| AWS Services | Trend Micro Services | Usage |
|---|---|---|
| EC2, WorkSpaces | Cloud One Workload Security | Agent based protection of EC2 and WorkSpaces workloads, providing advance malware detection with ML/AI, web protection, host based IPS/IDS for virtual patching, integrity monitoring, FW, log inspection and EDR. |
| Cloud One Network Security | Network Security uses EC2 for running virtual appliances, providing inline and transparent virtual patching for workloads on the network. | |
| Outposts | Cloud One Workload Security | Agent based protection of Outposts based EC2 workloads, providing advance malware detection with ML/AI, web protection, host based IPS/IDS for virtual patching, integrity monitoring, FW, log inspection and EDR for your On-Prem AWS workloads. |
| Cloud One Container Security | Container Security runs on Outposts to control which containers can run on your environment and protect container runtime environments running EKS and ECS clusters. | |
| Cloud One Application Security | Application Security is a Runtime Application Self-protection (RASP) framework to protect your Web and API services against malicious payloads, SQL injection attacks, malicious file uploads, remote code execution, illegal file access, open redirect and provides IP protection. | |
| Lambda | Cloud One Conformity | Conformity uses Lambda functions to check AWS environments for cloud service /resource misconfiguration, security risks, compliance (GDPR, PCI, ISO27001, NIST and so on) and overall Cloud posture. |
| Cloud One Application Security | Application Security is a Runtime Application Self-protection (RASP) framework to protect your Serverless Lambda functions against malicious payloads, SQL injection attacks, malicious file uploads, remote code execution, illegal file access, open redirect and provides IP protection. | |
| Cloud One File Storage Security | File Storage Security uses Lambda functions and a cross-account Lambda layer to scan inbound S3 objects for malicious files, embedded expolit code and known vulnerabilities, based on pattern-based scanning and heuristic scanning techniques. Customer can also build custom workflows based on the SNS topic to trigger custom actions. | |
| ECR, ECS, EKS, Fargate | Cloud One Container Security | Container Security provides admission control and runtime protection for runtime container environments running on ECS, EKS and Fargate. Container Security also protects Elastic Container Registries (ECR) with on-demand and registry scans on container images, scanning for malware, vulnerabilities, secrets, keys and passwords, also providing recommendations to fix package vulnerabilites based on Snyk's source code vulnerability database. |
| S3 | Cloud One File Storage Security | File Storage Security can be leveraged to scan files on ingestion to S3. The service is built on highly scalable AWS Cloud-native services like AWS Lambda, SQS, SNS. Customers can use multiple deployment options and integration plugins based on third-party APIs and Post-scan action Lambdas. |
| SQS | Cloud One File Storage Security | File Storage Security uses SQS to maintain a first-in-first-out (FIFO) queue of incoming scanning request messages and a dead letter queue to retry failed scans. |
| SNS | Cloud One Workload Security | Workload Security can be configured to send system and security events to an SNS topic and custom actions can be performed using Lambda functions, run commands through Systems Manager. |
| Cloud One Conformity | Conformity uses SNS topic to send event-based alert notification so that customers can integrate auto-remediation Lambda functions, custom scripts and workflows. | |
| Cloud One Application Security | Application Security uses SNS topic to send security events for each Application Security groups. This allows to plug in custom actions, notifications and workflows. | |
| Cloud One File Storage Security | File Storage Security uses a SNS topic to publish scan results and integrate customized post-scan actions to the scanning workflow. Actions such as promote or quarantine S3 objects based on scan result. | |
| VPC, Transit Gateway, Gateway Load Balancer | Cloud One Network Security | Network Security uses VPC Ingress routing, transit gateways, gateway load balancers to perform TLS inspection and packet filtering based on intrusion prevention rules, geolocation and domain-based filters. |
| Amazon Inspector | Cloud One Workload Security | Workload Security supports integration with Amazon Inspector to mitigate and protect vulnerable EC2 instances and AMIs with the Workload Security Agent. |
| Amazon GuardDuty | Cloud One Workload Security | Workload Security supports integration with GuardDuty's findings to run a recommendation scan to ensure the EC2 instance is up-to-date security policies applied to it, run an integrity scan to ensure critical files were not modified without authorization and also enable intrusion prevention to block future attempts at remote exploits. |
| Amazon AppFlow | Cloud One Workload Security | Workload Security enables seamless integration with AppFlow to monitor security status from each agent and deliver insights to the Cloud team. |
| AWS Security Hub | Cloud One Workload Security | Workload Security can integrate directly with AWS Security Hub prioritizing critical security alerts and compliance issues in customer AWS deployments, providing the much needed visibility in highly cohesive environments. |
| AWS Control Tower | Cloud One Workload Security | AWS Control Tower can be used to automatically provision Deep Security agents across multiple AWS accounts, providing centralized visibility to the security posture of EC2 instances. |
| AWS Systems Manager | Cloud One Workload Security | AWS Systems Manager's Distributor can be used to securely store and distribute Deep Security agents in your accounts, across multiple platforms, control access to managed instances and automate depoyments. |
| AWS WAF | Cloud One Application Security | Application Security can complement AWS WAF's protection to block SQL injection and other common web attacks from within the application process. Each application security group in Application Security can be configured to a fully customized policy and agent based on a wide range of programming languages and frameworks used. |
| AWS Control Tower | Cloud One Conformity | AWS Control Tower can be used to automatically provision Deep Security agents across multiple AWS accounts, providing centralized visibility to the security posture of EC2 instances. |
Views:
Keywords: aws services,Cloud One,trend micro services,list,mapping,aws and cloud one