I'm planning to transition my on-premises systems to AWS and would love to hear about others' approaches to security in their AWS environments. Specifically, are you relying on AWS's built-in security features like the native firewall, AWS Shield, and AWS WAF, or are you opting for third-party solutions like Cisco or Palo Alto firewalls? It would be great to know your reasons for the choices you've made!
1 Answer
While firewalls are important, I think it's crucial to start with solid IAM practices; they can really save you headaches in the long run. I'd suggest focusing on that first! For AWS, I mostly rely on Security Groups and NACLs for basic setups, plus Shield Standard and WAF in front of services like ALB or CloudFront for some extra security.
Totally agree! What native AWS services are you actually using for these strategies, like GuardDuty?