By Ryan Orsi, WW Security/MSSP Practice Team Lead – AWS
By Christin Voytko, Competency Launch Product Manager – AWS
For some organizations, operationalizing their security responsibilities in the cloud with the right tools, people, and processes can be challenging if they don’t have the cloud security expertise they need in-house.
A Managed Security Service Provider (MSSP) can integrate, join forces, and work alongside in-house security teams or provide full outsourcing for Amazon Web Services (AWS) security operations.
To help customers looking for support from MSSPs, we created a new baseline standard of quality to refer to when making the decision about an AWS Partner to team up with. We call this Level 1 Managed Security Services, and it’s a good starting point for customers to operationalize their AWS security responsibilities in the cloud.
Level 1 Managed Security Services span 10 specific 24/7 security service areas, each with technical and operational requirements defined by AWS security experts.
To make it easier for customers to find validated MSSP Partners qualified to deliver Level 1 Managed Security Services, we are excited to introduce the new AWS Level 1 MSSP Competency.
This designation features AWS Partners that have had their technical and operational capabilities successfully validated against the Level 1 Managed Security Services baseline. They demonstrate high-quality AWS security operation skill sets, and are committed to annual validation of their capabilities by AWS security experts.
AWS Level 1 MSSP Competency Partners have worked closely with AWS security experts to develop offerings that operationalize security tools, skill sets, and processes leveraging supporting tools. This includes native AWS security services such as AWS Security Hub and Amazon GuardDuty, AWS solutions implementations, and third-party solutions from AWS Security Competency ISV Partners. These offerings are uniquely designed to protect and monitor essential AWS resources 24/7 delivered as a fully managed service.
Level 1 Managed Security Services
AWS Level 1 Managed Security Services are defined by AWS security experts to benefit cloud environments of any size and span 10 security service areas:
- AWS infrastructure vulnerability scanning: Routine scanning of AWS infrastructure resources for known software vulnerabilities.
- AWS resource inventory visibility: Continuous scanning and reporting of all AWS resources and their configuration details, updated automatically with newly added or removed resources.
- AWS security best practices monitoring: Detect when AWS accounts and the configuration of deployed resources do not align to security best practices.
- AWS compliance monitoring: Scanning AWS environments for compliance standards on two or more of the following: CIS AWS Foundations, PCI DSS, HIPAA, HITRUST, ISO 27001, MITRE [email protected], and SOC2.
- Monitor, triage security events: A combination of automated tooling and security experts continuously monitor aggregated AWS resource logs across network, host, and API layers to analyze and triage security events.
- 24/7 incident alerting and response: Notification of high priority security events and expert guidance on recommended remediation steps 24/7.
- Distributed Denial of Service (DDoS) mitigation: A system backed by technology and security experts monitoring 24/7 for DDoS attacks against your AWS applications.
- Managed Intrusion Prevention System (IPS): From known and emerging network threats that seek to exploit known vulnerabilities.
- Managed Detection and Response (MDR) for AWS based endpoints: A combination of technology and cloud security experts working to continuously detect, investigate, and remove threats from within AWS endpoints.
- Managed Web Application Firewall (WAF): A firewall managed service designed to protect web-facing applications and APIs against common exploits.
AWS Partners Have Experience in Level 1 Managed Security Services
The AWS Competency Program is designed to identify, validate, and promote AWS Partners with demonstrated technical expertise and proven customer success. The Competency designation helps AWS Partners differentiate their business to customers by showcasing their products and services in specialized areas across industries, use cases, and workloads.
Organizations of any size—from emerging startups, small to mid-sized businesses, and global enterprises—will find adding the expertise of an AWS Level 1 MSSP into their organization is a valuable way to increase their cloud security posture and maintain it with experts watching 24/7.
Real-time remediation of security issues that mitigates risk and delivers alignment with AWS security best practices. Continuous compliance with leading international security standards turns compliance from an operational cost center into a competitive, revenue generating advantage.
The Accenture Managed Secure Cloud Foundation (SCF) integrates with AWS Control Tower to incorporate multi-account, AWS-native security, central networking, and guardrail controls into a DevOps pipeline that integrate into an MDR platform.
Alert Logic, in collaboration with AWS, protects and monitors AWS environments, delivered as a 24/7 fully managed service. Alert Logic acts as the security team or an augmentation of an AWS customer’s existing security staff.
All Arctic Wolf solutions were developed in collaboration with AWS. The collaboration ensures Arctic Wolf technology, processes, and services fully utilize AWS advanced computing, storage, networking, and more. Together, we deliver a fully managed service designed to protect and monitor your essential AWS resources.
Armor makes cloud security and compliance simple, achievable, and manageable across AWS and hybrid clouds. Through its consolidated security platform, Armor helps stop attacks before they happen and provides guidance when they do.
