The CIS Amazon Web Services Foundations Benchmark is a substantial document with dozens of recommendations. CIS Amazon Elastic Kubernetes Service (EKS) Benchmark : Provides recommendations for securing EKS.CIS Amazon Linux 2 Benchmark : Provides recommendations for securely configuring the Amazon Linux 2 distribution.CIS Amazon Web Services Three-tier Web Architecture Benchmark : Extends the Foundations Benchmark with recommendations for web architectures hosted on VPCs.CIS AWS End User Compute Services Benchmark : Covers AWS services that include WorkSpaces, WorkDocs, and AppStream, among others.In addition to the Foundations Benchmark, CIS publishes Benchmarks that cover other AWS services and use scenarios. Level 2 extends Level 1 with recommendations suited to environments with more stringent security requirements, such as those storing sensitive data. Level 1 details basic security recommendations that are straightforward to implement with limited impact on the service’s usefulness. The Foundations Benchmark provides recommendations that fall into two profiles: Level 1 and Level 2. AWS Identity and Access Management (IAM).It provides recommendations for AWS services used by the majority of organizations, including: The AWS Foundations Benchmark is ideal for configuring an AWS environment with a strong security baseline. A remediation procedure to bring the system into compliance.ĬIS publishes several benchmarks relevant to AWS, but organizations typically start with CIS Amazon Web Services Foundations Benchmark.An audit procedure detailing how to determine if a system complies with the recommendation.A rationale explaining the reason for the recommendation and its importance.A detailed description of the configuration setting and its recommended value.An assessment status indicating whether the recommendation’s implementation can be automated.Each recommendation follows a format that includes: We discussed CIS Benchmarks more generally in What Are CIS Benchmarks? How Are AWS CIS Benchmarks Structured?ĪWS Benchmark documents comprise a series of prescriptive configuration recommendations designed to optimize security and defend against common attacks. This article focuses on Benchmarks targeting AWS and its services. The CIS publishes Benchmarks focused on many technologies and platforms, including cloud providers Microsoft Azure and Google Cloud Platform. As the cliché goes, cloud users don’t know what they don’t know-the AWS CIS Benchmarks provide the knowledge organizations need in a comprehensive and actionable format. AWS is complex and, as we’ve written before, most cloud security incidents and data leaks result from misconfiguration. CIS membership comprises major cloud providers such as Amazon and Microsoft, as well as corporations, government agencies, and educational institutions.ĪWS CIS Benchmarks provide a secure configuration baseline agreed on by security experts from around the industry. ![]() What are AWS CIS Benchmarks?ĪWS CIS Benchmarks are platform-specific security recommendations published by the Center for Internet Security and developed by CIS members in a consensus-driven process. Because CIS Benchmark recommendations map to information security and privacy regulations and standards, they also help organizations to achieve compliance. They can deploy cloud infrastructure and services, but struggle to secure them.ĪWS CIS Benchmarks provide guidance and recommendations that help organizations to take a systematic, targeted, and effective approach to securing cloud infrastructure. This is a particular problem for organizations lacking cloud security expertise. However, AWS’s richness and complexity can be challenging to configure and administer to maximize security, privacy, and compliance. It offers hundreds of networking, storage, compute, and managed cloud services, each of which helps organizations to build robust and reliable IT infrastructure without the need to manage data centers and physical hardware. Secure Your Infrastructure with AWS CIS Benchmarksīy Hannah Grace Holladay / October 17th, 2022Īmazon Web Services (AWS) is the most widely used cloud platform.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |