Category: Security, Identity, & Compliance

Industrial IoT adoption is increasing the connectivity of operational technology to IT systems, necessitating better visibility into assets. Claroty Edge on AWS Snowcone enables asset discovery to build an accurate inventory and identify vulnerabilities. Combined with Claroty xDome, this provides comprehensive IT/OT asset management and vulnerability insights. xDome integrates with AWS Security Hub to simplify deploying asset visibility and enable organizations to defend and secure their connected environments.

Complying with FedRAMP poses challenges for DevOps teams, including slower deployment speeds, process overhead, and complex AWS GovCloud requirements. To optimize velocity while maintaining compliance, organizations can shift security controls left, automate workflows, and architect secure in-boundary pipelines. With the proper frameworks, teams can increase deployment frequency and reduce change failure rates in FedRAMP environments.

AWS SaaS Factory and Skyflow break down what data residency is and why it’s often a barrier for businesses to scale globally. Explore how Skyflow Data Privacy Vault works and how it helps businesses overcome this barrier. To illustrate the practical application of this approach, we’ll highlight a customer story and real-world example of a company that successfully addressed its data residency needs with a scalable SaaS solution based on Skyflow Data Privacy Vault.

Crayon’s customizable landing zone accelerator automates setup of a secure, scalable AWS environment aligned to best practices. It establishes foundational accounts, applies baseline security controls, and integrates AWS services across the organization to drive cloud adoption for companies migrating to AWS while also improving governance for existing customers. Crayon guides customers through the landing zone build and subsequent workload migration, providing automation kits to speed deployments.

As cyber threats grow more sophisticated, real-time threat detection is critical for robust cloud security. AWS Partner Cloudanix leverages cloud infrastructure logs and machine learning to provide holistic, agentless monitoring across AWS environments. By analyzing activities and APIs in real-time, Cloudanix identifies threats and anomalies, alerts security teams, and recommends remediation steps. This enables rapid incident response, proactive security measures, and comprehensive visibility.

AWS PrivateLink allows customers to securely connect cloud and on-premises data sources to Alation’s data catalog without exposing traffic to the public internet. This integration provides private connectivity between the customer’s VPC and Alation Cloud Service and simplifies network architecture. Using PrivateLink with Alation enables organizations to build a catalog of metadata from selected data assets while maintaining compliance with security and regulatory requirements.

Kubernetes security is often approached in a fragmented way, separating build time, runtime, and infrastructure security. An interconnected security approach is essential, acknowledging relationships between build, runtime, and infrastructure. Cloudanix enables this through end-to-end integration, from build time image scanning to runtime threat monitoring, strengthening security posture by reducing attack surface, enhancing compliance, and empowering swift response.

As enterprises migrate to the cloud, advanced cybersecurity solutions are essential to prevent sophisticated attacks. Trellix’s virtual intrusion prevention system (vIPS) integrates with AWS Gateway Load Balancer to provide real-time threat detection and prevention. Utilizing techniques like behavioral analysis and signatureless detection, Trellix vIPS helps secure VPCs against evolving threats. As an AWS Specialization Partner, Trellix enables resilience against cyberattacks for customers’ cloud environments.

Governance, risk, and compliance (GRC) programs often require extensive custom controls that address a range of compliance standards and internal governance objectives. AWS Audit Manager helps to continuously audit cloud usage to simplify risk assessment and compliance with regulation and industry standards. Learn how MetricStream has collaborated with AWS to facilitate the controls and evidence collection hand-off between AWS Audit Manager and MetricStream CyberGRC.

The Amazon Athena web-based query editor enables data consumers to author and run SQL queries on data sources that are registered with the AWS Glue Data Catalog and other data sources such as Amazon S3. This post describes the setup to provide federated access with OneLogin as the identity provider to securely access, author, and run queries in the Athena web-based editor via the AWS console, without the need for users to install a JDBC driver or run a SQL client on their machines.