MVISION Cloud Native Application Protection Platform (CNAPP) integrates with several native Amazon Web Services (AWS) integrations to help customers more easily secure their applications and data in their Infrastructure as a Service (IaaS) and Platform as a Service (PaaS) environments. Architected to support multiple AWS services, MVISION CNAPP helps customers continuously identify and fix misconfigurations and software vulnerabilities in their AWS environment and securely accelerate their deployment of cloud-native applications.
AWS Security Hub
AWS Security Hub is a security service provided by AWS that helps aggregate and organize security alerts and security posture across your AWS account. MVISION CNAPP integrates with AWS Security by allowing customers to forward Cloud Security Posture Management (CSPM) configuration incidents to AWS Security Finding Format (ASFF). For more information, check out Integrate MVISION CNAPP with AWS Security Hub.
Amazon CloudWatch
Amazon CloudWatch is a monitoring service in AWS that enables central logging of all API calls for your AWS accounts and services. MVISION CNAPP can ingest CloudWatch events and create automatic remediation workflows or notifications for near real time configuration audits. See Near Real-Time Configuration Audit for AWS on how CNAPP works with Amazon CloudWatch.
Learn MoreAWS Systems Manager
AWS Systems Manager allows you to automate operational task across your entire AWS compute resources using a single console. With System Manager, you can execute Run Commands that will automatically deploy and install CNAPP Cloud Workload Protection agent on all your EC2 instances for global protection. To see how to use AWS Systems Manager with CNAPP, visit Deploying CNAPP agent using AWS Systems Manager.
Learn MoreAWS CloudFormation
AWS CloudFormation provides customers with an easy way to automatically deploy a collection of AWS services for quick provisioning and consistency. However, provisioned incorrectly this automation can result in a ripple effect of misconfigurations across all your AWS resources. CNAPP provides the ability to scan CloudFormation templates, identify potential security issues, and provide ways to prevent deployment that don’t adhere to your policies.
Learn MoreIn the Spotlight
Detect internal and external threats to AWS infrastructure
McAfee captures a complete record of all user activity in Amazon Web Services (AWS) across multiple heuristics, detects threats, automatically takes risk-mitigating action, and supports forensic investigations. As threats are resolved, McAfee automatically incorporates this data into its behavioral models to improve detection accuracy.
Compromised Accounts
McAfee detects compromised account activity in AWS based on brute force login attempts, logins from new and untrusted locations for a specific user, and consecutive login attempts from two locations in a time period that implies impossible travel – even if the two logins occur across multiple cloud services – to support immediate remediation and limit exposure.
Insider and Privileged User Threats
McAfee automatically constructs a behavior model with dynamic and continuously updated thresholds for each user and group to identify activity indicative of insider threat. Privileged User Analytics identifies risk from inactive administrator accounts, excessive permissions, and unwarranted escalation of privileges and user provisioning.
Audit Identity and Access Management (IAM) permissions
McAfee audits the Identity and Access Management (IAM) permissions assigned to users and inherited from group membership, highlighting inactive user accounts that can be deleted to reduce the attack surface. IAM Group Analytics discovers groups without active members that can be deleted.
Audit AWS security and compliance configuration with cloud security posture management (CSPM)
McAfee continuously monitors and audits AWS security configuration settings to ensure compliance with external regulations and internal policies. McAfee uses field-tested industry best practices to suggest modifications to configuration settings to tighten security and ensure compliance.
Standardize on a corporate AWS account
McAfee identifies all AWS accounts in use by employees and enables enterprises to standardize on their corporate AWS account. Using McAfee, you can enforce governance controls and coach users to corporate AWS accounts for centralized visibility and policy enforcement.