Updates to the AWS MSSP Competency: Deliver Turnkey Security Solutions for Customers

By Brian Mendenhall, WW Head, Security & Identity Partner Specialists — AWS
By Aliaksei Ivanou, WW Security & Identity Partner Solutions Architect — AWS
By Joanne Moore, AWS Specialization Programs Sr. Launch Manager — AWS

In today’s digital landscape, businesses face increasingly complex security challenges: managing multiple security tools, juggling vendor relationships, and maintaining in-house security expertise—all while trying to run their core business.

Managed Security Service Providers (MSSPs) help address these challenges by offering comprehensive security solutions to transform how organizations approach cloud security. As a single point of contact, they orchestrate multiple security capabilities, from AWS native services to best-of-breed security tools.

To support these evolving needs, we’re excited to introduce new categories for the AWS MSSP Competency (previously AWS Level 1 MSSP Competency), designed to help customers easily identify Partners with security expertise based on their unique needs. The new MSSP Competency categories validate service Partners’ abilities to deliver turnkey outcomes that include native AWS services, and software Partners abilities to integrate with native AWS services.

In addition to core MSSP requirements, every AWS MSSP Competency Partner must select and meet requirements for at least one category. This enables Partners to showcase their deep technical expertise in specific security domains, differentiate themselves in the market, and better connect with customers seeking their particular security strengths.

Additionally, MSSP Competency Partners have the option to showcase how they integrate validated ISV solutions from AWS Security Competency Partners into their managed security services. This visibility helps AWS customers identify which MSSP Competency Partners can effectively manage their existing third-party security tools as part of a comprehensive security solution.

AWS MSSP Competency Partners are validated for their ability to provide end-to-end security management, maintaining robust security postures through continuous monitoring, enhanced threat detection, and incident response. These partners ensure robust security while allowing businesses to focus on core operations.

New! AWS MSSP Competency categories

The AWS MSSP Competency categories help customers identify Partners with validated expertise who can deliver comprehensive security outcomes with quality, speed, and cost-effectiveness.

Infrastructure Security
Focuses on managing security posture of the foundational infrastructure components through leading controls for vulnerability management, configuration security, and patch management. This includes securing the network layer through active Distributed Denial of Service (DDoS) protection, network threat prevention, and network access control, along with implementing and managing a network segmentation strategy that isolates network segments, micro-segmentation, and network policy management.

Workload Security
Delivers turn-key security at the workload level, specific to the container or host. Offerings are validated in their ability to provide cloud infrastructure vulnerability management of the workloads, host-based security, container security, and serverless security.

Application Security
Provides operationalized security for the application layer of AWS estates through application vulnerability management, API security, managed Web Application Firewall, and pipeline security.

Data Protection
Help protect customer data through comprehensive data security programs that prevent data loss, implement and manage an encryption strategy, discover sensitive data within their environments, and manage access to data.

Identity & Access Management
Delivers turnkey Identity & Access Management (IAM) solutions through prescriptive identity governance specific to the business needs of the customers. Partners implement and manage authentication controls aligned to that governance, manage and monitor privileged accounts, and secure temporary and just-in-time elevated access.

Incident Response
Creates incident response preparation plan, identifies key stakeholders in the case of an incident, and provides roundtable exercises to prepare. Includes investigation, triage, and incident remediation, along with post-incident analysis and forensics.

Cyber Recovery
Operationalize quick recovery from security events through cyber business continuity planning, backup management programs, ransomware protection, and cyber disaster recovery planning and execution.

Customers: Work with an AWS MSSP Partner

AWS MSSP Competency Partners provide turn-key security for your AWS environment, using native AWS services alongside third-party ISV tools that you may already be using.

Explore validated AWS MSSP Competency Partner solutions by category.

Partners: Become an AWS MSSP Competency Partner

The AWS MSSP Competency is available to both services and software Partners with offerings that help deliver turn-key security outcomes in AWS customer environments.

In addition to AWS Specialization Program benefits, MSSP Competency Partners receive signature benefits, including exclusive go-to-market opportunities through AWS-led security marketing campaigns, private strategy sessions, and participation in Security LIVE! events.

To be eligible, Partners must be a validated member of the Software Path and complete the Foundational Technical Review (FTR) for their MSSP solution, or be Advanced Tier or higher on the Services Path.

To apply, review the Program Guide and access the application in AWS Partner Central (login required).