Operationalize AWS security responsibilities in the cloud

In a sea of available MSSPs, organizations can find it hard to choose the one that can offer the right cloud security expertise. To make this decision easier, AWS has announced AWS Level 1 MSSP Competency.

In this interview with Help Net Security, Doug Yeum, Head of AWS Partner Organization, AWS, talks about the benefits of this program, and what it takes to become a partner.

What do AWS Partners with Level 1 Managed Security Service (MSSP) Competency provide?

All AWS Level 1 MSSP Competency Partners provide at minimum the ten 24/7 security monitoring, protection, and remediation services as defined in the Level 1 Managed Security Services baseline. Those ten 24/7 services specifically are below.

Many of the Level 1 MSSP Competency Partners also provide additional security assessment and implementation professional services as well to assist customers in their AWS cloud journey.

• AWS Infrastructure Vulnerability Scanning – Routine scanning of AWS infrastructure for known software vulnerabilities.
• AWS Resource Inventory Visibility – Continuous scanning and reporting of all AWS resources and their configuration details, updated automatically with newly added or removed resources.
• AWS Security Best Practices Monitoring – Track and detect misconfigurations of AWS resources to improve cloud security posture and reduce business risk.
• AWS Compliance Monitoring – Scanning AWS environment for compliance standards such as: CIS AWS Foundations, PCI DSS, HIPAA, HITRUST, ISO 27001, MITRE ATT&CK, and SOC2.
• Monitor, Triage Security Events – Gain visibility into security alerts with a consolidated list of security events and recommended remediation guidance.
• 24/7 Incident Alerting and Response – Receive notification of high priority security events and expert guidance on recommended remediation steps 24/7.
• DDoS Mitigation – Increase visibility and resilience to DDoS attacks and reduce the risk of availability, financial, and security impacts to applications.
• Managed Intrusion Prevention System (IPS) – Add a layer of security for AWS-based endpoints, helping with defense against known threat patterns, to increase overall security posture.
• Managed Detection and Response (MDR) for AWS-Based Endpoints – A combination of technology and cloud security experts working to continuously detect, investigate, and remove threats from within AWS-based endpoints.
• Managed Web Application Firewall (WAF) – A firewall managed service designed to protect web-facing applications and APIs against common exploits.

What are the prerequisites for becoming an AWS Level 1 MSSP Competency Partner?

There are 5 requirements for Partners to join the Level 1 MSSP Competency:

• Achieve either AWS Advanced, Premier, or the ISV Partner Path status.
• Successfully pass the technical audit for Level 1 Managed Security Services (annually). All requirements can be found here.
• Submit 4 customer case studies showcasing managed security services delivered to AWS customers within the last 18 months.
• Publish a dedicated Level 1 MSSP web page accessible from the Partner’s home page navigation that includes educational copy around the ten Level 1 Managed Security Services.
• Provide at least 3 public-facing Level 1 MSSP enablement materials (blog posts, videos, presentations, etc.).

How do you see this program evolving in the near future?

We have been piloting this industry-first Level 1 Competency Program confidentially for nearly a year and the feedback from internal AWS security experts, Partners and customers has helped shape this to address specific challenges customers have around operationalizing their security in the cloud responsibilities.

We look forward to continuing that feedback process and are already seeing increased demand from Partners interested in joining. We also look forward to more customers becoming aware of the value adding a Level 1 MSSP Competency Partner brings into their organization to increase their AWS security posture with experts watching 24/7.