Automated remediation level 2: Best practices

Automated remediation level 2: Best practices

A low-impact workaround


When it comes to automating remediation, the second level we’ll discuss takes a bit of additional planning. This is so that users will see little to no impact in the account fundamentals automation process.  


This framework aligns with the Center for Internet Security Amazon Web Services (CIS AWS) benchmark, which helps security organizations assess and improve processes by providing a set of unbiased industry best practices. Again, planning is the key here to calibrate automation properly and maintain hygiene of your cloud security. In this second level, let’s take a look at 3 housekeeping best practices that can have a tremendous impact when it comes to automating remediation.


Organize the unused


Security groups act as a sort of traffic control checkpoint. Specifically, AWS Launch Wizard will automatically create security groups that define inbound traffic. If you’re not careful, many of these groups could go unused and subsequently become vulnerabilities. Think of it this way: if a security group isn’t attached to an instance, why would you leave it hanging around, especially if it can be exploited?


This is why it’s a good idea to perform regular maintenance of these groups. If Launch Wizard is automatically provisioning resources, then the “why” of it all should be understood by all key players  so that automation doesn’t create chaos and continues to work for you.


Delete the defaults


You should control and calibrate the rules that best suit the organization and its workflows. As such, a tip from your frie ..

Support the originator by clicking the read the rest link below.