Axonius
Cloud Asset Compliance for AWS
Top  

Cloud Asset Compliance for AWS

KNOW HOW YOUR AWS INSTANCES MATCH TO THE CIS AWS WEB SERVICES FOUNDATIONS BENCHMARK

Axonius Cloud Asset Compliance for AWS aggregates and correlates data from customers’ AWS environments to show how each instance adheres to the rules defined in the CIS Amazon Web Services Foundations Benchmark 1.2.

CIS COMPLIANCE FOR AMAZON WEB SERVICES

Through direct integration with public cloud infrastructure providers like Amazon Web Services, Axonius collects and aggregates information on accounts and instances, and maps against the CIS Amazon Web Services Foundations Benchmarks in:

  1. Identity and Access Management – Looking at the rules in the CIS benchmark related to IAM, like avoiding use of the root account, credential and access key rotation, password strength and more to make sure accounts and instances are configured securely.
  2. Logging – Ensuring that CloudTrail is enabled with log file validation, that the S3 bucket used to store logs is not accessible, making sure AWS Config is enabled, ensuring rotation for customer created CMKs, and more.
  3. Monitoring – Ensuring a log metric filter and alarm for unauthorized API calls, management console sign-in without MFA, usage of the root account, IAM policy changes, CloudTrail config changes, and more.
  4. Networking – Ensuring that no security groups allow ingress from 0.0.0.0/0 to port 22 or 3389, making sure the default security group of every VPC restricts all traffic and that routing tables for VPC peering are least access, and more.

AXONIUS CLOUD ASSET COMPLIANCE FOR AWS

Launched in 2020, the Axonius Cloud Asset Compliance for AWS add-on aggregates and correlates data from customers’ AWS environments to show how each instance adheres to the rules defined in the CIS Amazon Web Services Foundations Benchmark 1.2.

Here’s a brief video overview.

See for yourself.

Interested in seeing what Axonius can do for your organization?

Schedule a demo and let us show you