Category: Security, Identity, & Compliance

Dome9’s integration with Amazon GuardDuty brings to the table a way of surfacing security findings, providing context and creating automated remediations. Users that identify a finding can look through their Dome9 console and pinpoint the exact instance, VPC, and security group associated with it. This helps customers identify the compromised instance, as well as potential instances that may have a similar posture, thereby allowing you to mitigate the risk before exposure.

Symantec is an AWS Security Competency Partner that has integrated Amazon’s SSM Agent with their cloud-native Symantec Cloud Workload Protection (CWP) solution, which automates core security controls for AWS workloads, enabling business agility, risk reduction, and cost savings for organizations, while easing DevOps and administrative burdens. Customers can now deploy the CWP agent directly from the CWP console or just use a simple REST API call.

Cloud Insight Essentials is an Alert Logic solution available in AWS Marketplace. It is a vulnerability assessment solution allowing customers to find risky configurations that go against AWS Security Best Practices. The solution does this by analyzing AWS APIs and scanning AWS CloudTrail events looking for unsafe configurations. Cloud Insight Essentials also provides security context for the complete list of Amazon GuardDuty findings so customers can take short- and long-term actions to reduce potential security threats.

Ensuring that proper security measures are in place calls for robust security testing mechanisms. GuardiCore’s Infection Monkey is an open source Breach and Attack Simulation (BAS) tool that tests and evaluates the effectiveness of your network security configurations during post-breach attacks. You can simulate a breach by “infecting” a server with a “Monkey” that runs around your network using various methods to enter propagation paths and attacks each point of vulnerability it discovers.

Since AWS has announced that all our services comply with the General Data Protection Regulation (GDPR), we wanted to explore some of the ways AWS can help you on your road to compliance. In this post, we walk through the support AWS offers across the APN as well as the AWS Premium Support and AWS Professional Services organizations. We explain how these teams are working with customers and APN Partners in Europe and around the world to support them with questions related to GDPR and AWS.

Data security is a concern for all enterprises and HashiCorp’s Vault Enterprise helps you achieve strong data security and scalability. Vault is a trusted secrets management tool designed to enable collaboration and governance across organizations. It enables developers, operators, and security professionals to deploy applications in zero-trust environments across public and private datacenters. Through a unified API and AWS integration, Vault can be integrated into your development at any stage.

AWS Solution Space allows AWS Competency Partners to showcase customer-ready solutions based on architectures validated by AWS. These are quick, cost effective, repeatable solutions meant to create new business leading to production workloads. Customers can also request AWS support for launching each solution. At launch, we are featuring 10 customer-ready solutions: 5 for Big Data, 3 for Machine Learning, one for Security, and one for End User Computing.

Cadence Design Systems, Inc. selected Dome9 Security, an APN Advanced Technology Partner, to provide network security management and automated compliance. The Dome9 Arc platform has a deep visualization tool, Dome9 Clarity, which provides a granular view of customers’ AWS Cloud assets. Dome9’s efforts provide Cadence with many benefits, including lower costs and accelerated time-to-market for products.

With the recent launch of VMware Cloud on AWS, you can now run workloads on VMware-managed SDDC clusters installed on special bare metal hardware provided by Amazon Amazon EC2 services. This post describes a solution for securing workloads on VMware Cloud on AWS that we demonstrated at VMworld 2017. VMware workloads that run in the SDDC cluster can leverage different levels of AWS network and application protection capabilities with minimum to no changes to their application settings.

Identity is a fundamental design decision that software as a service (SaaS) architects must consider when developing a multi-tenant system. Developers who are building SaaS applications must be able to identify a user, the tenant associated with the user, the user’s permissions, and the relationship a tenant has with the provider, such as usage plan or tier. In this post for SaaS Technology Partners, I will explore how to architect a multi-tenant system and identify tenant context and role using Amazon Cognito.