security
Last updated
Last updated
Data is
encrypted before sending
decrypted after receiving
SSL certificates help with encryption (HTTPS)
Data is
encrypted after being received by the server
decrypted before being sent
stored in an encrypted form (using data key).
The key is managed somewhere else.
Data is
encrypted by the client and never decrypted by the server
decrypted by a receiving client
| Type of secret | Service |
|---|---|
DB user/pass | |
AWS credentials | IAM |
Encryption keys | AWS KMS |
Private keys and certificates | AWS Certificate Manager |
| Aspect | AWS Inspector | AWS GuardDuty |
|---|---|---|
Purpose | Security and compliance assessments | Real-time threat detection and security alerts |
Use Cases | Assessing security and compliance of EC2 instances | Detecting potentially malicious activities |
Automated vs. Continuous Monitoring | On-demand or scheduled assessments | Continuous monitoring for threats |
Resource Coverage | EC2 instances and application assessments | A broader range of AWS resources |
Alerts and Notifications | Provides assessment reports and findings | Generates security alerts and findings in real-time |
Integration | Integrates with AWS Systems Manager for remediation | Integrates with various AWS services and SIEMs |
Pricing | Different pricing models based on volume | Different pricing models based on volume |
Shield - Amazon Elastic Compute Cloud (EC2), Elastic Load Balancing (ELB), Amazon CloudFront, AWS Global Accelerator, and Route 53.
WAF - Amazon CloudFront, the Application Load Balancer (ALB), Amazon API Gateway, and AWS AppSync
AWS Shield for DDOS
Amazon Macie for discover and protect sensitive data
Amazon GuardDuty for intelligent thread discovery to protect AWS account
-> alert you when dectect a malicious activity
Amazon Inspector for automated security assessment. like known Vulnerability -> give you a report of findings after a Scan (scheduled or on-demand)
