In this section we will cover the controls and recommendations that allow us to manage security in an efficient way.
Security governance | Perform threat modeling |
Security assurance | Create your reports for compliance (such as PCI-DSS) |
Identity and access management | Privilege review (Least Privilege) Tagging strategy Customer IAM: security of your customers |
Threat detection | Integration with SIEM/SOAR Network Flows analysis (VPC Flow Logs) |
Vulnerability management | Security Champions in Development |
Infrastructure protection | Image Generation Pipeline Anti-Malware/EDR Outbound Traffic Control Use abstract services |
Data protection | Encryption in transit |
Application security | WAF with custom rules Shield Advanced: Advanced DDoS Mitigation |
Incident response | Automate critical and most frequently run Playbooks Automate deviation correction in configurations Using infrastructure as code (CloudFormation, CDK) |