Menu

Organizations use frameworks to achieve compliance, manage risk and strengthen security to achieve business objective. We support many regulatory compliance and security frameworks but a common feedback from our customer was to also let them define the subset of rules that are most relevant to their organization.

We’re happy to announce that this is now possible, and you can define your own custom reports and review the results for your AWS account or organization.

I will walk you through this feature next starting with the pre-requisites, defining your custom reports and then finally reviewing the results.

Prerequisites:

  • Onboard an AWS account or AWS organization to ASecureCloud
  • Run an security assessment

Defining your custom reports

Follow these steps to define your custom report :

  • Login to your account , under Custom Reports and select Create new report.
  • Name your report and save.
  • Edit the default group category or add your own category to add rules

you can select rules by either Service ( S3, EC2 …) and/or by security domain ( Data protection , Logging & Monitoring …)

Attention :
Don’t forget to Save Changes after editing the rules


Retrieving your custom reports

You are now ready to view the results of your custom ruleset:

  • Select Assessments from the left menu
  • Ensure you have select the right AWS account or Organization
  • Find your report in Custom Compliance Standards

Expand by clicking on the Report Card

Upon scanning your AWS account ( or Organization) with ASecureCloud’s CSPM , you are now able to define your own standard alonside the many other compliance frameworks we provide including:

✔️ PCI-DSS
✔️ HIPAA
but also standards such as:
✔️ NIST 800-53 & CSF
✔️ CIS AWS Foundations
and country specific like :
✔️ Reserve Bank India(RBI) Cyber Security Framework
✔️ Canada Protected B Medium integrity Medium availability (PBMM)
✔️ Canada GC Guardrails

Let us know what you think of this new capability and don’t forget that you can test drive this and any of our premium features today using the Free tier license.

We often find ourselves searching the web for AMI_ID of the latest image (Windows,Ubuntu …etc) to test an autoscale deployment for instance. These image IDs are region specific and this search could be time-consuming if you are deploying through Infrastructure as Code(IaC) .

Fortunately , there is a little-known solution for this.

This solution uses an AWS managed System Manager Parameter Store that is public and describable.
Upon receiving a query for a support AMI ID, it only returns its regional ID and nothing else.

However the syntax for the query requires a little learning curve and is best described in this AWS blog post.

💡 AsecureCloud simplifies all this for you and can also help generate the IaC template

How ?

👉 Head over to our FREE template builder

👉 Select your Operating System and watch the template fill the details for you

AsecureCloud Template builder showing EC2 customization

You can directly deploy these templates from ASecureCloud ( based on CloudFormation Stacks that you can inspect yourself) or copy/paste the code for use with your CICD pipeline.

The following Operating Systems are supported as of this writing ( with more added on-demand).

  • Amazon Linux 2
  • Ubuntu
  • Windows 2019 Full-Base
  • Windows 2019 Core-Base
  • Windows 2022 Full-Base

Would you like to add an OS that is not listed here? Please comment it below and we will do our best to add it to general template.

The AWS Well-Architected Framework (WA) defines the core tenets for building highly scalable, secure and efficient workloads in the cloud.
What started as a whitepaper initially has evolved to become the widely accepted cloud deployment methodology and has its own service on the AWS dashboard — The Well-Architected Tool .

This tool helps improve the quality of your workload by optimizing for all 5 pillars of architectural excellence ( security, reliability, performance efficiency, operational excellence and cost optimization). It provides a set of questions and evaluate your answers to provide you with feedback and can be used to record progress over time. This process is manual and time consuming.

ASecureCloud integrates with the AWS WA tool and aims to streamline this process by auto-populating answers based on the account assessment results.

AsecureCloud “Suggested” answers are provided based on the security assessment checks . You have the option to accept the answer or override it ( if you have a compensating control for example)

The following lenses are currently supported on ASecureCloud:

  • Well-Architected Lens
  • FTR lenses

ASecureCloud can read/write to the Well-Architected API ( provided the appropriate permissions on the AWS account) and is in the process of being listed as a Well-Architected Partner.

How to get started?

Note:
You can test drive this functionality today using the free-tier plan.

You will need to :

1- Onboard your AWS account or organization to AsecureCloud ( 4 mins video here)
2- Select the correct permission for the Well-Architected Tool integration