Cloud systems have a variety of end-user security roles and responsibilities. They also have differing security threats associated with them.
The Field Effect approach is to help ensure the integrity of these platforms and take the guesswork out of the hands of our clients and simply implement the analytics and capabilities that improve the security of our client’s cloud systems. In the case of AWS (and in general), cloud platforms have three dimensions of security monitoring that Field Effect MDR fully supports:
- Management Plane (logging into the provider): by integrating with the provider’s security APIs and telemetry streams. For example, this would identify if the master account were compromised in AWS, or if an email account were compromised in Office365.
- Data Plane: In the case of AWS, these are events within the AWS products. For example, Field Effect can monitor and identify anomalies originating from an AWS Lambda function.
- Application Plane (virtual machines, and other ‘compute resources’ created by the client). Field Effect monitors the virtual machine’s behavior via network sensor, endpoint agent, as well as Windows Event Logs or Linux syslog events.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article