Nothing & Everything > Open Discussion

AWS security review

(1/1)

Mike:
Anyone have a recommendation for a vendor that'll review an AWS setup for security?  We are in the process of migrating our infrastructure from a colo to AWS and am looking for someone that can review things before we cutover our production systems.

ober:
Why not just ask AWS to do it?  They offer that.

If you're looking for a tool, you could use ermetic.com (not free, but pretty awesome - we use it for Azure and AWS on an ongoing basis).

Mike:

--- Quote from: ober on October 22, 2022, 12:57:06 PM ---Why not just ask AWS to do it?  They offer that.

--- End quote ---
Hmm, all we've gotten from the rep is general guidance but I'll ask them again.


--- Quote ---If you're looking for a tool, you could use ermetic.com (not free, but pretty awesome - we use it for Azure and AWS on an ongoing basis).

--- End quote ---
A tool is good but we are still wanting another group to come review it.

ober:
It may depend on your level in AWS or annual spend.  We spend about 150K/mo so we might get a different amount of attention.

Mike:
Not security related but we migrated our servers in June and just had the first few days of school. Shit went smooth! We had time to find some issues during the summer and resolve them, set up the auto scaling groups with target tracking and predictive scaling, and just had everything dialed in.  We did intentionally over allocate the production database size just to make sure it could handle that but otherwise everything else was scaling in and out as needed.  Was great!

Navigation

[0] Message Index