<div>
Thank you for a very clear and prompt reply!
</div>


Thank you for a very clear and prompt reply!

<div>
<div class="content wysiwyg-content">
Hi<br />
<br />
We have web apps and host SaaS offerings of them for a couple of our clients on AWS. Each client's environment is installed on their own instances and we use separate AWS accounts for each client (ie the login for Client1 can't login to Client2's environment). Data from 2 clients is never stored on the same AWS account.<br />
<br />
We have been asked by a potential client if we can detect attacks on the AWS virtual infrastructure.<br />
<br />
The question we've been asked is this:<br />
<br />
<b>&quot;Do you have a capability to detect attacks which target the virtual infrastructure directly (e.g. shimming, Blue Pill, Hyper jumping, etc.)?&quot;</b><br />
<br />

<ol type="1">
<li>We run every client's environment on a separate AWS account - is this still even a risk for us?</li>
<li>Is this our responsibility or AWS' responsibility?</li>
<li>If it is our responsibility, can anyone suggest vendors/applications that we should consider so that we can plug this hole?</li>
</ol>
<br />
FYI, the question is lifted straight from the Cloud Security Alliance's Questionnaire (<a href="https://cloudsecurityalliance.org/download/consensus-assessments-initiative-questionnaire-v3-0-1/" rel="ugc">https://cloudsecurityalliance.org/download/consensus-assessments-initiative-questionnaire-v3-0-1/</a>).<br />
<br />
Thanks in advance!
</div>
</div>


Hi

We have web apps and host SaaS offerings of them for a couple of our clients on AWS. Each client's environment is installed on their own instances and we use separate AWS accounts for each client (ie the login for Client1 can't login to Client2's environment). Data from 2 clients is never stored on the same AWS account.

We have been asked by a potential client if we can detect attacks on the AWS virtual infrastructure.

The question we've been asked is this:

"Do you have a capability to detect attacks which target the virtual infrastructure directly (e.g. shimming, Blue Pill, Hyper jumping, etc.)?"

We run every client's environment on a separate AWS account - is this still even a risk for us?
Is this our responsibility or AWS' responsibility?
If it is our responsibility, can anyone suggest vendors/applications that we should consider so that we can plug this hole?


FYI, the question is lifted straight from the Cloud Security Alliance's Questionnaire (https://cloudsecurityalliance.org/download/consensus-assessments-initiative-questionnaire-v3-0-1/).

Thanks in advance!

How to detect attacks on AWS (ie shimming, Blue Pill, Hyper jumping, etc)

Amazon Web Services (AWS), is a collection of remote computing services, also called web services, that make up a cloud-computing platform  operated from 11 geographical regions across the world. The most central and well-known of these services include Amazon Elastic Compute Cloud, also known as "EC2", and Amazon Simple Storage Service, also known as "S3". Other services include Elastic MapReduce (EMR), Route 53 (a DNS web service),  provides a highly available and scalable Domain Name System (DNS) web service, Virtual Private Cloud (VPC), storage, database, deployment and application services.

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.