Cisco Blogs
Share

A new way to think about security in AWS


November 26, 2018 - 0 Comments

Amazon Web Services (AWS) provides numerous benefits to customers, allowing companies to be more responsive, available, and cost-efficient. It also provides a number of security capabilities, including strong identity and access management, granular activity logs, and strong policy enforcement.

However, that doesn’t mean you shouldn’t worry about security in your AWS environment. Simple speaking, AWS provides enough flexibility for you to shoot yourself in the foot if you aren’t careful. Gartner estimates that through 2022, at least 95 percent of cloud security failures will be the customer’s fault. Of course, AWS invented the now-famous shared responsibility model to educate customers on these risks and their role in protecting their workloads.

How can you ensure you are doing your part to protect your AWS workloads? Adequate visibility, rapid (and effective) threat detection, and an easy-to-manage cloud security stack is a good place to start. Cisco Stealthwatch Cloud can provide these benefits and more in an easy-to-try, easy-to-buy fashion.

For more detailed information on protecting your AWS workloads, please attend the webinar New Tools For Protecting Cloud Services From Emerging Threats on Wednesday, December 5, at 1 p.m. ET, 10 a.m. PT. You will learn how JetBrains increased transparency and reduced threat exposure by deploying Stealthwatch Cloud on AWS. Along with increased infrastructure protection, JetBrains is now able to rapidly identify potential security threats that were not recognized before deployment.

Here are a few benefits of using Stealthwatch Cloud for AWS workload security:

High fidelity threat alerts

One of the key security challenges organizations face is alert fatigue. According to the Cisco 2018 Annual Cybersecurity Report, only 56 percent of security alerts are investigated. And among investigated alerts, only 34 percent are legitimate security incidents, and out of those, only half are successfully remediated.

Stealthwatch Cloud was created with a laser-focus on delivering only valuable alerts. Whenever a customer closes an alert, we ask them “was this alert helpful?” To date, 95 percent of Stealthwatch Cloud alerts are rated as “helpful.” In other words, when Stealthwatch Cloud asks for your attention on something that it has found, the chances are excellent that you’ll be glad you responded.

Cloud-native, agentless security

Cloud environments are automated and dynamic, which one of the key reasons people adopt them in the first place. Agent-based security solutions are difficult to manage, use compute resources, and do not easily address ephemeral resources. All of this can undercut the benefits of using cloud resources.

Stealthwatch Cloud was purpose-built for cloud infrastructure. It consumes native log items from AWS, such as VPC Flow Logs, which allow it to be deployed via API without an agent. This means it is able to monitor the entire AWS environment, including VPC-to-VPC traffic and serverless functions, without the need for software agents.

Minimal configuration needs

Security tools that require heavy management and manual classification can consume man-hours better spent on more proactive activities. Stealthwatch Cloud uses entity modeling to determine what normal activity looks like in your AWS environment, so that it can better detect malicious deviations. This means Stealthwatch Cloud automatically identifies the role and behavior patterns of every network entity based on how they behave, which gives you valuable insight into what is active in you AWS environments – including ephemeral resources like Lambda functions – and how it behaves. And it does so with zero manual classification.

Interested? Try today!

If you are interested in Cisco Stealthwatch Cloud, sign up for a free 60-day trial on the AWS marketplace.

To learn more about Stealthwatch Cloud for AWS, please attend the webinar New Tools For Protecting Cloud Services From Emerging Threats on Wednesday, December 5, at 1 p.m. ET, 10 a.m. PT. You will learn how JetBrains increased transparency and reduced threat exposure by deploying Stealthwatch Cloud on AWS. Along with increased infrastructure protection, JetBrains is now able to rapidly identify potential security threats that were not recognized before deployment.

 



Leave a comment

We'd love to hear from you! Your comment(s) will appear instantly on the live site. Spam, promotional and derogatory comments will be removed and HTML formatting will not appear.