Extend Amazon GuardDuty with Alert Logic Cloud Insight Essentials

Effective brakes are crucial for the safe operation of any vehicle. I recently purchased a new Honda Pilot, though, and it comes with Collision Mitigation Braking System (CMBS)—a system that senses the vehicle in front of you and detects if a collision is imminent. Brakes are good. CMBS brakes that can go above and beyond to proactively avoid an accident are even better. Likewise, Amazon Web Services (AWS) security solutions are good, but AWS tools alone won’t get the job done.

When Amazon Web Services introduced Amazon GuardDuty last year, Alert Logic saw an opportunity to expand on notifications from GuardDuty and improve AWS security to provide critical context with Cloud Insight Essentials.

Cloud Insight Essentials provides context and guidance

Cloud Insight Essentials is a vulnerability assessment solution that allows customers to continuously find risky configurations that go against AWS Security Best Practices. It works by analyzing AWS APIs and scanning CloudTrail events, looking for unsafe configurations like Amazon Simple Storage Service (Amazon S3) buckets with global access, users not using Multi-Factor Authentication (MFA), or use of the root account. Cloud Insight Essentials also provides crucial, easy to understand security context for Amazon GuardDuty findings and guidance for how to address or resolve them.

Amazon GuardDuty might identify a malicious activity like a Secure Shell (SSH) brute force attack, and alert you. But, how did this attack happen? The Cloud Insight Essentials Investigation Report shows the topology of the attack, and includes details like the connected Security Group, Amazon Machine Image (AMI), subnet, VPC, and region so you’re armed with information about what caused the attack.

OK. So, now you have a better understanding of what the issue is and how it happened. Now, what should you do about it? Cloud Insight Essentials also provides a Recommended Course of Action. Alert Logic gives you both Short-Term and Structural Actions you can take through the AWS Management Console to make the changes necessary to ensure this finding doesn’t occur again.

Get started with Cloud Insight Essentials

You can get started with Cloud Insight Essentials with a 30-day free trial. Then, you pay only $49 per account per month. There are no contracts or long-term commitments and you can cancel at any time. You can also upgrade from Cloud Insight Essentials to Cloud Insight to add vulnerability scanning checks for 91,000+ Common Vulnerabilities and Exposures (CVEs) and 8,600+ software configuration issues.

About the Author

Tony Bradley - Senior Manager of Content Marketing for Alert Logic

Tony Bradley

Tony Bradley is Senior Manager of Content Marketing for Alert Logic. Tony worked in the trenches as a network administrator and security consultant before shifting to the marketing and writing side of things. He is an 11-time Microsoft MVP in security and cloud and has been a CISSP-ISSAP since 2002. Tony has authored or co-authored a dozen books on IT and IT security topics, and is a prolific contributor to online media sites such as Forbes and DevOps.com. He has established a reputation for effective content marketing, and building and engaging a community and social media audience.

Connect | Email Me | More Posts by Tony Bradley