AWS Cloud Security: Security, Identity and Compliance Reviews - Page 3

All available CSPM standandards their result/score for each test along with remidation steps , which helps to fix the issue and improve compliance score Review collected by and hosted on G2.com.

Nothing as such to dislik , easy deployment single click with detailed output Review collected by and hosted on G2.com.

WAF can provide different levels of security. We will be able to implement it in the root level. We can make rules to allow or block access that meets conditions. Review collected by and hosted on G2.com.

Initially it was too tough for me to tackle WAF as the concepts are bit complex to understand. Review collected by and hosted on G2.com.

It provides a centralized location to manage user identities, groups, roles, and permissions across an AWS environment. Review collected by and hosted on G2.com.

In certain scenarios, managing permissions inheritance and overrides across different levels of IAM entities (users, groups, roles) can be tricky. Review collected by and hosted on G2.com.

Able to integrate SSL CERTIFICATES with Aws services like Elb , cloudfront easily. We can install 3rd party certificates bought outside Aws Iin manager. Able to create notifications when certificates validity going to be over. Review collected by and hosted on G2.com.

There is no centralized service for all regions , we need to import SSL certificates individually to different regions. Say if we are using N.virgina region and ohio region we 2 times for respective regions Review collected by and hosted on G2.com.

AWS waf comes with best set of Rules for filtering out the malicious IP's. It is very easy to implement as we can create the rules using AWS rules. Also , we can create large number of rules according to the priority . It is great platform to integate with load balancers etc. I liked how the customer support is avalialble 27 7 for any issues. Review collected by and hosted on G2.com.

Cost can be addded when we set up more rules Review collected by and hosted on G2.com.

Comprehensive security suite: AWS offers a vast array of security tools and services, covering everything from access management to data encryption and threat detection. This one-stop shop simplifies security implementation and reduces the need for third-party solutions.

Granular control: AWS allows you to fine-tune security settings based on your specific needs and risk tolerance. This level of customization empowers organizations to build a security posture that aligns with their unique environment.

Compliance-focused: AWS provides built-in features and pre-configured compliance frameworks that help organizations meet industry regulations and internal policies. This can significantly streamline compliance audits and reporting processes. Review collected by and hosted on G2.com.

Complexity: The sheer breadth of AWS security offerings can be overwhelming for new users. Navigating the different services and understanding their interactions can be a steep learning curve, even for experienced IT professionals.

Pricing: While AWS offers a free tier for some services, many essential security features come at a cost. The pricing structure can be complex, making it difficult to accurately estimate and budget for security expenses.

Limited visibility: While AWS provides tools for monitoring and analyzing security events, the default dashboards can lack depth and customization options. For organizations with complex security needs, building comprehensive security reports may require additional tools or expertise. Review collected by and hosted on G2.com.

EASE OF USE ACM SIMPLIFIES THE PROCESS OF PROVISIONING MANAGING AND DEPLOYING SSL/TLS CERTIFICATES FOR YOUR AWS RESOURCES. EASE OF IMPLEMENTATION, INTEGRATION IS SEAMLESSLY INTEGRATED WITH OTHER AWS SERVICES, EASY-TO-SECURE RESOURCES, AWS CF, ELB, AND APIS. GLOBAL COVERAGE ACM SUPPORTS CERTIFICATES IN MULTIPLE REGIONS MAKING IT SUITABLE, FOR FREQUENCY OF USE FOR GEOGRAPHICALLY DISTRIBUTED APPLICATIONS. CUSTOMER SUPPORT Review collected by and hosted on G2.com.

LIMITED TO AWS - ACM IS DESIGNED TO BE USED WITHIN THE AWS ECOSYSTEM. NO WILDCARD SUPPORT OR CERTIFICATES THAT REQUIRE ADDITIONAL CERTIFICATES FOR SUBDOMAINS.

REGIONAL LIMITATIONS CREATED IN ONE AWS REGION MAY COMPLICATE MULTI-REGION DEPLOYMENTS. DEPENDENCY ON AWS USING ACM MAY LOCK YOU INTO AWS SERVICES MAKING IT LESS SUITABLE FOR A MULTI-CLOUD Review collected by and hosted on G2.com.

The most helpful aspects and upsides of using AWS WAF are:

1.Security enchancement - AWS WAF helps in enchancing the security of your web applications by protecting them from a wide range of online threats, such as SQL injection, cross-site scripting(XSS) and more.

2.Customizable Rules: AWS WAF offers a high degree of customization, allowing you to creates rules and regulations tailored to your specific application's needs.

3.Scalability: AWS WAF scales with your's applications needs. you can handle varying level of traffic and adjust your rules and policies accordingly. Review collected by and hosted on G2.com.

While AWS WAF offers many benefits, there are also some potentials downsides of using AWS WAF, which are states below:

1.Costs: While the AWS WAF offers pay-as-you go pricing model, cost can add up, especially for large scale application with high traffic volumes and complex rules sets.

2.Regional Deployment:AWS WAF is deployed regionally, which means you need to configure it separately in each AWS Region where application is hosted. this can add up complexity if your application spans multiple regions. Review collected by and hosted on G2.com.

- Easy integration setup for AWS cloudfront and load balancers

- Bot traffic and maliciuos requests can be easily blocked

- AWS Managed rules provides a quick start to secure requests

- Allows to customize response when requests are blocked

- Has a Count feature which allows to validate requests before enabling action on the rule Review collected by and hosted on G2.com.

- Multiple rule setup and priority leads to complications

- Costs can add up as it proportional to the request count Review collected by and hosted on G2.com.

It has several options to learn and adopt AWS Cloud, especially security, we can create different roles and assigns different level of access using policies and if a new member has been added we have to just assign him a role with one click and it's done. Review collected by and hosted on G2.com.

To the best of my knowledge, I have not yet come across referring to Security in AWS. Review collected by and hosted on G2.com.