Are you looking for a cloud security operationalization service, but with more features? Then DevSecOps is just for you.
We will help you set up your AWS account based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Remove all rules associated with default route tables, default network ACLs and default security groups in the default VPC in all regions.
Enable AWS Config rules to audit unrestricted common ports in Security Group rules.
Enable VPC Flow Logs with the default VPC in all regions.
Enable default EBS encryption for newly created volumes.
Git secrets pre-commit hooks
AWS Secrets Management
AWS Secure Parameter store
AWS Secrets Manager
BridgeCrew free scanning for Terraform source code.
Send CloudWatch, Security Hub, and GuardDuty notification to Slack
Enable CloudTrail in all regions and deliver events to CloudWatch Logs.
Object-level logging for all S3 buckets is enabled by default.
CloudTrail logs are encrypted using AWS Key Management Service.
All logs are stored in the S3 bucket with access logging enabled.
Logs are automatically archived into Amazon Glacier after the given period(defaults to 90 days).
Set up CloudWatch alarms to notify you when critical changes happen in your AWS account.
Enable AWS Config in each regions to automatically take configuration snapshots.
Enable SecurityHub and subscribe available standards.
Subscribe CIS benchmark standard.
Subscribe PCI DSS standard.
Subscribe AWS Foundational security best practices standard.
Enable GuardDuty in each regions.