everycloud
asked on
How to detect attacks on AWS (ie shimming, Blue Pill, Hyper jumping, etc)
Hi
We have web apps and host SaaS offerings of them for a couple of our clients on AWS. Each client's environment is installed on their own instances and we use separate AWS accounts for each client (ie the login for Client1 can't login to Client2's environment). Data from 2 clients is never stored on the same AWS account.
We have been asked by a potential client if we can detect attacks on the AWS virtual infrastructure.
The question we've been asked is this:
"Do you have a capability to detect attacks which target the virtual infrastructure directly (e.g. shimming, Blue Pill, Hyper jumping, etc.)?"
FYI, the question is lifted straight from the Cloud Security Alliance's Questionnaire (https://cloudsecurityalliance.org/download/consensus-assessments-initiative-questionnaire-v3-0-1/).
Thanks in advance!
We have web apps and host SaaS offerings of them for a couple of our clients on AWS. Each client's environment is installed on their own instances and we use separate AWS accounts for each client (ie the login for Client1 can't login to Client2's environment). Data from 2 clients is never stored on the same AWS account.
We have been asked by a potential client if we can detect attacks on the AWS virtual infrastructure.
The question we've been asked is this:
"Do you have a capability to detect attacks which target the virtual infrastructure directly (e.g. shimming, Blue Pill, Hyper jumping, etc.)?"
- We run every client's environment on a separate AWS account - is this still even a risk for us?
- Is this our responsibility or AWS' responsibility?
- If it is our responsibility, can anyone suggest vendors/applications that we should consider so that we can plug this hole?
FYI, the question is lifted straight from the Cloud Security Alliance's Questionnaire (https://cloudsecurityalliance.org/download/consensus-assessments-initiative-questionnaire-v3-0-1/).
Thanks in advance!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER