTX) and its 100,000+ global participants.
Here are a few examples of AWS-specific correlation rules added in 2018:
The password associated with an administrator of a Windows instance was retrieved through the AWS console, which may indicate co |
| Envoyé | Oui |
| Condensat | 1434/alienvault > alienvault aws blogs cloud customers delivers phenomenal security |
| Tags | |
| Stories | |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.