Lead Image Photo by qinghill on Unsplash
AWS security scans with Scout2
Dig Deep
Amazon Web Services (AWS) regularly releases brand new services promising an abundance of intriguing features to help make life easier when provisioning your Internet infrastructure. The sheer number of services visible within the AWS Console is simply staggering, which is why AWS is still the dominant cloud provider – admittedly with Google Cloud and Microsoft Azure hot on its heels.
In this article, I demonstrate a tool that is available from a highly respected security specialist, the NCC Group [1], that automatically and safely informs you of misconfigurations and gaping holes in your AWS security posture.
NCC's website describes their focus as "… a global expert in cyber security and risk mitigation, working with businesses to protect their brand, value and reputation against the ever-evolving threat landscape."
A Ballet of Swans
The long journey AWS has taken since around 2006 is of constant innovation. And to think, much of this innovation began with virtual machines (the Xen hypervisor) as their on-demand EC2 (Amazon Elastic Compute Cloud) service combined with their super-reliable S3 storage service (Amazon Simple Storage) to fulfill the meteoric growth of their online retail shop, Amazon.com. The whole being greater than its parts, the collective power of all these mature services makes AWS the cloud behemoth it is today.
As financial institutions, governments, and corporations all over the planet make significant leaps into the cloud infrastructure, AWS innovation continues at a rapid pace. Importantly, the unbridled rate of innovation in the platform-as-a-service (PaaS) and infrastructure-as-a-service (IaaS) aspects of AWS provide a welcome level of maturity that some software-as-a-service (SaaS) provisioning lacks. When it comes to infrastructure, any changes – large or small – can mean
...
Buy this article as PDF
(incl. VAT)
Buy ADMIN Magazine
US / Canada
UK / Australia
Related content
-
Help Desk with FreeScout
The free version of FreeScout offers all the features of a powerful and flexible help desk environment and can be adapted to your requirements with commercial add-ons. - Docker Announces Three New Products for Secure App Delivery
-
News for Admins
In the news: Red Hat Announces Ansible Lightspeed with IBM watsonx Code Assistant; Dell APEX Cloud Platform for Red Hat OpenShift Announced; NSA Offers Best Practices for OSS in Operational Technology Environments; Civil Infrastructure Platform Adds New Super-Long-Term Linux Kernel; HTTP/2 Protocol Exploited in Largest DDoS Attack Ever; Docker Announces Three New Products for Secure App Delivery; CloudBees Updates Jenkins and Offers New DevSecOps Platform; Linkerd 2.14 Released with Improved Multi-Cluster Support; NIST Releases Draft of Cybersecurity Framework v2.0; CISA and MITRE Announce Open Source Caldera for OT
-
Business continuity management
We take a look at the new business continuity service from Azure and show how to use it. -
Prowling AWS
Prowler is an AWS security best practices assessment, auditing, hardening, and forensics readiness tool.
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Most Popular
Support Our Work
ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.
