If you’re orchestrating workloads that power business-critical data and applications, enacting robust security guardrails is important in keeping your cloud environment secure. To accomplish this, you must acquire observability in a manner that provides high-level visibility into your provisioned cloud resources. This will empower your DevOps team to detect potential unauthorized intrusions and resolve security misconfigurations quickly.
“92% of DevOps practitioners agree that observability drives better business decisions.”
This is why we’re excited to announce the addition of three new security rules to our nOps ruleset.
- VPC Flow Logging Disabled
- Public AMI
- RDS Public Snapshots
With these new rules, our AI rules engine will continuously monitor your cloud environment, automatically discover best practices’ violations and immediately alert you so that you can make fact-based decisions.
VPC Flow Logging Disabled
Amazon Virtual Private Cloud (VPC) allows you to configure an isolated, relatively secure virtual network for selected resources. To better enhance your VPC security, AWS recommends that you use Flow Logs – a feature that allows you to capture IP traffic flows between your network resources. Obtaining this information can be very helpful in understanding the direction and type of traffic your instances deal with and also help in diagnosing overly restrictive security group rules.
With this new rule, nOps scans your cloud environment and alerts you about VPCs without Flow Logging enabled.
Public AMI
Amazon Machine Images (AMI) enables you to provision AWS EC2 instances with your desired configurations quickly. Additionally, you can share your AMIs with other AWS accounts by making them public via the AWS console or CLI. However, doing so has its’ security trade-offs, which is why nOps recommends against making your AMIs publicly accessible to avoid undesired access to sensitive data.
The new rule checks for public AMIs and highlights them in the security dashboard so that you may set them to private if desired.
RDS Public Snapshots
Amazon Relational Database Service (RDS) snapshots make the complete recovery of your resources from stored backups a seamless process. Unless you intend to make your data available for public consumption, you must ensure that your snapshots are not made public. Doing this explicitly gives other AWS accounts the permission to copy and replicate the contents of your database.
nOps automatically detects and lists all Public RDS Snapshots, allowing you to take the appropriate precautions to avoid the exposure of confidential data.
Remediation Process
To help you resolve these discovered vulnerabilities faster, nOps provides granular, resource-level insights about each violation. There are also third-party integrations to help you allocate such issues to your DevOps team more quickly.
Summary
Keeping your cloud secure goes beyond mere monitoring; it requires learning how to operationalize your cloud security posture in a way that helps your DevOps team focus on what truly matters.
Catch and resolve vulnerabilities you don’t know exist. Get data-backed actionable insights today with nOps.