Delta Risk, a leading provider of cloud security, SOC-as-a-Service, and consulting services, announced new capabilities today that provide comprehensive visibility into communications to and from applications running on Amazon Virtual Private Clouds (VPCs), enabling DevOps and security teams to detect threats faster. The VPC Flow Log Visualization technology, available via the Delta Risk ActiveEye security platform, makes it easier to get real-time insights into IP traffic going to and from VPCs, networks, and the Internet. As a result, users can identify risky misconfigurations, investigate errors, and detect potential threats more quickly.
ActiveEye VPC Flow Log Visualization simplifies visibility into:
- What applications are running in an Amazon VPC;
- How traffic is moving between hosts; and
- Which hosts are directly communicating with the public Internet.
Development teams are rapidly deploying new applications using tools such as Amazon VPCs, which enable them to deliver services securely and cost-effectively via private clouds hosted on the Amazon Web Services (AWS) Cloud. However, as they deploy these applications, it’s often difficult for security teams to see what applications are running in the environment and how traffic is flowing both within the network and externally to the Internet.
Native AWS tools like VPC Flow Logs enable users to capture traffic going to and from network interfaces. Each network interface has a unique log stream, though, which can make it hard to use the data effectively for security monitoring. ActiveEye’s Flow Log Visualization for Amazon VPC gives users real-time insights into traffic without the need to set up and configure multiple other AWS capabilities such as CloudWatch, Amazon Kinesis, or Amazon Athena.
“Most organizations don’t have the benefit of having a security team well-versed in securing workloads in new cloud infrastructure like AWS, let alone the ability to staff it 24×7,” said John Hawley, Vice President of Product Strategy. “Delta Risk provides a SOC-as-a-Service capability via our ActiveEye platform to co-manage security. This enables us to monitor the entire application environment – including AWS-based workloads – around the clock.”
The new visualization feature complements the existing suite of Delta Risk’s ActiveEye security services for AWS, including:
AWS Configuration Assessment – This validates the current configuration in each AWS Account against best practices as well as Center for Internet Security (CIS) Benchmarks. Continuous validation ensures development teams have the guardrails they need to deploy applications securely. With automated policy checks, DevOps teams can get Slack alerts if newly deployed resources violate security policies.
AWS CloudTrail Log Analysis and Storage – Continuous review of CloudTrail administration activity identifies actions that violate security best practices. Daily or weekly reports can be delivered via email to summarize security group updates, new users created, or resources added. All activity data is available for real-time analysis for 90 days and stored for one to seven years for forensic and compliance purposes.
- AWS GuardDuty Analysis and Aggregation – A consolidated view of all GuardDuty alerts in a single console eases the workload for security teams. The ability to view related configuration updates, CloudTrail administration activity, and VPC Flow Logs in that same console dramatically reduces the time required to investigate anomalies.
Delta Risk is an AWS Advanced Technical Partner. To learn more about ActiveEye, visit https://deltarisk.com/activeeye-platform/.
About Delta Risk
Delta Risk delivers cloud security, SOC-as-a-Service, managed security, and professional services to commercial and public sector clients. We provide the visibility and control needed for effective cloud, endpoint, and network security to bridge the gap to a modern security approach. ActiveEye, our proprietary platform, uses Security Orchestration Automation and Response (SOAR) to optimize and scale Managed Detection and Response (MDR) capabilities across the enterprise. Our US-based cyber security experts provide 24×7 monitoring, consulting, and guidance to our customers on their journey to a secure environment. Professional services include penetration testing, exercises and training, vulnerability assessments, threat hunting, and incident response. Founded in 2007, the Delta Risk team draws on a rich history in the military intelligence community and law enforcement. For more information visit https://deltarisk.com.