Credera and Amazon Web Services Security
Building AWS solutions that are secure by design.
Why our partnerships are different.
As an AWS Advanced Consulting Partner, we advise clients and deliver end-to-end AWS solutions that unlock innovation and increase flexibility, scalability, and security to accelerate business goals and growth.
Amazon Web Services Security Capabilities
AWS Security Offerings
Credera helps organizations understand and meet the security requirements of moving to public cloud. Whilst with the standard shared responsibility model the cloud provider is responsible for security of the Cloud (its physical hosting platform, servers, and networks), organizations are still very much responsible for security too. Credera can help craft well-defined policies and integrate guardrails into your environment, ensuring your infrastructure and data are secure, governed, and in compliance with organizational needs. Credera’s Cloud Security expertise can accelerate the security-first culture and methodology that building in the cloud requires.
An organization’s deployment pipelines should contain a range of embedded dynamic, static, and infrastructure compliance tools which provide feedback of an application's security posture. Amazon Inspector is a powerful tool to scan AWS workloads for vulnerabilities and produce a risk score that helps prioritize remediation.
Drive towards an evergreen approach to deployment and avoid the operational and security complexities of managing many image versions across the enterprise. AWS Step functions can be used to build a robust process to redeploy immutable infrastructure and provide evergreening. This ensures resources are deployed with all the best security practices in place in a timely manner.
Develop data classification policies and apply the appropriate security controls. Implementation of strong authentication policies via AWS Identity Access Management (IAM) and network flow control policies with AWS network access control lists (ACLs). Enabling AWS Key Management Service (KMS) for encryption of data at rest. In combination with AWS CloudTrail, an organization can restrict and log access to sensitive data.
Governance and Policy
Automate policy compliance and controls using Policy as Code (PAC). AWS Control Tower can assist with environment automation that employs best-practice blueprints for system configuration and security. Credera has expertise utilizing the AWS Well-Architected Tool with assessments and information gathered from AWS Config and AWS Audit Manager.
Identity and Authorization
Employ a zero-trust architecture where each resource has its own identity, which can be permissioned and assigned access to other resources (such as storage and APIs) using AWS Identity Access Management (IAM). This gives finer control of your security and enables it to be standardized much more easily. The IAM Access Analyzer helps achieve least privileged access goals. Amazon Guard Duty provides continuous security monitoring of events in AWS, combined with other data sources this can highlight potential instances of malicious behavior.
Reduce the impact of security incidents by establishing Incident Response Plans and a framework for simulating incidents. Prepare AWS Accounts for incident response activities and write runbooks for common response tasks. Amazon GuardDuty is a threat detection service that monitors AWS workloads and user accounts. If a threat is detected, an automated remediation action can be executed. Detailed user activity tracking and API usage is available with AWS CloudTrail. AWS CloudWatch provides verbose logging and utilization metrics of applications and infrastructure.
See how we solved these challenges for our clients.
Invitation Homes improves governance and security.
Invitation Homes improves governance and security leveraging infrastructure as code (IaC) and AWS native services.
Agile & DevOps Transformation, Application Modernization, Cloud & Infrastructure Modernization
Transforming manual systems & processes into automated pipeline.
Handy engaged Credera to transform a manually initiated systems imaging and replacement process into a scheduled, automated pipeline. The client achieved an improved security posture and the ability to remediate vulnerabilities on running instances.
Agile & DevOps Transformation, Cloud & Infrastructure Modernization, Technology Strategy