Amazon has captured nearly half of the cloud market making it a prime target for attacks. When AWS accounts are compromised, the go-to payload is often cryptocurrency mining where attackers make money using stolen CPU cycles that get billed to the victim's account.
Fortunately, there is guidance from the Center for Internet Security (CIS). In 2016, CIS launched the Amazon Web Services Foundations benchmark policy providing recommendations for how to configure a AWS management interface in order to be protected against common threats.
Download this whitepaper to understand:
- Common sources of AWS compromise
- CIS policies for mitigating AWS threats
- General security practices which aren’t covered by the CIS policy
- Tools available to help determine your AWS security state