aws services

AWS Security and Compliance Services

Posted on By Hiroko Nishimura

AWS’s Security and Compliance services help protect and secure your IT infrastructure on the AWS Cloud. You can learn about these core security services in conjunction with reviewing AWS Certified Cloud Practitioner Exam’s Domain 2: Security and Compliance.

AWS Artifact

AWS Artifact helps you obtain audit reports, certifications, and legal agreements related to AWS services. It is an on-demand service for security and compliance documentation to make sure your organization can meet compliance requirements.

>> Learn more about AWS Artifact.

AWS Audit Manager

AWS Audit Manager helps you… you know it… audit your AWS usage. It helps you evaluate whether your policies, procedures, and activities are operating as you intended, helping you simplify how you manage your organization’s risk and compliance against regulations and standards.

>> Learn more about AWS Audit Manager.

AWS Config

AWS Config monitors and manages your AWS infrastructure configurations by continuously monitoring and recording your AWS resource and service configurations. AWS Config helps you assess, audit, and evaluate resource configurations to make sure you’re aligned with your best practices.

>> Learn more about AWS Config.

AWS CloudTrail

AWS CloudTrail tracks user, role, and AWS services activity and API usage 24/7 and leaves an event log, providing visibility into who (or what) is doing what. You can search and download account activity and analyze and respond to events using AWS CloudTrail.

>> Learn more about AWS CloudTail.

Amazon CloudWatch

Amazon CloudWatch collects and tracks metrics of your AWS infrastructure in real time to enhance observability. It collects monitoring data (logs), metrics, and events to detect unusual activities, set alarms, and troubleshoot issues that arise. You can look at the data on its homepage, or a custom dashboard.

>> Learn more about Amazon CloudWatch.

AWS Firewall Manager

If your organization has multiple AWS accounts, but want to simplify maintaining and administrating these accounts, you may want to look into AWS Firewall Manager. AWS Firewall Manager helps you administer and perform maintenance tasks across multiple accounts and resources for variety of AWS protections like AWS WAF, AWS Shield, Amazon VPC security groups and network ACLS, AWS Network Firewall, and Amazon Route 53 Resolver DNS firewall. Just set it up once, and it’ll automatically apply the same protections across all of your accounts and resources.

>> Learn more about AWS Firewall Manager.

Amazon GuardDuty

Amazon GuardDuty utilizes machine learning, anomaly detection, and integrated threat intelligence to monitor your AWS resources for malicious activity and unauthorized behavior.

>> Learn more about Amazon GuardDuty.

AWS Identity and Access Management (IAM)

AWS Identity and Access Management, or AWS IAM, helps you specify who or what accesses which services or resources with granularity. You can utilize IAM Policies set policies that utilize the Principle of Least Privilege. IAM allows you to define who (workforce users, workloads) can access (permissions with IAM policies) what (resources).

>> Learn more about AWS IAM.

Amazon Inspector

Amazon Inspector automatically “inspects” your AWS resources for software vulnerabilities and potential network exposures, by proactively identifying potential issues that misalign with your best practices and policies. Once the assessments are completed, it sends you detailed reports so you can review them for security vulnerabilities.

>> Learn more about Amazon Inspector.

AWS Security Hub

AWS Security Hub collects security data from all of your AWS accounts and services to help you identify and prioritize security issues. AWS Security Hub will help you compare your cloud environment against industry standards and best practices to help you identify critical risks.

>> Learn more about AWS Security Hub.

AWS Shield

AWS Shield protects your applications from DDoS (Distributed Denial-of-Service) attacks, acting as a… you guessed it… shield! DDoS attacks are cybercrimes where the attacker floods your server with a huge amount of internet traffic in an attempt to make it inaccessible for legitimate users.

>> Learn more about AWS Shield.

AWS Trusted Advisor

AWS Trusted Advisor acts as AWS’s automated “auditor,” helping you look at different ways to optimize your IT infrastructure so that they align with AWS’s best practices. Once the checks are completed, it provides recommendations to better align your infrastructure to best practices.

The categories of checks offered by this services are:

  • Cost optimization
  • Performance
  • Security
  • Fault tolerance
  • Service quotas

>> Learn more about AWS Trusted Advisor.

AWS Web Application Firewall (WAF)

AWS Web Application Firewall, or AWS WAF, is, as the name suggests, a firewall service for your web applications hosted on AWS Cloud. It provides protection from malicious web exploits and your resources, which could potentially compromise security or availability of your web apps, as well as run you up a hefty bill by consuming excessive resources.

>> Learn more about AWS WAF.

Exam Prep Services

Related Posts

Services amazon lightsail

Amazon Lightsail

Posted on

What is Amazon Lightsail? Amazon Lightsail is an Amazon Web Service (AWS) service that helps you create and launch web applications or websites with just a few steps. You can get as basic or complicated with your website or project’s setup as you’d like, with “pre-packaged” applications (“images”) that launch…

Read More

Comments (2)

  1. Pingback: AWS CLF-C02 Domain 2: Security and Compliance - awsnewbies.com

  2. That’s a really useful overview. It’s good to see how these services tie into the Cloud Practitioner exam – I’m planning on studying that material soon.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *