In this section we will cover functionalities or configurations that are simple to carry out or enable, and that add a lot of value to strengthen security. The “Quick Wins” or “Low hanging fruits”. All of these recommendations can be implemented in less than a week or two in most organizations and will achieve many improvements in your security posture.
| Security governance | Assign Security contacts Select the region(s) to use and block the rest |
| Security assurance | Evaluate Cloud Security Posture (CSPM) |
| Identity and access management | Multi-Factor Authentication Root Account Protection Identity Federation Cleanup unintended accesses |
| Threat detection | Detect Common Threats Audit API calls Billing alarms |
| Vulnerability management | |
| Infrastructure protection | Cleanup risky open ports |
| Data protection | Block Public Access Analyze data security posture |
| Application security | WAF with managed rules |
| Incident response | Act on Critical Security Findings |
| Resiliency | Evaluate Resilience |