Blockchain/Web3 Startup Blocks Gaps and Improves AWS Security Posture Published on June 16, 2023 Challenge A blockchain/web3 startup engaged Protiviti to review their AWS environment. While getting the product to market as fast as possible was a primary goal for the client, security was an afterthought in many scenarios. To address this need and prevent a potential catastrophic security event, the client wanted a quick and consistent way to understand where their security gaps were and how they could improve their AWS security posture. Client snapshot: Profile This startup is setting trends in the blockchain/web3 world, establishing its own protocol that fulfills its vision to give developers an easy path for building scalable, decentralised applications. Client Situation The client turned to Protiviti when it needed a review of its AWS environment to better understand security gaps and how to improve its security posture. Work Performed Leveraged AWS Security Hub to assess the environment’s configuration posture; reviewed the client’s governance structure and IAM posture. Outcome/Benefits Established the client’s AWS Security Hub foundation, customising foundational security best practice controls to fit the client’s unique needs. SolutionProtiviti leveraged AWS Security Hub, a native AWS solution that can be set up quickly, to assess the environment’s configuration posture. Using AWS Security Hub, the team was able to identify configurations that had deviated from the baseline control and used Amazon CloudWatch to alert on those findings. Protiviti also conducted a review of the client’s governance structure and IAM posture to provide a holistic picture of the client’s environment.The Protiviti team also leveraged IAM Access Analyser and IAM Access Advisor to identify excessive permissions to remediate any issues caused. And they evaluated, set up and operationalised processes associated with AWS KMS, Amazon Inspector, and Amazon Macie.In addition, the Protiviti team architected and developed a notification mechanism to automatically deliver notifications to the appropriate parties when Security Hub discovers a new security event. We developed a new process and playbook that details the appropriate actions to take given certain types of security events. Lastly, the team conducted training sessions and shadow sessions with the client’s project managers to ensure a smooth transition into operation.OutcomeProtiviti successfully stood up AWS Security Hub for the client, customising the foundational security leading practice controls to fit the client’s needs, and producing a baseline finding report, enabling the client to quickly remediate all issues. In the process, Protiviti helped the client identify more than 50 security risks in their AWS environment and develop appropriate action plans to remediate them.The notification automation, combined with the detailed playbook, empowers the client to consistently monitor their AWS environment while coordinating across the enterprise to quickly remediate any new security findings. Using AWS Security Hub, the client can identify configurations that deviate from the baseline control and tag them for remediation. Topics Cyber-Sicherheit und Datenschutz IT-Management und Anwendungen und Transformation