Today RSA announced it has completed an integration with Amazon Web Services (AWS) that will enable resource-based policy event information from AWS Identity and Access Management (IAM) Access Analyzer to be integrated into RSA Archer to better manage cloud resource access policy risks.
IAM Access Analyzer, which is launching at AWS Re:Invent 2019, is aimed at addressing a significant security challenge associated with cloud deployments, specifically the decentralized way in which resource-based policies are managed. Prior to the launch of IAM Access Analyzer policies for Amazon Simple Storage Service (Amazon S3) buckets, AWS Key Management Service (KMS) Keys, AWS Lambda, Amazon SQS Queues, and IAM roles had to each be independently configured. This required customers to manually monitor each resource for policy changes that allow access to users outside of the customer’s account. The IAM Access Analyzer offering provides customers centralized visibility of resource-based policy changes, generated as findings when a resource is shared with a principal that is outside of the customer’s account.
IAM Access Analyzer capabilities have additional power to help manage cloud resource access risk when integrated into RSA Archer. To fully contain risks associated with resources sharing with outside accounts, organizations need to have visibility into their cloud resources, with business context, to quickly assess the IAM Access Analyzer findings to determine its actual risk to the business. An RSA Archer integration with IAM Access Analyzer provides organizations with the necessary business context to understand the cloud resources role, business criticality, and state of compliance to help security and risk practitioners make risk-based decisions on how to address the IAM Access Analyzer finding. Out of the box dashboards and workflows within RSA Archer help customers in prioritizing and managing the risks of the IAM Access Analyzer findings.
We are excited to further extend the relationship with AWS, in an area that directly addresses managing one of the most common digital risks facing organizations today, specifically cloud transformation risk. This additional integration extends the ability for RSA customers to extend the value of managing security and risk around critical workloads in the cloud.
For current RSA Archer customers interested in taking advantage of this new capability, integration with IAM Access Analyzer can be built to bring findings and associated cloud resource information into the "Potential Unauthorized Activity" and "Cloud Assets and Services" on-demand applications (ODAs) currently available as a beta version and coming soon to RSA Exchange. These results can then be paired with the Asset Criticality, Risk and Business Context in RSA Archer IT Security Risk Management use cases. This context will help the customers in prioritizing and managing the findings to take quicker action.