In this section we will cover the controls and recommendations that allow us to manage security in an efficient way.
| Security governance | Design your secure architecture Use infrastructure as code Tagging strategy |
| Security assurance | Create your compliance reports |
| Identity and access management | Least Privilege Review Customer IAM: security of your customers |
| Threat detection | Custom Threat Detection capabilities (SecLake / SIEM) |
| Vulnerability management | Security Champions Program DevSecOps: Security in the Pipeline |
| Infrastructure protection | Image Generation Pipeline Anti-Malware / EDR / Runtime Protection Outbound Traffic Control |
| Data protection | Encryption in transit |
| Application security | Perform threat modeling WAF with custom rules Advanced DDoS Mitigation (L7) |
| Incident response | Run TableTop Exercises - Simulations Automate Critical Playbooks Security Investigations - Root cause analysis |
| Resiliency | Disaster Recovery Plan |