Securing Your Amazon Web Services (AWS) Environment

Speed productivity, increase visibility, and monitor configurations with Rapid7 Insight

Today’s modern network and application infrastructure, powered by AWS, breeds a host of new challenges for security teams. From vulnerability management and application security, to breach detection and IT troubleshooting, you may be wondering: Are my current strategies for monitoring and scanning keeping pace?

As an AWS Advanced Technology Partner, Rapid7 is dedicated to helping you move to the cloud securely. The Rapid7 Insight cloud was built to collect, analyze, and optimize modern networks, from AWS-powered computing, networking, storage, and more. Using purpose-built solutions and direct AWS integrations, Rapid7 Insight helps you protect and monitor all of your AWS assets quickly, easily, and cost effectively.

rapid7-insightvm-aws-security-competency-transparent.png

Scan for Vulnerabilities with InsightVM

Rapid7 InsightVM gives you visibility across your entire modern ecosystem, prioritizes risks using attacker analytics, and helps you remediate or contain threats with SecOps agility.

Even better, you can deploy InsightVM in AWS to scan your AWS-hosted assets for vulnerabilities, automatically identify and scan existing and new AWS assets, import your AWS tags, and guide remediation.

How InsightVM helps secure your AWS environment:

  • AWS Security Hub: Gain a holistic view of your AWS security and compliance posture: Vulnerabilities detected in your EC2 instances are automatically sent to AWS Security Hub, and additional vulnerability context from InsightVM allows you to prioritize your team’s security tasks more efficiently and reduce measurable risk in your AWS cloud. Learn more > 
  • Cloud Configuration Assessment: Identify and visualize configurations across multiple AWS accounts in one single console, alongside the risk across your entire hybrid environment. Watch the demo video below, and click here to learn more.
  • Container Security Assessment: Discover all Docker hosts, images, and containers in your AWS environment (and beyond), connect with registries to automatically analyze and assess container images for vulnerabilities, and integrate security into your CI/CD build pipeline by flagging or failing builds with risky images. Learn more > 
  • Dynamic Asset Discovery: Discover and assess EC2 instances as soon as they come online, add vulnerability context by importing assets and tags from InsightVM, monitor and clean up assets when they’re terminated, and detect changes to the environment with lightweight agents, pre-authorized scan engines, or both. Learn more > 

 

Secure Your Applications with InsightAppSec

Rapid7 InsightAppSec is a powerful dynamic application security testing (DAST) solution built to help you address the unique security challenges that come with modern web applications. Comprehensively check for vulnerabilities in your AWS environment with a rich library of 90+ attack modules that assess for the OWASP Top 10 and more, then create actionable compliance and remediation reports that inform risk reduction efforts and improve your overall cloud security posture.

How InsightAppSec can help you protect your AWS environment:

  • Easily secure dozens or hundreds of web apps in your AWS environment.
  • Ensure compliance with regulations like PCI-DSS using pre-built, pass-fail reports.
  • Integrate with your existing stack through InsightAppSec’s robust RESTFul API.
  • Give your development team a leg up on source code vulnerability fixes with interactive remediation reports.

Cognitive Scale Securely Advances AI with AWS and Rapid7

See how Cognitive Scale relies on Rapid7 InsightVM for peace of mind that they have a complete picture of their AWS environment and any potential risks.

 

Monitor for Breaches with InsightIDR

Rapid7 InsightIDR is your cloud SIEM for modern threat detection and response. Data collection is simple and scalable—our customers deploy and see value faster than any other on-premises or Saas SIEM.

InsightIDR comes with pre-built, layered detection methodologies, which are applied to your AWS & hybrid cloud data, network activity, and your endpoints (with the included Insight Agent). These detections help you detect the top attack vectors behind breaches: phishing, malware, and the use of stolen credentials. The result: you can unify data across your modern network, find common and targeted threats, and investigate and respond 20x faster with case management and automation workflows.

How InsightIDR supports your AWS environment:

  • Monitor your AWS environment for threats: InsightIDR alerts on suspicious activity, including access from suspicious locations, service account anomalies, and new AWS region usage (e.g. compute power being stolen to mine cryptocurrency).
  • Simple centralized log management: InsightIDR makes it easy to search, report, and create custom alerts for AWS CloudTrail, CloudWatch, and other logs for visibility, incident investigations, and compliance.
  • Amazon GuardDuty: Alerts generated by GuardDuty can flow into InsightIDR for easier, faster investigations. Within InsightIDR, it’s easy to retrace user behavior, pivot to other log sets, or query the AWS VPC with the Insight Agent.

What’s more? Imbed the Rapid7 Insight Agent into AWS gold images for live monitoring in InsightVM and InsightIDR.

 

Automate Actions with InsightConnect

Rapid7 InsightConnect is a security orchestration and automation solution that enables your team to accelerate and streamline time-intensive processes with little to no code required.

With nearly 300 plugins to connect your tools and easily customizable connect-and-go workflows, you’ll free up your team to tackle other challenges, while still leveraging human decision points when it’s most critical. With significant time savings and productivity gains across overall cloud security operations, you’ll go from overwhelmed to operating at maximum efficiency in no time.

InsightConnect can enhance your cloud security posture for various use cases:

  • AWS Security Hub: Automate the process of sharing, responding, and remediating threats and findings in Security Hub, significantly cutting down the time it takes to act on threats in your AWS environments. Watch the demo below! 
  • Automatic Containment of Compromised Credentials: When compromised credentials are identified, you can automatically remediate impacted accounts and determine the appropriate course of action by leveraging human decision points.
  • Automatic Blocking of Attacker IP Addresses: Monitor your EC2 instances for SSH brute force attacks, and automatically update the instance’s security group to block traffic from the malicious host.
  • Workflows Triggered by Cloudwatch Alarms: Automate the escalation notification process, trigger automated response actions, integrate human decision points when necessary, and easily create custom workflows with little to no code.
  • And much more: Use InsightConnect across your security stack—even to integrate with non-Rapid7 products.

 

Optimize IT Troubleshooting

Rapid7 InsightOps combines log management with live asset visibility for really (really) easy IT monitoring and troubleshooting. It offers rich support for AWS by integrating with CloudTrail and CloudWatch, allowing you to connect to all your systems via an open API. With InsightOps, you can easily correlate CloudTrail, CloudWatch, and your application logs to better diagnose and troubleshoot issues.

Leverage the Insight cloud for an end-to-end(point) approach to security.

Explore Our Solutions