SECURITY WHITEPAPER
SECURITY WHITEPAPER
• AWS GuardDuty which is a threat detection service that continuously monitors for malicious activity and unauthorized behaviours to protect the AWS account .
• Amazon Inspector is an automated security assessment service that helps improve the security and compliance of applications deployed on AWS . Amazon Inspector automatically assesses applications for exposure , vulnerabilities , and deviations from best practices .
• AWS IAM Access Analyzer helps us to identify the resources in the organization , such as Amazon S3 buckets or IAM ( Identity Access Management ) roles , that are shared with an external entity . This lets us identify unintended access to our resources and data , which is a security risk .
• Additionally , we periodically monitor AWS Trusted advisor findings to keep best practices for cost management , high availability , security , and performance .
We use the Host Security Service ( HSS ) provided by the Open Telekom Cloud platform for the management of cloud servers and containers . HSS uses artificial intelligence ( AI ), machine learning , user behavior analytics ( UEBA ), and more to quantify and analyze threats .
The following basic functionalities are included in HSS :
• The baseline check detects insecure basic settings , e . g ., weak passwords .
• Vulnerability management identifies weaknesses in the operating system , images , and web content management system and helps to rectify them .
• Intrusion Detection identifies complex threats ( e . g ., unauthorized rights extensions , unauthorized access ) and responds by blocking IP addresses , for example .
• Security Response creates alarms and produces security reports and security notifications : The notifications are sent via Simple Message Notification ( SMN ) and can reach our Site Reliability Team via email or text message .
• If malicious software is found on the servers , it is automatically isolated and deleted .
• Ransomware prevention creates copies of the content at regular intervals and allows it to be restored even in the event of a successful attack .
CONFIGURATION MANAGEMENT
Automation drives Y Soft ’ s ability to scale with our customers ’ needs . Server instances are tightly controlled from provisioning through deprovisioning , ensuring that deviations from configuration baselines are detected and reverted at a predefined cadence . If a production server deviates or drifts from the baseline configuration , it will be overwritten with the baseline configuration within 30 minutes .
All server type configurations are embedded in images and configuration files . Server-level configuration management is handled using these images and configuration scripts when the server is built . Changes to the configuration and standard images are managed through a controlled change management process . Each instance type includes its own hardened configuration , depending on the deployment of the instance .
Patch management is handled using automated configuration management tools or by removing server instances that are no longer compliant with the expected baseline and provisioning a replacement instance in its place . Rigorous and automated configuration management is baked into our day-to-day infrastructure processing .
YSoft SAFEQ Cloud - 13 - YSOFT . COM