Security posture management can be challenging due to the dynamic nature of cloud infrastructure. In this blog Sri Santhanam explains how you can continuously monitor, detect, and remediate security issues with the DAY2™ Security Bot. All you need to do is connect your AWS cloud account to MontyCloud DAY2™. DAY2™ automatically discovers, inventories, contextualizes and runs checks against 200+ security policies and AWS best practices. Then, it generates a contextual security posture dashboard. You can go a step further and define remediation rules, so you can autonomously enforce security compliance across cloud accounts and regions.

 – Sabrinath Rao

Cloud Security is a challenging shared responsibility

Shared responsibility security model is the primary foundational construct of a cloud security strategy. [Gartner] “However, the challenge exists not in the security of the cloud itself, but in the policies and technologies, for security and control of the technology. In nearly all cases, it is the user, not the cloud provider, who fails to manage the controls used to protect an organization’s data.”. Customer responsibility is also increasingly getting difficult due to:

  1. Dynamic nature of cloud footprint
  2. Lack of security expertise in cross-functional teams
  3. Skill gap in keeping up with multiple AWS services
  4. Maintenance and management of too many tools and configurations
  5. Manual execution at scale [of the cloud] with lack of automated workflows

Improve your security posture using DAY2™ Security Bot

Using DAY2™ Security Bot you can:

  1. Monitor and gain continuous visibility into the security posture of your organization, department, or applications
  2. Use built-in 200+ security policies that helps alignment with NIST CSF, NIST SP 800-53, AICPA TSC and ISO/IEC 27001
  3. Use an extensive catalog of automated operations for single-click remediations to respond and fix security issues
  4. Receive real-time notification and reporting into Slack, Microsoft Teams, Email and PagerDuty

Activating DAY2™ Security Bot

You will need an active DAY2™ account (Get started with a FREE trial today!) and a connected AWS account. Administrators can activate DAY2™ Security Bot via DAY2™ Bots management Admin menu.

Automation BOTs Menu

Cloud Security BOT

You can readily use built-in security policies and attach them to business context such as departments, accounts, and regions.

Security BOT configuration

DAY2™ recommends using the built-in policies to improve your security posture with Industry Security standards such as NIST CSF, NIST SP 800-53, AICPA TSC and ISO/IEC 27001. With built-in policies you also evaluate against AWS security best practices across 72 AWS services.  You can also customize the policies according to your business needs.

Cloud Security policies

With DAY2™ Security Bot, you can configure & receive notifications and alerts based on the severity of the policies, in external systems such as in Slack, Microsoft Teams and PagerDuty.

That’s it! The DAY2™ Security Bot will analyze your cloud footprint and provide actionable insights.

Cloud Security dashboard

Continuous Assessment and Reporting

Once activated DAY2™ Security Bot ensures continuous security monitoring and surfaces extensive insights.

A centralized view of your cloud footprint’s security posture can be visualized via our Insight’s dashboard. Summary charts and customizable filters such as departments, applications, accounts, regions, and resource types enable users to visualize and focus on the right issues to respond in a timely manner.

security findings

An application centric security posture can also be visualized for the resources via our apps insights dashboard.

automated security remediation

Customer will start receiving real-time notifications in their existing chatops channels improving cross-functional team collaboration and mean time to response.

cloud security Slack notification

Cloud Security Teams notification

 

Automated Response Actions

DAY2™ offers an extensive catalog of automated remediation actions with recommended single-click response actions. Customers can also use their own remediation scripts. For example, customers can use their custom script to update inbound rules for security groups with specific CIDR address.

Ability to suppress insights is key for reducing noise and team’s effectiveness to focus on actual issues that applies to their business context. Customers will be able to suppress one or more selected insights using the suppress action in Insights dashboard

Comprehensive security policies management, continuous evaluation and faster response times are crucial for the shared responsibility security model. DAY2™ Security Bot with its automated solutions help customers continuously improve their security posture at scale.

How can I start using this today?

DAY2™ Security Bot is available in MontyCloud’s DAY2™ platform today, and to learn more about this feature and about MontyCloud’s intelligent Cloud Management Platform, you can sign-up for a 14 day no-obligation free trial.

About the Author: Sri Santhanam

Sri Santhanam
Sri Santhanam is a Principal Product Manager at MontyCloud. With extensive expertise in building enterprise cloud management software, Sri is passionate about customer success and empathy. She loves working from customer needs to bring rich experience in designing, developing and delivering highly scalable cloud services. Sri is a voracious reader and loves talking about books over a cup of coffee.
100% LikesVS
0% Dislikes
Subscribe

Leave A Comment

4 × 1 =