AWS and Amitron
DMARCSaaS searched for an IT environment that was both resilient, scalable and secure. After investigation, DMARCSaaS turned to AWS Consulting Partner Amitron based on their long-term experience in information and IT security design and managed service and their network of code specialists to help ensure a secure design and partnership for both short-term development and long-term managed security services.
Amitron designed DMARCSaaS’s environment bases on the AWS Well-Architected Framework. Using EU-West-1 region as a start with multiple VPC’s. From initial design, the 4 DTAP accounts, as well as CI/CD accounts, were setup. Centrally in a separate security account, CloudTrail and CloudWatch were deployed cross-accounts. The administration was strictly separated for various developers and engineers with AIM and role-based access. This is to accommodate auditing and security monitoring purposes right from the beginning.
For web server and web application, EC2 instances were deployed. EC2 workloads are automated protected with API controlled Trend Micro (ISV) anti-malware Deep Security and AWS Loadbalancers. AWS and Fortinet (ISV) WAF’s were deployed for Webserver Application Security. All these security tools were deployed and maintained by Amitron managed security services.
Automation of the reception and processing of aggregated XML reports are collected by AWS SES and further processed with various serverless Lambda routines. Intermediate and final results are collected in S3 buckets and with Elasticsearch Service and visualization solutions made accessible for customers in their personal web portal.
Further proprietary algorithms and AI analyses take place to eventually generate the user-specific and user-friendly readable messages for the required security improvement steps, using SES.
Code Security Testing
Amitron uses Trend Micro Deep Security Smart check for integrated CI/DC pipeline code testing to ensure vulnerability free coding.
Benefits and achievements
- By using AWS and Amitron security services DMARCSaaS has been able to deploy its first solution within just a few months.
- The DMARCSaaS solution is instantly and on-demand scalable.
- The solution is secured with state of art security tooling using both AWS native and various security Independent Software Vendors (ISV’s).
- DMARCSaaS web applications are secured with Web Application Firewalls again web server attacks.
- New customers are on-boarded globally in minimum time without any manual interference, saving in both time and costs.
- DMARCSaaS has been able to cut deployment and scalability costs by an estimated 62%.
- DMARCSaaS using AWS cloud technology resulted in end-user commercial pricing of its solution less than half the price compared with competitive e-mail security solutions, giving it a huge competitive advantage.