Some Important AWS Security Tools

1
Some Important AWS Security Tools
www.infosectrain.com sales_at_infosectrain.com
2
To different people, security can mean different
things. For some, its dressing appropriately for
a wedding which could make them feel safe for the
evening, while others can define it as having a
healthy bank account that will ensure financial
security throughout their lives. In terms of
Information Security, it can be explained as
protecting your data and network from nefarious
elements of the cyber world.
www.infosectrain.com sales_at_infosectrain.com
3

• The realm of the Cloud is full of vulnerabilities
  and risks. They face security challenges like
• Data Privacy
• Integrity, Non-Authentication, and
  Non-Repudiation
• Online attacks like a man-in-the-middle attack,
  Phishing, SQL injection, DDoS, Phlashing, etc.

It appears that security is as essential to any
organization as it is to any individual. It is
one of the most well-known encounters in the IT
industry, thanks to ongoing cyber warfare. Weve
come far from the days when security was an
afterthought in the business world. In the
current situation, security is the guiding force
behind the entire operation.
www.infosectrain.com sales_at_infosectrain.com
4
AWS Security AWS is one of the worlds leading
cloud computing platforms dominating the largest
share in the Cloud market. It is significantly
growing, and as it gains a vital stake, the need
to protect it from breaches and vulnerabilities
grows in perfect agreement. AWS offers a stable
Cloud Platform because it focuses on all aspects
of security. Monitoring the networks and
detecting threats, whether in the Cloud or
on-premises, is crucial and vital. Youll need to
install additional software and security
hardware, including appliances and sensors, to
identify threats and secure your infrastructure
and workloads. Then, you must configure them
across all of your accounts. Then, theres the
matter of monitoring and protecting those
accounts, which requires the collection and
analysis of tremendous amounts of data. After
that, you must accurately identify threats,
prioritize warnings, and respond to them. You
have to do all of this at scale while ensuring
that you dont interrupt your company or limit
your cloud versatility. Previously, all of this
demanded a great deal of knowledge, much more
time, and a large sum of money upfront. Now, you
need a simpler, smarter, and more cost-effective
method of safeguarding your AWS accounts and
workloads. We have introduced the five most
important AWS security tools.
www.infosectrain.com sales_at_infosectrain.com
5
AWS Security Tools
1. AWS WAF ShodanThe primary function of an AWS
WAF, which stands for Web Application Firewall,
is to track HTTP and HTTPS requests forwarded to
Amazon CloudFront, Application Load Balancer
(ALB), or Amazon API Gateway. It also allows you
to control access to your content by making use
of the IP address from which the request
originated. It will also authorize or disallow
any web request based on your preferences and
regulations. If the request is allowed, it
provides access and responds with the requested
content otherwise it responds with a 403 status
code i.e. Forbidden access. AWS WAF needs three
items to function Access Control Lists (ACLs),
Rules, and Rule Groups. AWS WAF manages Web ACL
capacity units (WCIJ) for Rules, Rule Groups, and
Web ACLs. Since AWS WAF will only allow or block
web requests, WAF is the right option for you if
you want to block web requests. It deals with
rules and conditions for web requests. Secondly,
WAF has the ability to count the number of
requests that fit the properties you specify. As
a result, you can use AWS WAF to enable or block
requests based on new properties on the web
request. WAF can help you count requests based
on those properties, and once youre sure, you
can allow or block them. This prevents access to
the website from being accidentally blocked.
www.infosectrain.com sales_at_infosectrain.com
6
2. AWS Shield ShodanAWS Shield is a managed DDoS
(Distributed Denial of Service) security service
for Amazon Web Services applications. A
Distributed Denial-of-Service (DDOS) attack is a
malicious effort to interrupt regular traffic by
flooding a website with a large volume of fake
traffic. AWS Shield is available into two
categories Standard and Advanced. Since AWS
Shield-standard is automatically available on all
AWS services, you can use it at no extra cost.
The AWS Shield standard protects your website or
applications from the most popular DDoS attacks
and gives you access to tools and best practices
for building a DDoS-resistant architecture. The
annual expense of the AWS Shield Advanced is
3000 USD. It can be used to provide additional
security against larger and more advanced
threats, as well as insight into attacks and
access to DDoS experts 24 hours a day, seven days
a week for complex situations. Only Amazon Route
53, Amazon CloudFront, Elastic Load Balancing,
AWS Global Accelerator, and Elastic IP (Amazon
Elastic Compute Cloud and Network Load Balancer)
are supported. AWS Shield Standard is definitely
the best option if you have technical experience
and want complete control over monitoring and
mitigating layer 7 attacks. However, if your
company or industry is prone to DDoS attacks, or
if you choose to delegate the majority of DDoS
security and mitigation to AWS for layer 3, layer
4, and layer 7 attacks, AWS Shield Advanced might
be a better choice.




www.infosectrain.com sales_at_infosectrain.com
7

• 3. AWS Inspector ShodanAWS Inspector is a
  professionally controlled and automated security
  evaluation service that helps AWS customers
  improve the security and compliance of their
  applications. Its used to scan the servers for
  common vulnerabilities against the CVE database
  or a security baseline you may have in your
  account. It gives you an alternative of selecting
  a rules package and applying it to your
  instances. AWS Inspector is a service that
  provides security assessment using tags and
  agents.
• On the basis of various parameters such as OS,
  environment, and so on, instances or resources
  can be categorized as tags. The following are
  some of the most common rule packages
• CIS Benchmarks
• CVE
• Runtime Behaviour Analysis
• Best Practices
• Aside from these, you can build custom packages
  to meet your specific needs. You can also mix and
  match the various packages available. The next
  thing you need to do after you have chosen the
  package and identified the resources is to set a
  schedule for scanning. You can make it once a
  day, three times a day, or on a specific date.
  The AWS Inspector creates reports based on the
  results and displays them in a small dashboard so
  that it is more convenient for you to take an
  action or present it further. It gives you a
  report on how safe your application is. As a
  result, AWS Inspector enables you to ensure the
  security of your account and keep it in good
  working order.

www.infosectrain.com sales_at_infosectrain.com
8
4. Amazon GuardDuty ShodanAmazon GuardDuty is a
cloud-scale threat monitoring tool that is
intelligent and controlled. It allows you to keep
track and secure your AWS accounts and workloads
at all times. GuardDuty protects your accounts
and workloads using Machine Learning, Anomaly
Detection, and Integrated Threat Intelligence
from various AWS data sources in only a few
clicks. It provides actionable detection so you
can respond faster by sending you comprehensive
notifications that help you prioritize and
remediate threats. Its easy to set up and use,
with no software to install or maintain and no
chance of your account being harmed. Amazon
GuardDuty is built for the cloud and scales to
fit your needs, no matter how big or small you
are. It also has multi-account support, so you
can handle all of your AWS accounts from a
centralized security account. Amazon GuardDuty
follows a pay-as-you-go pricing model and there
are no extra license fees or up-front expenses.
AWS CloudWatch Events are supported by GuardDuty,
allowing you to send updates to your existing
event management or workflow framework. With
Amazon GuardDuty, constantly monitoring and
protecting your AWS resources and accounts has
never been simpler, smarter, or more
cost-effective.




www.infosectrain.com sales_at_infosectrain.com
9
5. AWS Key Management Service (KMS) ShodanAWS
Key Management Service (KMS) is a completely
managed service that allows you to control
cryptographic keys using the AWS Console, AWS
SDK, or CLI. It serves as a single point of
control for creating and managing keys, as well
as controlling the use of encryption in a variety
of AWS services and applications. Outside of the
AWS region in which they were created, KMS keys
are never published. AWS KMS and AWS CloudTrail
work together to provide audited access. Cloud
Trail logs of all major uses are accessible for
regulatory and compliance purposes. AWS KMS is a
safe and dependable service that makes use of
hardware security modules. KMS is an
AWS-mana ged service that makes it simple to
generate and manage encryption keys. It uses
symmetric encryption, which ensures that the
encryption and decryption keys are the same. KMS
is the best choice for you if you want an extra
layer of protection when your data is at rest.
Almost all AWS offerings are integrated with
Amazon KMS.




www.infosectrain.com sales_at_infosectrain.com
10
AWS Security Speciality with InfosecTrain Any
companys security is unquestionably a top
priority. The AWS Certified Security Specialty
Training (SCS-C01)  from InfosecTrain is a good
choice if you want to obtain technical expertise
and an in-depth understanding of Cloud security.
With our well-read and highly qualified coaches,
we are one of the leading training providers.
This training course will teach you the
fundamentals of AWS Cloud Security and provide
you with a thorough understanding of the
platform. This credential will be worth every
penny and minute you put into it.




www.infosectrain.com sales_at_infosectrain.com
11
About InfosecTrain

• Established in 2016, we are one of the finest
  Security and Technology Training and Consulting
  company
• Wide range of professional training programs,
  certifications consulting services in the IT
  and Cyber Security domain
• High-quality technical services, certifications
  or customized training programs curated with
  professionals of over 15 years of combined
  experience in the domain

www.infosectrain.com sales_at_infosectrain.com
12
Our Endorsements
www.infosectrain.com sales_at_infosectrain.com
13
Why InfosecTrain
Global Learning Partners
Access to the recorded sessions
Certified and Experienced Instructors
Flexible modes of Training
Tailor Made Training
Post training completion
www.infosectrain.com sales_at_infosectrain.com
14
Our Trusted Clients
www.infosectrain.com sales_at_infosectrain.com
15
(No Transcript)
16
Contact us
Get your workforce reskilled by our certified and
experienced instructors!
IND 1800-843-7890 (Toll Free) / US 1
657-221-1127 / UK 44 7451 208413
sales_at_infosectrain.com
www.infosectrain.com