The new capabilities supply analytics for configuration, CloudTrail activity and VPC Flow Logs, which enable security teams to measure their posture and observe cloud provider activity alongside their cloud workload and endpoint activity all in one platform. The AWS analytics give security and compliance teams an end-to-end view of cloud accounts, services, and workloads.
Security operations can now easily audit and spot misconfigurations and vulnerabilities, understand identity and configuration governance, meet compliance reporting requirements, and detect and investigate potential threats in their AWS cloud environments.
“Organizations continue to ramp up their cloud workloads and use of AWS services, where getting visibility into resources and assets across all their accounts is a high priority,” said Ganesh Pai, CEO, Uptycs.
“Security teams also need to implement controls representing best practices to reduce the risk of data leakage, resource hijacking and account takeover. Bottom line is that what you can’t see, you can’t secure.
“With the Uptycs Security Analytics Platform, now in one place, security teams can get answers to questions about their entire cloud infrastructure on AWS, including anything related to cloud resource usage, threats against those resources, and their cloud service configurations.”
According to the (ISC) 2 2020 Cloud Security Report, the most worrisome security threats facing public clouds are misconfiguration of the cloud platform (68%), unauthorized access (58%), insecure APIs (52%), and account hijacking (50%). The Uptycs AWS security offering empowers teams to address these challenges by:
- Equipping their organizations with instant inventory visibility for AWS assets, resources, and services. Users can group and tag their cloud-based assets and resources across accounts, and then run ad hoc queries and reports for information such as service configurations.
- Ensuring that their AWS resources across accounts adhere to best practices. Uptycs alerts security teams to risks such as insecure configurations, tracks configuration history, and provides essential information that allows engineers to quickly remediate issues such as MFA for users, CloudTrail logging on resources, and unauthorized API activity.
- Monitoring compliance of the entire AWS environment to CIS Benchmarks, SOC 2, and other standards. Users can view summary visualizations of their compliance posture and have the ability to drill down into non-compliant resources, associated evidence, and remediation guidance.
- Detecting and investigating threats against AWS infrastructure, including credential misuse. Uptycs matches IPs and domains from AWS VPC Flow Logs against its threat intelligence platform to detect threats in the cloud. Uptycs also makes it easy for security teams to trace user activity during incident investigation with AWS CloudTrail log data. Finally, Uptycs analyzes IAM policy rules to help security teams implement and monitor least-privilege policies.
“As a cloud-based company running on AWS, finding a platform to solve all of our security needs across all of our accounts and services was a top priority,” said Kevin Paige, CISO, Flexport.
“But finding a single solution that could solve for audit and inventory of our cloud assets, as well as endpoint detection and response, was a challenge — until we found Uptycs. Now we’re able to do more with less, and save time, while maintaining a strong cloud security posture.”