Innovative Security, brought to the AWS (Amazon Web Services) Cloud
Tiago Faria, Security team lead at 3CORESec allowed us a sneak peek into their brand new, built from scratch, self-hosted security solution.
This full spectrum security and monitoring suite leverages the base functionality of the well-known ElasticSearch platform and IDP/IDS features provided by the Open Source Suricata system.
Adding to that:
- a host of in-house developed intelligent scanning and detection features,
- highly flexible monitoring and reporting,
- as the main catalyst: purpose built hardware devices to do the heavy lifting, unobtrusively scanning all relevant ingress/egress network traffic.
- ideally, the solution operates in the AWS cloud, but on premise or hybrid solutions are possible
Immediately after implementing this solution at one of inQdo’s clients (a provider of software solutions), the solution started providing the security team a wealth of security related information and insight regarding their various on-premises sites.
This successful deployment led them to investigate next steps to take.
Can we bring our solution to the AWS cloud?
What challenges will we face? What information can we gather? And more importantly, how do we create a cloud based replacement for the purpose-built scanning hardware we designed? As we can hardly go up to any AWS datacenter and ask them to plug in these appliances. However useful that might be.
This is where inQdo Cloud comes into play
As a trusted AWS partner, we were already assisting the client in migrating all important applications to the AWS cloud. These applications and servers on AWS face the security related issues and threats as addressed by the 3CORESec on-premises solution. But being on AWS provides us with the advantage where we can utilize and leverage AWS provided security services like Amazon GuardDuty, Config, Inspector and Amazon CloudTrail by merging and enriching AWS security events with network related events to establish comprehensive and actionable insights.
The challenge is to implement a combination of these AWS native services and to work and interact with the in-house developed tools. inQdo Cloud and 3CORESec are happy to accept the challenge. Together we’ll focus on creating a robust, scalable and highly available security solution, developed in-house at 3CORESec and deployed on the AWS cloud
Interested? Please send an email to Dennis van Bavel or give us a call on +31 85 – 201 11 61.