For years, Fortra has been an Amazon Web Services (AWS) Partner, empowering the independent security vendors (ISVs) responsible for protecting AWS customer workloads. AWS ensures the security of the cloud in which a customer’s data resides, but it is up to the customer to secure the data practices that take place within it. This is known as the shared responsibility model.
Our 13 AWS competencies and certifications enable us to provide security for AWS environments through:
- Securing sensitive data on AWS, on-premises, and hybrid infrastructures.
- Delivering deeper threat insights by integrating network, system, and application protection.
- Providing a fully managed 24/7 AWS security solution.
Here’s how.
The Shared Responsibility Model
When a CSP (cloud service provider) like AWS, Microsoft Azure, or Google Cloud Platform delivers services to a customer, not all security needs are covered out-of-the-box. CSPs operate under this shared responsibility model, which specifies that the CSP will provide a portion of the cybersecurity provisions, and the customer is responsible for the rest.
AWS delineates their shared responsibility model in-depth, stating that AWS provides security “of the cloud,” while the customer provides security “in the cloud.” For instance, they clarify that:
- “AWS operates, manages and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the service operates.”
- “The customer assumes responsibility and management of the guest operating system (including updates and security patches), other associated application software as well as the configuration of the AWS provided security group firewall.”
Adding that the shared responsibility model “also extends to IT controls.”
In practice, this means that there is a large portion of cloud security (“in the cloud”) for which the customer is solely responsible. By utilizing a managed security service solution, customers can delegate part or all of their cloud security responsibilities to AWS-certified experts. These professionals help bridge the gap between the cybersecurity controls offered by the cloud service provider and the additional measures required for complete cloud protection.
Streamlining AWS Security
With the help of proven, AWS-recognized managed security services solutions, customers can cut down the time needed to reach their AWS shared responsibility goals from months to weeks. Fortra’s Alert Logic runs on a SaaS subscription model, eliminating the need for purchasing timelines, in-depth training courses, lengthy deployments, and high startup costs.
Fortra’s Alert Logic managed security solutions compliance-focused, cloud-based, and intentionally designed to streamline security workflows in an AWS environment. It empowers customers who leverage our integrations to better do the following within their AWS environment:
1. Deploy: Alert Logic solutions do not require you to alter your current cloud orchestration configuration. Automate MDR deployment into AWS control tower managed accounts, continue to run AWS services locally until you are ready to migrate, and more.
2. Assess: Customers gain increased visibility into data assets, security misconfigurations, sensitive data exposure, and more with Alert Logic integrations. Capture and manage API activity data, audit AWS resource configurations, detect a wide range of attack methods and vet for alignment with compliance standards, among other capabilities.
3. Detect: Integrations provide increased threat detection within your AWS accounts and hosted applications. Get access to the industry’s only network intrusion detection solution and log management for containers (with support for AWS, on-premises, and hybrid environments), receive analysis for Amazon GuardDuty findings, and more.
4. Respond: Automated response tools mitigate threats more rapidly within your AWS environment. Integrations enable tasks like facilitating enhanced detection by parsing AWS Network Firewall activity within the Alert Logic console, automatically blocking attackers based on AWS and Alert Logic findings, and connecting application data from SaaS, apps, and AWS services for more coordinated automatic response.
When implemented in the open car transportation marketplace, RunBuggy (a cloud-native company built on AWS), Fortra’s Alert Logic MDR was able to reduce the time from detection to incident closure by half. Said RunBuggy’s VP of Security and Audit, Max Graupner, “With automated alerting, potential problems affecting app availability are caught before they impact users. We’d have to double our staff to do the same kind of alerting Alert Logic does for us.”
Fortra Alert Logic’s AWS Competencies
The competencies we have achieved as an AWS Partner demonstrate our strong partnership with AWS and commitment to protecting AWS environments. They include:
1. AWS Level 1 MSSP Competency Partner
- Provide a fully managed service securing and monitoring AWS resources 24/7.
- Meet AWS’ standard of quality for managed security services.
- Offer essential services like vulnerability management, MDR, and managed web application firewall (WAF).
Earning the AWS Level 1 MSSP demonstrates mastery of nine security specialization categories. Alert Logic’s certification in this area provides a faster, trusted, more streamlined way for smaller companies to level up their cloud security. Notes Ryan Orsi, Global Security / MSSP Team Lead, AWS: “We’re working with Alert Logic to share feedback from customers and our developers as we release services into the modernization phase of the cloud journey. For small and medium-sized business (SMB) customers, this relationship can result in a stronger security posture.”
2. AWS Security Competency Partner
An AWS Security Competency Partner has demonstrated a deep technical proficiency in AWS security, and leverages it to:
- Deliver security-focused solutions suited to your specific workloads.
- Enable automation, agility, and scaling of security solutions within your workloads.
- Secure your data in ways unattainable through on-premises security measures.
Additionally, AWS Security Competency Partners have a proven history of customer success.
3. Amazon GuardDuty Partner
To become an Amazon GuardDuty Partner, organizations must offer solutions that make GuardDuty simpler to deploy and operate across a variety of use cases. GuardDuty provides continuous threat detection by monitoring for unauthorized behavior and activity that could jeopardize data stored in Amazon S3. Integrated services offered by Amazon GuardDuty Partners ingest GuardDuty data and help organizations leverage it in ways that are more user-friendly, streamlined, and insightful.
4. AWS WAF Ready Designation
When products are vetted by AWS Partner Solutions Architects and can demonstrate that they meet AWS best practices, they are awarded the AWS WAF Ready Designation. Alert Logic’s AWS WAF Ready Designation indicates our MDR solution can successfully integrate with AWS, and that it is both fully supported and widely available to AWS customers. This designation allows AWS customers to spend less time evaluating compatible tools, as Alert Logic MDR is purpose-built for AWS.
