The department selected AWS as the Cloud Services Provider (CSP) and SMX, an AWS Premier Consulting and Managed Service Provider Partner as their MSP to provide managed services for the infrastructure environment and application running on AWS. To support the Department’s managed services and operational readiness requirements, we implemented attribute-based, event-driven security and compliance measures along with full compliance and security reporting.
The solution manages the configurations of the Department’s environments, ensuring that they remain consistent with the Center for Internet Security (CIS) benchmark for Windows, Linux, and AWS security and compliance recommendations. When configuration drifts are detected, they are remediated to a consistent state or reported on for further investigation. Vulnerability scans are done, consistent with FedRAMP continuous monitoring requirements, to ensure that hardened images and other defense-in-depth configurations remain consistent with the last known state, and new security and compliance updates have been applied.