We’ve got some pretty big news. Alert Logic Cloud Insight Essentials was recently certified by the Center for Internet Security (CIS) for the Amazon Web Services (AWS) Foundations Benchmark. Alert Logic joins the ranks of select AWS vendors that have achieved this milestone.
CIS is a globally recognized security organization created to identify, develop, validate, promote and sustain cybersecurity best practices. It plays an important role as a vendor-agnostic third-party, providing unbiased assessment and validation that companies can rely on when choosing products and services. The CIS AWS Foundations Benchmark is a set of guidelines that helps customers secure their AWS cloud environment with step-by-step guidance for implementation and assessment.
Cloud Insight Essentials
Alert Logic introduced Cloud Insight Essentials late last year to augment GuardDuty—rolled out by Amazon at its re:Invent conference. Amazon GuardDuty monitors cloud workloads on AWS for security issues. Findings from Amazon GuardDuty may indicate active reconnaissance or possibly malicious post-compromise events.
The challenge for organizations—even with Amazon GuardDuty—is context. Determining which findings pose the greatest or most urgent risk, and effective prioritization of remediation efforts to address those findings, requires some deeper intelligence about the findings. That’s where Cloud Insight Essentials comes in.
Cloud Insight Essentials gives you deeper insight into what the GuardDuty findings mean. At the same time, CIE also identifies common configuration errors—like ports open to the public, or overly permissive identity and access management policies—and it gives you a broader, more holistic view of your environment beyond AWS. Contextual awareness and deeper insight from CIE equips you with the intelligence you need to effectively and efficiently improve your AWS security.
New Features for the CIS AWS Foundations Benchmark
CIE is a valuable tool for monitoring and securing cloud workloads in AWS. With the CIS certification, Alert Logic has also introduced a number of new features for Cloud Insight Essentials, which enables customers to perform AWS vulnerability assessment against the CIS AWS Foundations Benchmark, including:
- New configuration checks that support both Level 1 and Level 2 of the CIS AWS Foundations Benchmark
- Step-by-step remediation guidance for the AWS Management Console and AWS command line interface (CLI) to resolve configuration settings that do not meet the foundations benchmark
- New CIS Benchmarks report that shows you every Amazon Resource Name (ARN) and whether they are compliant or not for each new configuration check
- New Remediation filters that allow you to easily search for remediations that only apply to the CIS AWS Foundations Benchmark
- Updated IAM policy with the appropriate rights to assess your account against the new configuration checks
To see how well your AWS environment stacks up against the CIS AWS Foundations Benchmark, you can try CIE completely free for the first 30 days through the AWS Marketplace. If you’re already using CIE, simply update your IAM policy by following the steps outlined in Update Your IAM Policy for Cloud Insight or Cloud Insight Essentials.