SOAR Use Case: Amazon Web Services (37:21)
In 2015, Amazon Web Services (AWS) disclosed that every month, they have more than one million active customers in 190 countries, including nearly 2,000 government agencies, 5,000 education institutions, and more than 17,500 nonprofits. Each day, more organizations grow their cloud computing power, which leads to new and increased security risks. And as these increased security risks lead to analysts struggling to keep up with bad actors, malicious use of AWS APIs, threat remediation and more, a security orchestration, automation and response (SOAR) solution can help.
Swimlane’s SOAR solution can help your organization ingest AWS GuardDuty findings automatically, enrich data by using open-source intelligence tools, and gather logs from AWS CloudTrail and AWS CloudWatch. Once a determination has been made, Swimlane can automatically perform appropriate remediation actions, such as blacklisting an IP, quarantining an EC2 (elastic compute cloud) instance, and/or taking a snapshot of an EC2 instance.
Watch our on-demand webinar with Josh Rickard and Jay Spann as they demonstrate how Swimlane can bolster your SOC team’s ability to investigate and respond to threats against your AWS infrastructure.