With a global team of more than 6,000 security experts and a global network of Security Operation Centers, Atos offers clients an end-to-end security partnership. Atos is a European leader in managed security services.
As an AWS Level 1 MSSP, Capgemini worked with AWS experts to develop the right managed security service specializations. Capgemini can protect and monitor essential AWS resources, delivered to clients as a fully managed service.
AWS managed security services from Claranet Cyber Security allow you to build and run your organization in the cloud knowing the security of your AWS environment is being monitored and managed by experts in cloud security.
CloudHesive’s managed security services address common infosec challenges using their experience in the alignment of organizational frameworks and controls in AWS-based environments. Customers benefit through minimization of responsibilities and focus on their mission.
Deepwatch combines best-of-breed SOC technologies, AWS services, and a high-touch Squad delivery model to address AWS security best practices, resource visibility, infrastructure vulnerability, and 24/7 managed detection and response for AWS customers.
Guardian for AWS can help accelerate your journey on the AWS Cloud with a cloud security managed service that provides 24/7 security protection and monitoring of essential resources, enabling you to develop at the speed of your innovation.
Enimbos MSSP services provide a holistic AWS-vetted approach that secures clients’ firms and mitigates incumbent risks associated with current rapid cloud adoption and cybersecurity expert resource shortages.
eSentire’s multi-signal MDR service provides investigation and response capabilities for AWS. Signals from cloud, network, log, and endpoint are ingested to eSentire’s XDR platform, where machine learning enables distillation of threats at scale.
IBM delivers market-leading consulting and systems integration, offensive security, incident response, cloud security, and managed security services aligned to NIST CSF and AWS CAF to help you programmatically optimize enterprise security operations.
Infosys offers cloud security services, solutions, and platforms to accelerate enterprise cloud transformation. Its managed security services on AWS enable customers to utilize rich Infosys experience and assets to secure cloud platforms by design.
As a next-gen managed service provider, Leidos delivers an entire spectrum of cloud, security, and engineering services to manage, migrate, monitor, and secure customers’ most complex private, public, or hybrid cloud environments.
With Mission MDR, you gain a team of AWS-certified engineers, backed by Alert Logic’s industry-leading security analytics and certified SOC analysts, and a tailored security solution aligned with your unique AWS deployment and security exposure.
By integrating AWS security services and partner products like Lacework with ML behavioral analysis and anomaly detection through Observian’s 24/7 managed security services, customers can increase their cloud security posture while reducing overhead.
Proficio helps AWS users reduce their risk and meet security and compliance goals by delivering 24/7 security monitoring and incident alerting from global SOCs. Proficio provides both manual and automated response to quickly contain threats.
With more than 1,200 AWS Certified Cybersecurity professionals, PwC’s managed security services help customers develop a tailored approach for any need so you can stop worrying about your cloud environment and concentrate on your business.
RedBear is a cloud cybersecurity company, providing consulting and managed security services. They follow a security-first approach with customers, and their managed security service uses security automation for rapid and continuous response 24/7.
Secureworks Taegis ManagedXDR is a a combination of software and 24/7 managed detection and response services that applies advanced analytics to detect threats; services that are informed by 20+ years of experience in security operations.
Sensitive data and detailed compliance requirements can be overwhelming and complicated. Smartronix has the tools and experience to accommodate your needs and regulations to deliver top-to-bottom, end-to-end security services.
Sophos fuse automated protection across endpoint, cloud workloads, and networks, with 24/7 managed threat response services to create a single cybersecurity package to secure data, proactively prevent vulnerabilities, and block advanced threats.
Tech Mahindra has a rich pool of industry trained and certified AWS Cloud Associates including more than 1,000 AWS Security Specialty. Tech Mahindra has built a Zero Trust security framework and cloud center of excellence (COE) that can accelerate your AWS Cloud transformation journey.
Versent maximizes the use of native AWS services and extracts the value of event data as early in the triage process as possible. This optimizes automated response opportunity and delivers excellent value through cost-effective AWS tooling.
Wipro is a sought-out partner for cyber professionals and provides work on the leading edge of client business transformation and technology innovation.
Customers: Procuring Level 1 Managed Security Services in AWS Marketplace
Partners: How to Join the AWS Level 1 MSSP Competency Program
Joining the AWS Level 1 MSSP Competency Program helps your organization differentiate and accelerate your AWS managed security business.
The program offers an exclusive package of benefits for partners, including additional Market Development Funding (MDF), participation eligibility for the annual AWS re:Inforce security conference, technical training workshops, extended access to AWS security partner success virtual conferences, and eligibility for promotion to internal AWS sales teams.
For the full list of entry requirements, benefits, and instructions to join, please see our guide.