Key Features on Warden
From unparalleled relevance in security findings to the ease with which the platform can be integrated into existing DevOps workflows, Warden has everything needed for organizations using Amazon Web Services (AWS) IaaS to continuously protect their infrastructure.
Comprehensive, actionable security insights from every Warden scan
Among the thousands of AWS resources, accounts, and regions, it can become extremely challenging for organizations to manually keep track of permission settings and resource configurations. Warden helps organizations to mitigate these critical cloud security risks with continuous security scans across IAM, network security, audit logging and monitoring, encryption, and resource access control. Each scan highlights contextualized vulnerabilities and steps on how every vulnerability can be remediated.
Stop security breaches that result from weak authentication of your cloud infrastructure
Secondary layers of authentication form a critical defense layer against unauthorized access from an attacker who has managed to hijack the root credentials through side-channel attacks or social engineering techniques. Without the added layer of authentication, an attacker may even gain access to Amazon EC2 control panels and have the ability to radically delete and modify data in your cloud environment including Amazon Simple Storage Service (Amazon S3) Buckets, AMI's, and Amazon Elastic Block Store (Amazon EBS) instances.
What is the vulnerability?
It was discovered that multi-factor authentication for AWS root account is not enabled.
Multi-Factor Authentication (MFA) provides another layer of authentication protection on the account which requires the user to generate a One-Time-Password (OTP) to authenticate.
Get notified whenever excessive account permissions and admin privileges are granted.
Overly lax account permission policies can be a hotbed for account misuse as attackers are constantly on the lookout for access keys that have full admin privileges. Before a user accidentally uploads your organization's access keys to GitHub, Warden will alert you to the relevant security risks.
What is the vulnerability?
It was discovered that one or more Customer Managed IAM Policies contain full administrative privileges. IAM Policies are JSON permissions policy documents that you can attach to an identity (user, group of users, or role).
These policies control what actions an entity (user or role) can perform, on which resources, and under what conditions. You can create standalone IAM policies that you administer in your own AWS account, which we refer to as customer managed IAM policies.
Prevent attacks that exploit excessive or misconfigured network connectivity in your AWS infrastructure.
Incorrectly configuring your EC2 security groups or ElasticSearch — a common problem during the software development lifecycle — can expose your sensitive data to the public. Warden helps you to detect this critical vulnerability before any bad actors do.
What is the vulnerability?
It was discovered that one or more ElasticSearch domains is publicly accessible to the Internet. Amazon Elasticsearch Service (Amazon ES) is a managed service that makes it easy to deploy, operate, and scale ElasticSearch clusters in the AWS Cloud. ElasticSearch is a popular open-source search and analytics engine for use cases such as log analytics, real-time application monitoring, and clickstream analysis. With Amazon ES, you get direct access to the ElasticSearch APIs; existing code and applications work seamlessly with the service.
Risk Prioritization & Vulnerability Management
Act on the vulnerabilitites that matter most to you across the major AWS resources including IAM, S3, ElasticSearch, EC2, and CloudWatch. Deprioritize those that don't. From the complete list of AWS security vulnerabilities and policy violations that Warden highlights, organizations can directly manage the priority of each security finding as necessary.
Take control of your cloud security posture by providing the context unique to your organization. With the ability to manage each vulnerability, you now can cater a customized cloud security experience that reduces alert overload for your team, ensuring your resources are always dedicated to patching meaningful and critical security gaps.
Security Posture Tracking
Warden empowers organizations with the ability to see how your risk posture in the cloud evolves over time.
This continuous cloud risk management, risk visualization and risk prioritization capabilities on the Warden dashboard can be directly leveraged to demonstrate to other stakeholders your security efforts.
Organizations can now quickly assess the level of compliance of your AWS infrastructure against the relevant regulatory framework, whether it is PCI DSS or AWS Well-Architected Framework. Each of Warden's rules are mapped against control categories including encryption, IAM, and resource access control to automatically provide you a reliable indicator of compliance.
Warden's Compliance dashboard helps organizations zero in and remediate their policy violations faster. At a glance, you can see all the control items sorted by category, how you score against each control item, and the appropriate actions you can take for each policy violation depending on its relevance to your risk posture.
New Security Insights From Your Change History
Reduce the time you invest in non-critical security issues, and develop an intimate understanding of your cloud risk posture with Change History. Besides having visibility of how your critical AWS resources are being configured, Warden provides visibility of how your team is using Warden — the recurring findings that they address and the risks that they are willing to accept.
By seeing the change log on the Warden dashboard against how your security posture evolves over time, Warden allows security leaders to identify and understand the high-priority risks amidst the noise unique to their organization. Security teams grow more efficient at improving security posture as a result, making more calculated investments that have the right security impact.
Once turned on, Warden integrates seamlessly into your existing workflows for your organization to get working fast. With third party channel integrations that include Slack, Github, Bitbucket, and Jira, you can customize how you want to receive alerts for new Warden findings according to your organization's preferred workflow.
Experience the Warden difference with a demo.
Get in touch with a Horangi specialist today to experience the Warden platform and how easy it is to start protecting your cloud infrastructure from security threats and policy violations.