AWS Foundational Security Best Practices

The AWS Foundational Security Best Practices Pack is a group of Insights that align with the AWS Foundational Security Best Practices standard. This standard is a set of controls that detect when your deployed AWS accounts and resources deviate from security best practices.

📘

Compliance Disclaimer

InsightCloudSec provides our customers with various compliance packs that can help align with a variety of cybersecurity/compliance organizations and their requirements. It is important to note that while InsightCloudSec can offer support for a number of standards, none of the capabilities we offer, including our compliance packs, are intended to individually provide 100% adherence to any security standard.

Prerequisites

Before you get started with any compliance packs, you will need to have the following:

  • A functioning InsightCloudSec installation
  • The appropriate permissions to apply this Compliance Pack to your desired infrastructure
  • Familiarity with your organization’s compliance requirements

If you have questions about implementing this Compliance Pack or other general questions, reach out to us through the Customer Support Portal.

Feature Summary

This new Compliance Pack currently includes 63 Insights that will help customers align with the AWS Foundational Security Best Practices standard. This pack reflects best practice standards including:

  • CloudFront distributions should require encryption in transit
  • AWS Config should be enabled
  • MFA should be enabled for all IAM users that have a console password

In addition, our subsequent releases will continue to update the pack as more filters and Insights are available. If you have specific questions on this capability or a supported resource, reach out to us through the Customer Support Portal.

What's Next

To learn more about using both the out-of-the-box Compliance Packs and our Custom Insight Packs, take a look at our Insights documentation.

In addition, to explore more details around our automation capabilities, take a look at our documentation on BotFactory.


Did this page help you?