5. AWS Small and Medium Business (SMB) Competency
This competency was introduced in January 2024 and distinguishes AWS Partner Network (APN) members who:
- Have offerings that meet AWS’ highest security standards
- Have an extensive track record of successfully serving SMB clients
Alert Logic was one of the first members of the AWS Partner Network upon its inception. To date, only a small number of AWS Partners have been awarded AWS SMB Competency. Alert Logic’s early attainment of this goal marks it as a leading independent software vendor (ISV) in cloud security.
6. AWS Network Firewall Ready
Alert Logic’s integration with AWS Network Firewall brings several bespoke benefits to customers, including:
- Web application threat detection coverage
- The ability to detect and block threats to their Amazon Virtual Private Clouds (VPCs) without the need for physical infrastructure
- Easy deployment and automatically scaled coverage as network traffic grows
Notes Andrew Thomas, General Manager of Perimeter Protection, AWS, “[Fortra Alert Logic’s] integration with AWS Network Firewall provides in-depth threat intelligence and security monitoring to help customers reduce the likelihood and impact of a cybersecurity attack.”
7. AWS CloudTrail Partner
Becoming an AWS CloudTrail Partner signifies that the partner offers a solution that can integrate with AWS CloudTrail and send audit events to CloudTrail Lake. AWS CloudTrail tracks API usage and user activity across AWS services, recording them as “events” so users can determine “who did what, where.”
CloudTrail is leveraged as a data source for its log management solution, tracking, parsing, analyzing, and archiving it in order to:
- Identify Indicators of Compromise (IOCs)
- Detect potential breaches
- Run incident response forensics.
Critical for meeting various industry compliance standards (HIPAA, PCI DSS), this capability and designation demonstrates a partner’s ability to leverage the data already residing in AWS Services, as captured by CloudTrail, and organize it so organizations achieve more rapid response times.
8. AWS Control Tower Ready
This designation signals that the Partner (“AWS Control Tower Partner”) has received prescriptive guidelines for constructing solutions on Control Tower and has subsequently had their offerings vetted by AWS Solutions Architects. AWS Control Tower lets customers govern security, operations, and compliance at scale across an AWS multi-account environment using established best practices.
AWS Control Tower Partner consulting services include:
- Custom controls
- Compliance solutions
- Account factory
- Enterprise-specific solutions (IoT, data lakes, containerization, etc.)
While AWS Control Tower Partner software solutions include identity management, operational intelligence, and security information and event management (SIEM).
9. AWS Container Competency
The AWS Container Competency status indicates that as an APN Technology Partner, the provider has a solution that helps customers better run container workloads on AWS. These recognized AWS Container Competency Partners have solutions that help optimize:
- Scheduling and orchestration
- Application building, testing, and deployment
- Container security through monitoring and logging
This competency highlights Alert Logic’s demonstrated expertise in enabling companies to leverage container-based solutions for testing, building, and releasing at scale.
10. AWS Outposts Ready
An AWS Outposts Partner facilitates the modernization and storage of on-premises data, enabling customers to leverage and manage on-premises data more easily in the cloud. These partners are recognized for their ability to help businesses:
- Gain maximum value from existing on-premises storage arrays
- Optimize the value and usability of data-intensive workloads that must remain on-premises
- Utilize industry-standard storage protocols (iSCSI and NVMe-over-TCP)
AWS Outpost Partners are recognized by AWS as industry-leading storage vendors that offer advanced, scalable, and high-performance data management features that integrate with AWS Outposts, a tool that lets users run AWS tools, APIs, infrastructure, and services on-prem.
11. Amazon Linux Ready
These partners offer software products validated to run on Amazon Linux. This competency signals that Partners:
- Test their software for security and quality assurance
- Offer support for their products on Amazon Linux
The benefit of this partnership is that customers are able to choose from a wider range of software solutions while still being able to run them on Amazon Linux. Customers also have access to long-term support for Amazon services such as Amazon EC2, a service that allows users to run virtual machines in the cloud.
12. AWS Marketplace Seller
Fortra is registered as an AWS Marketplace Seller, which is a necessary status to list data products on AWS Data Exchange and offer them on AWS Marketplace. The AWS Marketplace is a curated digital catalog featuring a wide range of software and services designed to run on AWS. It allows customers to discover, purchase, and quickly deploy AWS-compatible solutions.
13. AWS Security Incident Response Specialization
Announced at re:Invent 2024, the AWS Security Incident Response Specialization indicates that Fortra is validated by AWS to help AWS customers “prepare for, respond to, and recover from” security incidents. Fortra’s threat detection and response solutions include Fortra XDR (extended detection and response) and Fortra’s Alert Logic MDR. This specialization is awarded to AWS Partners who both possess deep AWS experience and offer an incident response solution that employs AWS Security Incident Response.
Protecting Your AWS Workloads
Cloud security comprises the safety of the cloud itself as well as the safety of what goes on within it. While AWS provides ample provisions for the security of the cloud itself, the shared responsibility model dictates that securing what goes on inside is the jurisdiction of the customer alone.
AWS-certified managed security services solutions like Fortra’s Alert Logic provide an accredited, fully managed SaaS solution that enables AWS customers to close the security gap left by the shared responsibility model and confidently protect their AWS environment.
Additional Resources:
Key Steps for Defining SSRM Security | eBook
Understanding AWS Workload Security and Shared Responsibility | Blog
