Implementing all the critical cloud security controls, including AWS security best practices & audits, according to your organization’s needs is pivotal. These controls act as a cornerstone in bolstering your AWS security posture and thus help tackle the threat landscape better for your cloud infrastructure.
Various research sources cite that verifying security policies, getting complete visibility into infrastructure security, and attaining compliance were the top AWS cloud security challenges or pet peeves among CISOs and their teams. Because each and every company has unique needs and use cases; and addressing each use case requires time and effort.
To address such “unique” challenges, further ensuring comprehensive AWS cloud security, and continuing our journey towards[mk_tooltip text=”NoOps” tooltip_text=”NoOps is a logical progression of DevOps with the philosophy of: Humans should solve new problems and the Machines should solve known problems!” href=”https://www.botmetric.com/blog/noops-through-eyes-devops-engineer/”], Botmetric built this extensible capability, Custom Audits, in its Security & Compliance.
[mk_title_box color=”#FFFFFF” highlight_color=”#008080″ highlight_opacity=”0.5″ size=”18″ line_height=”34″ font_weight=”inherit” margin_top=”0″ margin_bottom=”18″ margin_left=”10″ font_family=”none” align=”center”] Try Botmetric Custom Audits Now[/mk_title_box]
The Game Plan: Build & Automate AWS Security Audits like the Way You/Your Team Wants
With Botmetric’s new Custom Audit, you can define your own AWS Cloud security best practices checks as required by your organization.
Botmetric currently offers 200+ best practices that are aligned to current cloud security best practices. It has covered most of the use cases towards security, like root account access key, MFA not enabled for users, IP open to the world, etc. The team, however, realized the need for checks based on a company’s use-cases.
With Botmetric’s new Custom Audit, you can now audit your infrastructure and enforce certain rules within your team, as per your requirements. Ultimately, you’ll have to worry less about the AWS security best practices and also fine tune your infra for Disaster Recovery (DR) and performance.
You can build and configure custom audits using Python script and define its logic the way you want. Once you configure your custom audits, Botmetric will take the responsibility of running those checks everyday and ensures AWS best practices are being followed throughout the company.
Key Takeaways of Botmetric Security & Compliance’s Custom Audits:
- Enforce several custom rules or audits within your team
- Put the custom rules or audits on auto-pilot. No need to build and run scripts every time through cron/CLI
- Focus on solving the core application logic rather than scripting mundane tasks
- View data of each audit result as well as the last execution time of the audit
- Filter results based on the region and severity for each audit. Tag the severity level from low to high
- Download results of custom audits as reports with filters applied to circulate it among the teams internally
- Get a complete view of AWS health check, taking the custom audits into account along with the built-in audits, thereby further increasing the security, DR, and performance of your infrastructure
You can create Custom Audits through the Configure section available in the Botmetric Security & Compliance’ Audit Report console. Once up and running, Botmetric will throw the list of custom audits along with the details of each custom audit for easier view.
The Case in Point #1: Inactive IAM Users Login Check
Suppose, you want to have a regular check on all the inactive IAM users who did not login for 30 days. Generally, a DevOps engineer or a security engineer will write a script in cron/CLI every time to lookup the list or do it manually. For an engineer like me, this is a mundane task. Any day, I would like to automate it.
Imagine, you configure and build a custom python code once that can lookup your infrastructure every day for active/inactive IAM users, and throws the list in front of you with just one click. Awesome, right?
This is what Botmetric Custom Audit does.
Using this custom audit, Botmetric scans the infrastructure every day and shows the list of inactive users who have not logged in for more than 30 days.
The Case in Point #2: EC2 Instances Without Roles Attached
As a best practice, all instances must be accessible only with roles. As a general practice, a DevOps engineer or a security engineer will write a script in cron/CLI every time to lookup the list or do it manually. By writing a custom python code once and configuring it on Botmetric as shown in the use case above, you can put this audit on auto-pilot. Botmetric will scan your AWS infrastructure every day to lookup for all those EC2 instances that are not attached to roles. Thus, you save time and effort on doing his mundane AWS security checks.
The Bottom Line: Automate AWS Security Best Practices Checks
AWS offers a list of AWS Best Practices. However, various regular AWS security and compliance checks that take into account of your company’s needs is critical to meet that complete security posture. With Custom Audits, you can create your own custom best practice checks that align to your organizational standards/industry standards such as HIPAA, SOC, PCI-DSS and much more.
Currently, this new feature is in Beta version. If you are a current Botmetric user, then Team Botmetric invites you to run your desired checks for routine rule-checks through Botmetric and share your feedback.
Want to explore this feature, then take up a 14 day trial . If you have any questions on AWS security or AWS security best practices, just drop in a line below in the comment section or Tweet to us at @BotmetricHQ.
Latest posts by Rajeev Kumar (see all)
- AWS Per Second Billing for EC2 and EBS Explained - September 20, 2017
- Five ways to reduce EBS costs from AWS Monthly Bills - September 7, 2017
- 5 steps to good Microsoft Azure Cloud Governance - August 14, 2017