Desktop Banner Mobile Banner
Media Automated Deployment of WAF Investors Secure Shield ESG Automated Security Response

Resolve common security threats and improve your security posture

Our Offerings

This Offering works with AWS Security Hub and provides predefined response and remediation actions based on industry compliance standards and best practices for security threats.

Icon Number 1

It helps to resolve common security findings and to improve their security posture in AWS.

Icon Number 2

It creates playbook contains the necessary actions to start the remediation workflow within the admin account or any member account.

Icon Number 3
Key Benefits

Key Benefits ​

  • AWS Security Hub integration
  • Resolve Security Hub findings
  • Automated remediation actions
  • Increased overall security posture
  • Improved visibility with QuickSight

Architecture

Architecture

Our Approach ​

Preconfigured templates are available for the solution

Detect
AWS security hub 1

Detect

Security Hub provides you with a comprehensive view of their AWS security state. It helps you to measure your environment against security industry standards and best practices. It works by collecting events and data from other AWS services, such as AWS Config, Amazon GuardDuty, and AWS Firewall Manager.

initiate Automated Security
AWS Security Hub

Initiate

You can initiate events against findings using custom actions, which result in Amazon EventBridge Events. AWS Security Hub Custom Actions and Amazon EventBridge rules initiate Automated Security Response on AWS playbooks to address findings. One EventBridge rule is deployed to match the custom action event, and one EventBridge Event Rule is deployed for each supported control (deactivated by default) to match the real-time finding event.

Orchestrate
AWS Identity and Access Management

Orchestrate

Using cross-account AWS Identity and Access Management (IAM) roles, AWS Step Functions in the admin account invokes the remediation in the member account containing the resource that produced the security finding.

Remediate
AWS Systems Manager Automation

Remediate

An AWS Systems Manager Automation Document in the member account performs the action required to remediate the finding on the target resource, such as disabling AWS Lambda public access.

Logs group
Amazon CloudWatch Logs group

Log

The playbook logs the results to an Amazon CloudWatch Logs group, sends a notification to an Amazon Simple Notification Service (Amazon SNS) topic, and updates the Security Hub finding. An audit trail of actions taken is maintained in the finding notes.

Output verification
Security Hub dashboard

Output verification

On the Security Hub dashboard, the finding workflow status is changed from new to either NOTIFIED or RESOLVED. Hub dashboard. The security finding notes are updated to reflect the remediation performed

Monitoring
Centralized findings repository

Monitoring

Query the findings from the centralized findings repository and build dashboards for visualizations.

Target Customer

Healthcare Icon
Healthcare providers looking to safeguard patient information and comply with health data regulations
Educational institutions Icon
Educational institutions needing to secure online learning platforms and student data
Financial services Icon
Financial services companies focused on compliance and protection against security threats
Manufacturing enterprises
Manufacturing enterprises securing their operational technologies and data
E-commerce Icon
E-commerce platforms requiring robust security measures to protect customer data and transactions
IT and ITES organizations
IT and ITES organizations needing automated security responses for their cloud infrastructure

Customer Engagement And Delivery Mechanism

Customer Engagement

After understanding client requirements in the initial consultation, we draft a customized Statement of Work (SoW) outlining the specific security automation processes, timelines, and deliverables.

This SoW is submitted for client approval and, if applicable, to AWS for funding validation. Throughout the engagement, we conduct regular status meetings and provide detailed progress reports to ensure the project stays on track and meets client expectations.

Use Cases​

Common automated security response use cases on AWS

Automated Remediation

Automated Remediation for Resource Misconfigurations

Automated Compliance

Automated Compliance Checks and Remediation

Automated Threat Detection

Automated Threat Detection and Mitigation for EC2 Instances

Automated Incident Response

Automated Incident Response for Security Group Policy Violations

Close

Using Redington Search

You can easily search the entire Redington site in several ways.

Logistics
-Warehouse
-Supply chain solutions
-Transportation

QUICK LINKS

Enquiry
X

Enquiry

Fill up your details and we will get back to you