Amazon GuardDuty is a threat detection service that continuously monitors your AWS Cloud accounts for compromised accounts, abnormal behaviors, and malware using anomaly detection, machine learning, behavioral modeling, and threat intelligence feeds. https://www.youtube.com/watch?v=ocZjGirQT9A Amazon GuardDuty helps to mitigate threats to your infrastructure with automated remediation or prevention with AWS Lambda. It automatically analyzes AWS workloads, … Continue reading Amazon GuardDuty: Continuous Threat Detection
AWS Trusted Advisor: Optimize Infrastructure
AWS Trusted Advisor helps you optimize your AWS environment by reducing cost, increasing performance, and improving security. It provides real-time guidance to help you provision resources according to AWS Best Practices guidelines. (AWS) Infrastructure Optimization This service provides best practice recommendations in 5 categories: Cost Optimization: save money by eliminating unused/idle resources or using reserved … Continue reading AWS Trusted Advisor: Optimize Infrastructure
Amazon Inspector: Automated Security Assessment
Amazon Inspector is an automated security assessment service to help improve security and compliance of applications deployed on AWS. It automatically scans workloads (like Amazon EC2 instances, containers, Lambda functions) for vulnerabilities and unintended network exposure to make your AWS infrastructure more secure. https://youtu.be/wi1PDr9n67Y Amazon Inspector automatically assesses applications for vulnerabilities and deviations from best … Continue reading Amazon Inspector: Automated Security Assessment
AWS Shield: Managed DDoS Protection
AWS Shield provides always-on detection and automatic inline mitigations to minimize application downtime and latency to protect against Distributed Denial of Service (DDoS) attacks. https://youtu.be/7rgiXEa0_jE It is available globally on all CloudFront and Route 53 Edge Locations. As a result, you can protect your web applications hosted anywhere in the world by deploying CloudFront in … Continue reading AWS Shield: Managed DDoS Protection
AWS WAF: Web Application Firewall
AWS Web Application Firewall (WAF) protects web applications running on AWS from common web exploits that could compromise security, availability, or consume excessive resources (which in turn could end up costing you a lot of money). As the name suggests, it is a firewall service for your web applications running on AWS cloud. You can … Continue reading AWS WAF: Web Application Firewall
AWS IAM: Identity Access Management
With AWS Identity and Access Management (IAM), you are empowered to manage secure access to your AWS resources with users, groups, and permissions. You can think about identity and access management as: WHO (workforce users and workloads) CAN ACCESS (permissions with IAM policies) WHAT (resources within your AWS organization). https://youtu.be/SXSqhTn2DuE It is free to use, … Continue reading AWS IAM: Identity Access Management
Security 101 for AWS Cloud Practitioner Exam
Security is 25% of the Certified Cloud Practitioner Exam. Even though it is only the 3rd out of 4 domains in terms of percentage of the exam, it's still worth becoming comfortable with the Shared Responsibility Model and the various ways AWS helps to protect your infrastructure. Securing the Cloud is a very important part … Continue reading Security 101 for AWS Cloud Practitioner Exam
AWS Shared Responsibility Model
In AWS's Shared Responsibility Model is the concept that AWS and the customer share responsibilities for security and compliance of Amazon Web Services. This allows AWS to support the customer by taking on the burden of operations control associated with the physical infrastructure so the customer can focus on securing and producing within the context … Continue reading AWS Shared Responsibility Model