Varonis For

Amazon Web Services

Protect AWS identity management (IAM), storage (S3), and compute (EC2) solutions from threats. 

Logo_Amazon Web Services-Full-Color

Challenge

Amazon Web Services (AWS) is one of the world’s most comprehensive and broadly adopted cloud platforms. However, the multitude of options for identity management, permission levels, and access controls, makes AWS resources extremely difficult to secure at scale.

It’s critical for security and compliance teams to understand where assets are concentrated in AWS, what permissions are in place, and to monitor how data, configurations, and policies are changing daily. Native AWS security tools don’t provide an easy way to enforce least privilege, uncover data exposure, and detect abnormal behavior.

Solution

As an AWS partner, Varonis offers a comprehensive solution to protect AWS identity (IAM), storage (S3), and compute (EC2) services from insider threats and cyberattacks. We help prioritize risks around your critical AWS environment and identify public exposures and misconfigurations.

By integrating permissions, activity, and data sensitivity information, you can identify & address exposures, provide detections for internal and external threats, and accelerate cross-cloud investigations.

Limit exposure in AWS.

With several roles and permissions sets, AWS configurations are incredibly complex, making it difficult to spot and fix excessive data access. Varonis maps and normalizes AWS permissions into a simple CRUDS (create, read, update, delete, and share) model, providing a real-time view into effective permissions. Discover misconfigured, publicly exposed AWS buckets or EC2 instances, uncover privileged inline policies, and monitor identities to reduce your exposure and secure your sensitive assets.

Alert on suspicious user activity. 

Protect your critical data from malicious actors with notifications on abnormal activity and unauthorized access. Get alerts on risky misconfigurations, excessive bucket deletion attempts, or suspicious connection requests, and when stale admin accounts become active and begin accessing or sharing data. On top of built-in alerts, you can easily configure your own alerts.

Conduct fast cross-cloud investigations.  

Varonis makes investigations faster and more effective than with built-in AWS security capabilities alone because we enrich events and correlate identities, across AWS services and cloud apps. Easily bundle cross-cloud activities to see things like all access management events or all authentication events, and sort and filter the audit trail by user or cloud service.