Vulnerability and configuration management for Amazon Web Services

Alert Logic revealed at the Black Hat USA 2015 conference Alert Logic Cloud Insight, a cloud-native vulnerability and configuration management solution designed for customers running on Amazon Web Services (AWS).

Alert Logic Cloud Insight integrates with AWS native security features to provide an integrated view of potential host and application level vulnerabilities for customers deploying on the AWS Cloud. Once identified, it takes the next step and provides proactive remediation actions that help customers eliminate potential risks across their entire deployment.

Alert Logic Cloud Insight builds on various AWS APIs including Amazon Elastic Compute Cloud (Amazon EC2), Amazon Virtual Private Cloud (Amazon VPC), AWS Identity and Access Management (AWS IAM), and AWS CloudTrail to provide auto-discovery capabilities and continuous monitoring to identify vulnerabilities, analyze their potential impact and create a prioritized remediation plan showing the vulnerabilities that will be eliminated with each step. The business is presented with a real-time, up-to-date, consolidated view of its security posture.

“Managing security while maintaining the agility of the cloud is fundamentally different than in any other environment,” said Gray Hall, CEO of Alert Logic. “With Alert Logic Cloud Insight we are delivering an innovative solution that gives businesses an added layer of visibility for workloads running on AWS – actionable intelligence to identify and eliminate risk across instances and applications while not slowing the business down.”

With traditional security technologies, companies must perform multiple manual steps to run scans and check configurations on a regular basis, which still only provides point-in-time results. Even when IT remediates an application vulnerability, it is difficult to ensure the vulnerability has truly been eradicated. Cloud Insight moves away from what could be a manual, error-prone process to an automated, continuous, remediation-centric approach.

With Alert Logic Cloud Insight, companies will benefit from the following:

• Deep insight into their AWS infrastructure. The solution is fully integrated with various AWS APIs including Amazon EC2, Amazon VPC, AWS IAM, and AWS CloudTrail to enable native, purpose-built protection and complete visibility across their data hosted on AWS. It continually discovers more than 70,000 possible vulnerabilities and misconfigurations that attackers may use to penetrate an organization’s applications.
• Intelligent remediation for vulnerabilities. It generates a prioritized list of remediation actions that helps customers drive risk out of the entire application stack – including AWS account and configuration information for the workloads running on AWS. This allows organizations to focus their efforts on the remediation actions that will have the biggest impact on their overall risk profile.
• Continuous protection. Built on AWS APIs, Cloud Insight provides continuous monitoring of a company’s AWS infrastructure. As the infrastructure changes, Cloud Insight automatically detects these changes and inspects new, changed, or modified resources for vulnerabilities and configuration issues, providing the business with an up-to-date assessment of potential risks and exposures. As a result of this automation, the solution frees up the time that IT would have spent on vulnerability management, allowing them to invest in more strategic activities that advance the business.