Tech Docs: Update Your AWS S3 Security Monitoring Bucket List with Aperture!



 Tags: , ,

tech docs

AWS_1

Release Highlights:

Your applications demand high-performance storage solutions that are easy to manage and access from anywhere without compromising your security monitoring best practices. Your organization probably does not have just one AWS account but dozens to hundreds of AWS accounts.

Aperture offers two new AWS S3 scanning and management features that you can use to monitor thousands of buckets and hundreds of accounts with a very simple installation, centralized monitoring and policy enforcement.

Learn how you can configure these features today and adhere to AWS S3 best practices for your security monitoring with Aperture!

Key enhancements and features include:

  • Two new scanning options for Amazon AWS S3 accounts:
    • Scan All—With a single configuration, you can now scan all new and existing AWS S3 buckets in Aperture to detect S3 account activities and automatically report data exfiltration and malware propagation events for all regions. Previously, you had to manually configure individual buckets to scan, and repeat the entire process for each new S3 bucket or CloudTrail change.
    • Cross Account Scan—You can now monitor and manage policy for up to 1,000 AWS S3 accounts with a single Aperture installation and secure all primary and secondary accounts in your AWS environment with one configuration step. Previously, you had to manually configure each individual account, including primary and secondary accounts.
  • Configuring shared IAM roles that delegate access to other AWS accounts. By configuring cross-account access with an IAM role, you don’t need to create individual IAM users for each account. In addition, users don’t have to sign out of one account and sign into another to access resources that are in another AWS account.
  • Expanded CloudTrail configuration options that support both centralized and distributed management and analysis of different log types.

For more details on the new enhancements, take a look at the Aperture New Features Guide.

As always, you can find our content on our Technical Documentation site.

Happy reading!

Your friendly Technical Documentation team

Have questions? Contact us at documentation@paloaltonetworks.com.

Got something to say?

Get updates: Unit 42

Sign up to receive the latest news, cyber threat intelligence and research from Unit42