Customer Benefits from Consultation & Implementation of Service Platform

About Customer

A go-to partner for outsourced services, the customer designs and builds smart, multi-disciplinary security and integrated offerings powered by AI. They orchestrate customer experience, security, and facilities management seamlessly for higher cost-efficiencies to empower their clients’ future. With a presence across 6 countries, the customer adds to capabilities of organizations through their systems integration and exhaustive technology development capabilities.

The Challenge

The customer wanted to consolidate security incidents from their multiple accounts in the AWS Landing Zone. Planning to have automation in place for responding effectively to certain security findings, the customer wanted to have security controls for reducing the time taken in the manual response process.

As the first step towards automation, the customer focused on the detection and remediation resulting from access management and privileges. The target was to set up the automated security operations and focus on the identity and access management controls. This is to ensure that all the events and incidents from the different accounts are detected and presented on a single pane of glass and selected incidents can be remediated either fully automated or with assistance.

The Solution

Blazeclan’s proposed a solution of AWS Security Hub integration with all accounts in the landing zone. This would provide the customer a uniplanar view of security alerts from the central security hub account. The AWS Security Hub would then be integrated with Amazon EventBridge while the selected security events would be auto-remediated using AWS Lambda Functions. In the end, the security hub alters would be integrated with the existing ticketing tool. Following steps were carried out for implementing the solution.

Since the customer’s landing zone was organization-enabled, AWSsupported feature was used to automate and streamline the process of integrating the security hub with its member accounts. This enabled the security hub in all the existing member accounts and new accounts added to landing zone.
There was no creation of any additional codes for IaC. All necessary actions were performed and handled automatically by AWS.
The detection was based on the IAM controls for CIS and AWS Security Foundation that were configured to be reported from all the accounts integrated with AWS Security Hub. After that, lambda scripts were written for selected events and incidents that could be remediated fully automated. The second set of lambda scripts were created for controls that could be remediated in an automated manner but would need a manual intervention to ensure no impact on work.

Benefits Achieved by the Customer

The security platform for integration and automated response helped the customer to visualize and understand their security issues on a single plane, thereby driving their strategies of cloud security and compliance.
With the help of automated response to IAM findings, the attack surface was reduced.
A single pane of window was achieved for all IAM incidents across 100+ accounts.
Effective use of serverless services enabled automatic response and remediation of the selected set of incidents. This further saved significant cost of security operations overall.

Tech Stack

AWS Security Hub	Amazon GuardDuty	AWS Identity & Access Management
AWS Config	Amazon CloudWatch	Amazon SNS
AWS Lambda	Amazon S3	Amazon EventBridge
AWS Management Console	Amazon Cloudtrail	AWS Cloudformation

Categories

Cloud Security, Security
Service Tags

Automated Security, automation, Cloud, Cloud Security, Compliance, Security

Cloud Consulting, Strategy, and Migration

DevSecOps

Cloud Security Engineering

Application Assessment

Cloud Native Application Development & Testing

SaaS Product & Platform Development

Data Strategy

Data Governance and Engineering

Advanced Analytics

Cloud Governance & Reporting

Cloud Discovery & Optimization

DevOps Transformation (DoT)

cAssure

cSecure

SaaS Factory Model

BlazePulse

cSaver

Cloud and Platform Modernization

Cloud Security Operations

Conversational AI

Application Maintenance & Enhancement

Application Modernization

Managed Analytics

BI Modernization

Cloud Managed Services

How Analytics Helps Businesses Better Serve their Customers

Building Capabilities of Incident Response/Disaster Recovery on the Cloud

Impactful Cloud Computing Trends to Look For in 2022

Blazeclan Helps AIMS Migrate and Optimize its SaaS Application on AWS

Expect Me Launches A Revolutionary SaaS Room Selection Platform

Cloud-based Big Data and Analytics Platform Helped hub.brussels Achieve Seamless Data Consolidation and Accessibility

Ebooks & Whitepapers

Augment Your Deployment Velocity With Terraform

Back to Business as Usual - Rightsizing Your AWS Cloud Cost

Call Us

Email Us

Financial Services

Banking & Insurance

Media & Entertainment

Telecom

Technology

iGaming

About Us

Our Leadership

Customer Speaks

Strategic Partners

OneClan Life

Clouditects

Work With Us

Thought Leadership

Awards and Recognition

Media Coverage