Through direct integration with public cloud infrastructure providers like Amazon Web Services, Axonius collects and aggregates information on accounts and instances, and maps against the CIS Amazon Web Services Foundations Benchmarks in:
Identity and Access Management – Looking at the rules in the CIS benchmark related to IAM, like avoiding use of the root account, credential and access key rotation, password strength and more to make sure accounts and instances are configured securely.
Logging – Ensuring that CloudTrail is enabled with log file validation, that the S3 bucket used to store logs is not accessible, making sure AWS Config is enabled, ensuring rotation for customer created CMKs, and more.
Monitoring – Ensuring a log metric filter and alarm for unauthorized API calls, management console sign-in without MFA, usage of the root account, IAM policy changes, CloudTrail config changes, and more.
Networking – Ensuring that no security groups allow ingress from 0.0.0.0/0 to port 22 or 3389, making sure the default security group of every VPC restricts all traffic and that routing tables for VPC peering are least access, and more.
AXONIUS CLOUD ASSET COMPLIANCE FOR AWS
Launched in 2020, the Axonius Cloud Asset Compliance for AWS add-on aggregates and correlates data from customers’ AWS environments to show how each instance adheres to the rules defined in the CIS Amazon Web Services Foundations Benchmark 1.2.
Here’s a brief video overview.