In this section we will cover the controls and recommendations that allow us to manage security in an efficient way.
| Security governance | Perform threat modeling |
| Security assurance | Create your reports for compliance (such as PCI-DSS) |
| Identity and access management | Privilege review (Least Privilege) Tagging strategy Customer IAM: security of your customers |
| Threat detection | Integration with SIEM/SOAR Network Flows analysis (VPC Flow Logs) |
| Vulnerability management | Security Champions in Development |
| Infrastructure protection | Image Generation Pipeline Anti-Malware/EDR Outbound Traffic Control Use abstract services |
| Data protection | Encryption in transit |
| Application security | WAF with custom rules Shield Advanced: Advanced DDoS Mitigation |
| Incident response | Automate critical and most frequently run Playbooks Automate deviation correction in configurations Using infrastructure as code (CloudFormation, CDK) |