Mission Cloud Security Healthcheck Powered by CrowdStrike
Deploy your comprehensive security scan in minutes
What's your level of security confidence?
How confident are you in the security posture of your AWS environment, on a scale of 0% to 100%?
The worst feeling to have about security is uncertainty. Do these sound familiar:
- We have an audit coming up, are we ready for it?
- Did we configure that correctly?
- What about that weird behavior we noticed on the cluster the other day…?
AWS has comprehensive security tools and features that can go a long way toward protecting you, provided they’re set up correctly—but are you certain you have it right? And what about other forms of threat or identity detection? How do you optimize for security without sacrificing user productivity?
Security is a complex, ever-evolving landscape. What was “good enough” yesterday might be putting you at risk tomorrow.
Get a real-time window into your cloud security posture
With Mission Cloud’s Security Healthcheck, you’ll get the same CrowdStrike Falcon Cloud Security Posture Management tooling (CSPM) we operate for every customer of our Mission Cloud Secure managed service. As part of Falcon Cloud Security, this tooling examines the security posture of instance-based and containerized workloads to find opportunities an attacker might exploit.
Even for organizations with dedicated security teams, it can be nearly impossible to keep up with new threats and best practices. Running a Security Healthcheck can offer peace of mind and improve your overall security posture—now and into the future.
In addition to seeing your security posture visualized through CrowdStrike’s dashboards, Mission and CrowdStrike Solutions Architects will meet with you to review critical resource types, like IAM, Storage, and Production Workloads to help you triage issues, assess compliance, prioritize remediations, and identify recurring patterns of compromise.
-
Indicators of Misconfiguration
Indicators of Misconfiguration (IOMs) show when a resource has potentially exposed data or opened up a window of opportunity for an attacker. These are ranked in severity (low to critical) according to the potential for compromise and CrowdStrike’s best practices for cloud security on AWS.
-
Indicators of Attack
Indicators of Attack (IOAs) show when correlated events have occurred within a resource or related resources that indicates an active threat in your environment; that correlation model scores the severity of the alert on a 10 point scale—the higher your number, the greater the risk of compromise/malicious activity.
How your posture is assessed: IAM Roles
In order to detect these indicators and assess your security posture, CrowdStrike creates 2 IAM Roles:
- a read-only role for detecting IOMs.
- a role for detecting IOAs (integrates with CloudTrail and EventBridge to enable near-real-time streaming of logs).
| IAM ROLE NAME | DESCRIPTION |
| CrowdStrikeCSPMReader-[uniqueId] | For configuration assessment. Has read-only access to AWS services for the detection of insecure configurations through API calls. |
| CrowdStrikeCSPMEventBridge | The role is used by EventBridgeRules in customer accounts to allow CrowdStrike to receive the CloudTrail events. |
How the assessment works
01
You create CrowdStrike’s IAM roles for CSPM monitoring on your AWS accounts.
02
Mission and CrowdStrike Solutions Architects meet with you for a discovery call to discuss your security needs, concerns, and objectives.
03
We spend a week (5 business days) reviewing the findings and assessing your overall security health.
04
We take you through a tour of concerns that we’ve identified that merit your attention, based on a combination of your goals (like compliance readiness) and indicator severity; we review and discuss potential remediation strategies.
05
You receive a checklist highlighting the items we discussed with you.
Ensure Your Secure, Today
Ensure your cloud infrastructure is secure with your healthcheck—reach out to our security experts to start the assessment today or call 855-647-7466.