

In this post, we will show you how to design an effective defense against the current threat landscape using a combination of native AWS capabilities and services with Blue Hexagon’s next-gen Network Detection and Response (NG-NDR) security tool powered by deep learning artificial intelligence (AI).īlue Hexagon is an AWS Advanced Technology Partner with a real-time deep learning platform for network threat protection. The shared responsibility model for security at Amazon Web Services (AWS) secures the underlying infrastructure and relies on customers to secure their own workloads. Detecting and responding to such threats requires real-time packet-level inspection and deep analysis capabilities. However, the slow and reactive nature of such tools makes them particularly ill-suited to the velocity of cloud workloads and threats posed to them.

To defend against such threats, security teams have been deploying signature-based intrusion detection systems (DS), antivirus tools, and sandboxes. These threats directly attack web-facing workloads, they move laterally from on-premises networks to virtual private clouds (VPCs), and they attack supply chains built from open source libraries in machine-generated traffic, all in a matter of seconds. However, it’s at the application-layer that advanced malware/non-malware threats increasingly look to compromise hybrid enterprise networks. Securing customer workloads against these attacks has largely focused on identity and access management (IAM), log aggregation, and processing to uncover threats after the fact. Indeed, malware-as-a-service is a prosperous business, with the micro-perimeter network very often being the first line of attack.

Threat actors increasingly employ automation to breach defenses and act on their objectives. Partner Solutions Architect, Networking at AWS Arun Raman, Head of Cloud at Blue Hexagonīy James Wenzel, Sr.
