1.- Quick Wins

In this section we will cover functionalities or configurations that are simple to carry out or enable, and that add a lot of value to strengthen security. The “Quick Wins” or “Low hanging fruits”. All of these recommendations can be implemented in less than a week and will achieve many improvements in your security posture.

Security governance Assign Security contacts Select the region(s)
Security assurance Automate alignment with best practices using AWS Security Hub
Identity and access management Multi-Factor Authentication Avoid using Root and audit it Access and role analysis with IAM Access Analyzer
Threat detection Threat Detection with Amazon GuardDuty Audit API calls with AWS CloudTrail Remediate security findings found by AWS Trusted Advisor Billing alarms for anomaly detection
Vulnerability management
Infrastructure protection Limit access using Security Groups
Data protection Amazon S3 Block Public Access Analyze data security posture with Amazon Macie
Application security AWS WAF with managed rules
Incident response Act on Amazon GuardDuty findings