Visibility is usually the first step to finding insights. With that in mind, the Valtix cloud network security platform includes a Cloud Risk Assessment, which provides discovery of your cloud assets and visibility of traffic flows to show the intent and actual traffic from potentially compromised workloads to malicious sites.
The Valtix Cloud Risk Assessment is a summary PDF report for decision-makers and security teams. The report gives them an insight into network traffic flows in their current AWS environment and helps guide on which inline network security protections might be needed. The report provides insights into egress (outbound to Internet) traffic flows to determine if your cloud deployment is connecting to malicious sites running command-and-control (C2) or inappropriate sites (adult, phishing, gambling etc), in case you need to start an incident response investigation.
Valtix synthesizes the following information in a single pane of glass that lets you see top-level information and an ability to quickly drill down to logs in seconds, and see contextual information (instance level tags) and threat intelligence:
DNS queries from AWS Route 53 and VPC flow logs
Continuous, near real-time, inventory of your cloud assets: multiple AWS accounts, regions, VPCs, instances and their meta-data such as tags that identify workloads (“dev”, “prod”, “web”, “pci” etc applied by application teams)
Threat intelligence on FQDN/domain site categorization (from BrightCloud) and malicious IPs (from Trustwave).
The Cloud Risk Assessment is available for free to all prospective customers and existing customers.