• - Introduction
    • Security Challenges
    • Shared Responsibility
    • Security of the cloud
    • Security Services in AWS
    • AWS Security Frameworks
    • How to prioritize
    • Evolutive Path
  • 1. Quick Wins
    • Security Hub: Best Practices
    • Avoid using Root
    • WAF with managed rules
    • Billing Alarms
    • Macie: Data Policies
    • GuardDuty: Threat Detection
    • CloudTrail: Auditing
    • Assign security contacts
    • Limit Security Groups
    • Multi-Factor Authentication
    • AWS Trusted Advisor
    • IAM Access Analyzer
    • S3 Block Public Access
    • Select the region(s)
  • 2. Foundational
    • KMS: Data Encryption
    • Use multiple Availability Zones
    • Centralized user repository
    • Training plan
    • Data Backups
    • Define incident response playbooks
    • No hardcoded secrets
    • Regulatory requirements
    • Identify sensitive data
    • GuardDuty: Investigate findings
    • Security in Development
    • Vulnerabilities in applications
    • Infrastructure vulnerabilities
    • Manage instances w/Fleet Manager
    • Monitor configurations
    • Network segmentation (VPCs)
    • SCPs: Organization Policies
    • Multi-account management
  • 3. Efficient
    • Anti-Malware / EDR
    • Automations in security
    • Automate deviation correction
    • Security Champions
    • Golden Image Pipeline
    • Control Outgoing traffic
    • Create your reports for compliance
    • CIAM: security of your customers
    • Encryption in transit
    • IAM Roles: Least Privilege
    • Integration with SIEM/SOAR
    • Resilient Architecture Design
    • Shield Advanced: DDoS Mitigation
    • Tagging Strategy
    • Threat Modeling
    • Using abstract services
    • Infrastructure as code
    • VPC Flow Logs Analysis
    • WAF with Custom Rules
  • 4. Optimized
    • Detective: Root cause analysis
    • Amazon Fraud Detector
    • Advanced Automations
    • Red Team
    • Chaos Engineering
    • Context-Based Access Control
    • DevSecOps
    • Disaster Recovery
    • Blue Team
    • IAM Pipeline
    • Intelligence feeds
    • Service Catalog: Standardization
    • Sharing security tasks
  • -- Maturity Model
  • - Events calendar
  • - Webinars
  • - Assessment Tools
  • - Whitepapers, FAQ, others
    • Frequently Asked Questions
    • AWS Security Documentation
    • AWS Security Whitepapers
    • Free security services
  • - Contact
  • - Survey
  • Clear History

© 2022 Amazon Web Services, Inc. or its Affiliates. All rights reserved.

Home > Optimized

4.- Optimized

Security governance Forming a Chaos Engineering team (Resilience) Sharing security work and responsibility
Security assurance
Identity and access management Context-based access control IAM Policy Generation Pipeline
Threat detection Amazon Fraud Detector Integration with additional intelligence feeds
Vulnerability management
Infrastructure protection Process standardization with Service Catalog
Data protection
Application security DevSecOps Forming a Red Team (Attacker's Point of View)
Incident response Automate most playbooks Amazon Detective: Root cause analysis Forming a Blue Team (Incident Response) Multi-region disaster recovery automation