Cloud Native Security for AWS


Rackspace offers Cloud Native Security (CNS) for your Amazon® Web Services (AWS) environments.

As attack vectors multiply year over year, security is more important than ever. Neglecting it can be a costly proposition. In 2019 alone, the average cost of a security breach was nearly $3.9 million. It’s no longer “Can you afford to invest in security?”—it’s “Can you afford not to?."

At the same time, a proliferation of innovative new cloud technologies is expanding the perimeter that needs to be secured. While AWS provides a secure infrastructure platform and native security services, what you build on top of it must be secure as well.

What is CNS?

Before defining CNS, you need to understand what cloud native means in this context—that is, “cloud vendor native” or “AWS native”.

Cloud Native Security, then, offers managed security services for AWS native security products. Currently this includes AWS Security Hub, Amazon GuardDuty, and IAM Access Analyzer. Rackspace will add other AWS security products in the coming months.

Challenges

Simply enabling a set of CNS tools is inadequate. You also need the expertise to deploy and use the tools and to interpret the results. Among the many challenges you might face are the following concerns:

  • Defining a security strategy that adheres to best practices.
  • Deploying and managing the right security products for your business.
  • Providing staff to monitor and respond to security alerts around the clock
  • Having security event and information management (SEIM) or a consolidated view into security data across multiple environments.
  • Having a security operations center (SOC) or certified AWS security experts in house.

Shared responsibility model

With cloud architecture, security becomes much more difficult to manage. For example, your company might not own, or manage, all the cloud resources it leverages. So now, it becomes a matter of security of the cloud, rather than security in the cloud. This scenario introduces the shared responsibility model.

In our case, AWS is responsible for the health and security of all of the infrastructure that underlies the services that they present to you to consume (of the cloud). However, any resource that you provision on top of that infrastructure is your responsibility (in the cloud).

How Rackspace helps

As we announced in the blog, Rackspace joins AWS Security Hub as the first consulting MSSP partner:

We’re proud to announce that we are the first consulting managed security
service provider (MSSP) partner for AWS Security Hub, offering consulting
services for AWS cloud-native security tools. With AWS Security Hub,
businesses get consolidated, aggregated, organized and prioritized security
alerts from multiple AWS services, such as Amazon GuardDuty, as well as from
AWS partner solutions.

This means that we can offer around-the-clock managed security services for AWS Security Hub, Amazon GuardDuty, and the newest security tool from AWS, IAM Access Analyzer. We provide certified security experts in our fully-staffed global SOC. We pull the threat information directly from the AWS tools into our SEIM and analyze the data to stay a step ahead.

Helpful resources

Learn more about our CNS for AWS services.

Use the Feedback tab to make any comments or ask questions. You can also start a conversation with us.

post avatar
Maxim Rozin

Maxim Rozin is a Principal Engineer and a Product Manager at Rackspace, where he has worked since 2009. He spent the last 18 years in IT and holds all five of the Associate and Professional-level AWS certifications. When he is not at work, Maxim is likely snowboarding or hiking in the Alps.

Share this information: