Home     Free Vulnerability Scan (IVS)     About     Security Blogs     Contact Us

Best Cloud (AWS, Azure) Enhanced Security Suite?

Having worked with public Cloud's such as AWS and Azure for years, it's highly recommended (even by the vendors themselves) that their security is enhanced for certain workloads such as regulatory compliant or Internet facing web applications, by using third-party software.

Both vendors provide out of the box standard security such as firewalls and some threat management such as basic WAF (AWS), anti-virus (Azure), security center (Azure) - however neither provide a comprehensive enterprise-grade Intrusion Prevention System.

Having tried a lot of the key names, I would strongly recommend Trend Micro Deep Security (available via AWS Marketplace and Azure Marketplace) because:

  • Agent host based model, centrally managed enterprise-grade
  • IaaS and SaaS versions available
  • BYOL and runtime licenses available
  • Comprehensive suite of easy to use tools including deep packet inspection firewall, intrusion detection and prevention system, anti-malware including ransomeware, file integrity monitoring, log inspection, web reputation services
  • Includes auto-configure mode which will auto-detect the server it's running on and configure the rules appropriately to what's installed
  • Cloud native - so works with cloud architecture such as auto scaling and agent bootstrapping
  • I've witnessed it passing third-party security penetration testing