Security & Compliance for AWS

RedLock is proud to be a launch partner for Amazon GuardDuty and enable deeper visibility into AWS security and compliance risks

AWS Advanced Technology Partner - Security Competency

With RedLock, organizations can ensure compliance, govern security, and enable security operations across AWS environments.

RedLock - AWS Security Guard Duty compliance assurance

Monitor, auto-remediate, and report on compliance using out-of-the-box policies for standards such as CIS, PCI, and HIPAA.

RedLock - AWS Security Guard Duty security governance

Enable DevSecOps by establishing policy guardrails to rapidly detect and remediate risks across resource configurations, network architecture, and user activities.

RedLock - AWS Security Guard Duty SOC Enablement

Prioritize vulnerabilities, detect threats, investigate current or past incidents, and auto-remediate issues across your entire cloud computing environment.

Security & Compliance is a Shared Responsibility

Cloud Security Shared Responsibility Model

The security of public cloud infrastructure is a shared responsibility between AWS and the organization. AWS is responsible for protecting the physical infrastructure such as hubs, switches, and routers. Organizations are responsible for monitoring resource configurations, user activities, network traffic, and host vulnerabilities. However, the dynamic nature of the cloud makes this pretty challenging.

Resource Configurations

While the cloud enables agility by allowing users to create, modify, and destroy resources on-demand, this often occurs without any security oversight. RedLock provides hundreds of out-of-the-box policies for common security and compliance standards such as CIS, PCI, and HIPAA to monitor AWS environments. You can rest assured that any misconfigurations of AWS resources such as Amazon S3, EC2, security groups, and IAM roles will be immediately detected and remediated.

RedLock - AWS Security Guard Duty resource configuration

User Activities

In cloud environments, multiple users have privileged access which enables productivity but creates greater risk of exposure. It is imperative to monitor users across your entire AWS environment for anomalous activities. Unfortunately, the distributed nature of the cloud consisting of multiple accounts and regions makes this difficult. RedLock consumes AWS CloudTrail data and Amazon GuardDuty findings from across your entire AWS environment, enabling you to detect account compromises and insider threats.

RedLock - AWS Security Guard Duty user activities

Network Traffic

The absence of a physical network boundary to the internet increases the attack surface in the cloud by orders of magnitude. Monitoring network traffic is necessary for detecting suspicious activity. However, traditional tools create security blind spots since they cannot be deployed for monitoring traffic to API-driven services. RedLock ingests Amazon VPC flow logs and Amazon GuardDuty findings to surface, investigate, and respond to threats in your AWS environment.

RedLock - AWS Security Guard Duty network traffic

Host Vulnerabilities

As is the case in on-premise environments, unpatched hosts in cloud computing environments are also vulnerable to attack. Relying on standalone vulnerability management investments is ineffective. These tools perform periodic scans of an environment to identify hosts with missing patches based on IP address. However, cloud environments are constantly changing and IP addresses are elastic, which makes the results unreliable. RedLock integrates with external vulnerability services such as AWS Inspector to continuously scan your environment for unpatched hosts, especially those exposed to the internet.

RedLock - AWS Security Guard Duty host vulnerabilities

Get Started Today

Learn more about the RedLock platform or contact us for a free risk assessment of your public cloud infrastructure.

Learn More Get a Free Assessment