Organizations use frameworks to achieve compliance, manage risk and strengthen security to achieve business objective. We support many regulatory compliance and security frameworks but a common feedback from our customer was to also let them define the subset of rules that are most relevant to their organization.

We’re happy to announce that this is now possible, and you can define your own custom reports and review the results for your AWS account or organization.

I will walk you through this feature next starting with the pre-requisites, defining your custom reports and then finally reviewing the results.

Prerequisites:

• Onboard an AWS account or AWS organization to ASecureCloud
  
• Run an security assessment

Defining your custom reports

Follow these steps to define your custom report :

• Login to your account , under Custom Reports and select Create new report.
  
• Name your report and save.
  
• Edit the default group category or add your own category to add rules
  

you can select rules by either Service ( S3, EC2 …) and/or by security domain ( Data protection , Logging & Monitoring …)

Attention :
Don’t forget to Save Changes after editing the rules

Retrieving your custom reports

You are now ready to view the results of your custom ruleset:

• Select Assessments from the left menu
  
• Ensure you have select the right AWS account or Organization
  
• Find your report in Custom Compliance Standards

Expand by clicking on the Report Card

Upon scanning your AWS account ( or Organization) with ASecureCloud’s CSPM , you are now able to define your own standard alonside the many other compliance frameworks we provide including:

✔️ PCI-DSS
✔️ HIPAA
but also standards such as:
✔️ NIST 800-53 & CSF
✔️ CIS AWS Foundations
and country specific like :
✔️ Reserve Bank India(RBI) Cyber Security Framework
✔️ Canada Protected B Medium integrity Medium availability (PBMM)
✔️ Canada GC Guardrails

Let us know what you think of this new capability and don’t forget that you can test drive this and any of our premium features today using the Free tier license.

We often find ourselves searching the web for AMI_ID of the latest image (Windows,Ubuntu …etc) to test an autoscale deployment for instance. These image IDs are region specific and this search could be time-consuming if you are deploying through Infrastructure as Code(IaC) .

Fortunately , there is a little-known solution for this.

This solution uses an AWS managed System Manager Parameter Store that is public and describable.
Upon receiving a query for a support AMI ID, it only returns its regional ID and nothing else.

However the syntax for the query requires a little learning curve and is best described in this AWS blog post.

💡 AsecureCloud simplifies all this for you and can also help generate the IaC template

How ?

👉 Head over to our FREE template builder

👉 Select your Operating System and watch the template fill the details for you

You can directly deploy these templates from ASecureCloud ( based on CloudFormation Stacks that you can inspect yourself) or copy/paste the code for use with your CICD pipeline.

The following Operating Systems are supported as of this writing ( with more added on-demand).

• Amazon Linux 2
• Ubuntu
• Windows 2019 Full-Base
• Windows 2019 Core-Base
• Windows 2022 Full-Base
  

Would you like to add an OS that is not listed here? Please comment it below and we will do our best to add it to general template.