I'm curious about the gaps in AWS's cybersecurity offerings. What specific services or features do you feel AWS is lacking right now that would really enhance security?
5 Answers
I think an out-of-the-box SIEM solution would really help instead of having to piece together multiple services. It feels like too much work trying to craft something that resembles a SIEM manually. AWS could really benefit from something straightforward in this area. But I get that there are other vendors that product SIEM tools that integrate easily with AWS.
Yeah, I hear you. But AWS might not want to step too far into the SIEM game if they can't compete effectively with established players. They might just rely on those integrations instead.
Scaling with security services can be tough! AWS tools can be such a pain to manage at scale due to their unique quirks. It doesn't help that setting up things like GuardDuty can feel tedious when you have to do it separately for each region.
Cybersecurity is super broad, so it's hard to pinpoint. What exact areas are you looking at? Are you thinking more about tools like WAF or specific features?
They should definitely focus more on integrated Kubernetes security management. Right now, the tools available don’t really help track compliance effectively like they should. A more cohesive solution here would go a long way.
One big gap is the lack of context in the security tools they currently have. It would be awesome to tag services with info like 'this is production' or 'this has sensitive data.' Better exception handling for security findings would also be great, allowing us to manage exceptions without too much hassle.
AWS Security Lake is a step in the right direction, but it’s still not quite the full SIEM package that businesses might want.