Learn More and Schedule Your Review Today

 

AWS SECURITY REVIEW CUSTOMER FAQ

How do I sign up for an AWS Security Review?
You can sign up by reaching out to your Involta Account Executive.

What do I need to have in order to obtain an AWS Security Review report and free consultation?
You will need to have access to your AWS environment, be able to deploy an AWS CloudFormation Template (CFT) in your AWS account, acknowledge that AWS CloudFormation might create IAM Resources, and send an ARN Role to Involta, who will contact you to enable the AWS Security Review report and set up a 60-minute consultation to review the results.


What kind of results can I expect from running the AWS Security Review?
There are more than 50 CIS Benchmark points within 4 different check categories within this review, including Identity & Access, Logging, Networking, and Monitoring. The results report breaks down the CIS Benchmark check results into three buckets: Passed checks, Partially Passed checks, and Failed Checks. The summary of the report includes an overall Review Score (0 thru 100) that is an average of all the check scores. For each check, the report also provides a detailed description, including the individual check score and the overall rating of Passed, Partially Passed, and Failed for your environment. Finally, the report includes customized observations that are high priority items specific to your environment.


What is Involta's role in enabling the AWS Security Review?
Involta has already been certified by AWS to have a strong security practice by completing certain Managed Service Provider (MSP) requirements with AWS. They are also best suited to explain the AWS Security Review checks and recommendations, and then guide the discussion about how those may need to be resolved.


Will Involta remove the CloudFormation template and ARN role from their environment?
After you have completed your consultation meeting and any additional review around your AWS account, Involta will confirm they have deleted your AWS environment profile. After this confirmation, you may go into the AWS Management Console to delete the CloudFormation Stack where the cross-account was created for the AWS Security Review.

What IAM policy will be implemented with the AWS Security Review? Do you have documentation?
Yes, there is documentation for the IAM Policy for the review. Please request this documentation from Involta.


How long will it take for Involta to run the AWS security review?
Once you provide the AWS IAM ARN role to Involta, the review should take about 24 hours to run.  Involta will provide more information and next steps.


What happens after the AWS Security Review is run?
Once the AWS Security Review is complete, Involta will reach out to you to schedule a 60-minute consultation. During this consultation meeting, they will deliver the report to you and review the results.

Schedule Your Review