9 Continuous monitoring

This chapter covers

Scanning for insecure resource configuration to detect and fix issues quickly
Using agent-based scanners to find vulnerabilities on your fleet of hosts
Monitoring network and activity logs to identify threats in real time

Throughout the book so far, we’ve focused on how to securely configure your cloud environment. This can be useful as a guide if we’re building out new resources and want to apply best practices as we go. But rarely do we find ourselves starting new applications from scratch, with everyone baking in security from the start. More often we’re in one of these other situations:

Maintaining or extending existing applications that weren’t built with security best practices
Working on ...

Get AWS Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

AWS Security by Dylan Shields

9 Continuous monitoring

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly