Evaluate and implement new security services and features regularly

PostedNovember 27, 2024

UpdatedMarch 21, 2025

ByKevin McCaffrey

Regularly evaluating and implementing security services and features from AWS and AWS Partners is crucial for evolving the security posture of your workload. This proactive approach ensures that you are leveraging the latest security innovations and maintaining alignment with best practices in a constantly changing threat landscape.

Best Practices

Regular Assessment of Security Services

Establish a routine schedule to review AWS security services and features, ensuring that your workload is utilizing the latest offerings. This process is crucial for maintaining an up-to-date defense posture against evolving threats.
Incorporate AWS Security Blog and What’s New with AWS? into your team’s weekly or monthly review cycle to systematically gather information on new services and features relevant to your security architecture.
Set up alerts for new service releases related to security, allowing your team to immediately consider the integration of these tools into your workloads.
Engage with AWS security webinars and training sessions to get insights directly from AWS experts about best practices and implementation guidance for new services.

Questions to ask your team

How frequently do you review and assess new AWS security services and features?
Do you have a process in place for incorporating updates from the AWS Security Blog into your security practices?
Have you designated team members responsible for staying informed about the latest AWS announcements and security best practices?
What metrics do you use to measure the effectiveness of newly implemented security services?
Can you provide examples of recent security services or features you have integrated into your workload?
How do you ensure that your security posture evolves in response to emerging threats or vulnerabilities?
Do you regularly conduct training sessions to familiarize your team with new AWS security services and their implementation?

Who should be doing this?

Security Architect

Design and implement security architectures for workloads.
Evaluate AWS security services and features for relevance to projects.
Collaborate with development teams to integrate security features.
Provide guidance on best practices in security implementations.

DevOps Engineer

Automate deployment of security tools and features within the CI/CD pipeline.
Regularly update security configurations based on new AWS features.
Monitor system performance and ease of integration for new security services.
Test security features before full implementation in production.

Security Analyst

Monitor AWS Security Blog and AWS announcements for updates on new features and services.
Conduct regular audits of workload security posture.
Report on the status of compliance with organizational security policies.
Maintain documentation of implemented security measures and changes.

Product Owner

Prioritize the evaluation and implementation of new security features in the product backlog.
Ensure alignment of security goals with business objectives.
Facilitate communication between stakeholders regarding security needs and updates.
Review and approve changes to security-related processes.

What evidence shows this is happening in your organization?

Security Services Evaluation Checklist: A comprehensive checklist to evaluate AWS security services and features on a regular basis, ensuring that the organization adopts the best tools to enhance security.
AWS Security Service Implementation Playbook: A step-by-step guide for implementing new AWS security services and features, including best practices and specific configurations tailored to the organization’s workload.
Monthly Security Feature Update Report: A report generated monthly that summarizes the latest AWS security features, updates, and recommended enhancements, along with their potential impact on the organization’s security posture.
Threat Intelligence Dashboard: An interactive dashboard that monitors and displays the latest threat intelligence related to AWS services, helping security teams stay informed and adjust their security strategies accordingly.
Security Posture Evolution Strategy: A strategic document outlining how to continuously assess and enhance the security posture of workloads by integrating new AWS security services and features into the existing framework.

Cloud Services

AWS

AWS Security Hub: Aggregates and prioritizes security alerts from AWS accounts, helping you evaluate security posture.
AWS Config: Enables you to assess, audit, and evaluate the configurations of your AWS resources.
AWS CloudTrail: Tracks user activity and API usage across your AWS infrastructure, providing visibility into actions taken.
Amazon Inspector: Automated security assessment service to help improve the security and compliance of applications deployed on AWS.
AWS GuardDuty: Intelligent threat detection service that monitors for malicious or unauthorized behavior.

Azure

Microsoft Defender for Cloud: Provides security management and threat protection for your Azure resources, helping to improve your security posture.
Azure Security Center: Helps you assess your security posture and offers recommendations for enhancing security across your Azure resources.

Google Cloud Platform

Google Cloud Security Command Center: Helps you prevent, detect, and respond to threats from a centralized dashboard across your Google Cloud resources.
Google Cloud Armor: Protects your applications against DDoS attacks and other web exploits, allowing you to secure your services effectively.

Question: How do you securely operate your workload?
Pillar: Security (Code: SEC)

Operational Excellence

Determine what your priorities are

Structure your organization to support your business outcomes

Organizational culture to support your business outcomes

Implement observability in your workload

Reduce defects, ease remediation, and improve flow into production

Mitigate deployment risks

Be ready to support a workload

Uilize workload observability

Understand the health of your operations

Manage workload and operations events

Evolve your operations

Security

Securely operate your workload

Manage identities for people and machines

Manage permissions for people and machines

Detect and investigate security events

Protect your network resources

Protect your compute resources

Classify your data

Protect your data at rest

Protect your data in transit

Anticipate, respond to, and recover from incidents

Incorporate and validate the security properties of applications throughout the design, development, and deployment lifecycle

Reliability

Manage service quotas and constraints

Plan your network topology

Design your workload service architecture

Design interactions in a distributed system to prevent failures

Design interactions in a distributed system to mitigate or withstand failures

Monitor workload resources

Design your workload to adapt to changes in demand

Implement change

Back up data

Fault isolation to protect your workload

Design your workload to withstand component failures

Test reliability

Plan for disaster recovery (DR)

Cost Optimization

Implement cloud financial management

Govern usage

Monitor your cost and usage

Decommission resources

Evaluate cost when you select services

Meet cost targets when you select resource type, size and number

Use pricing models to reduce cost

Plan for data transfer charges

Manage demand, and supply resources

Evaluate new services

Evaluate the cost of effort

Performance

Select the appropriate cloud resources and architecture patterns for your workload

Select and use compute resources in your workload

Store, manage, and access data in your workload

Select and configure networking resources in your workload

Support more performance efficiency for your workload

Sustainability

Select Regions for your workload

Align cloud resources to your demand

Take advantage of software and architecture patterns to support your sustainability goals

Take advantage of data management policies and patterns to support your sustainability goals

Select and use cloud hardware and services in your architecture to support your sustainability goals

Implement organizational processes support your sustainability goals