Category: Learning Levels

In this post, the first in a two-part series, we focus on the detection and forensic readiness side of satellite IR. This post walks through instrumenting your ground segment with Amazon Web Services (AWS) security services and AWS Ground Station so that threats surface before they cause damage, and forensic data is already flowing when an incident occurs.

This blog covers what to do when those detections fire. Satellite incident response (IR) must account for constraints that ground-based systems never face: containment actions that wait for the next orbital pass, decisions that trade mission continuity against security, and recovery procedures where the compromised endpoint cannot be physically accessed. It walks through containment, eradication, recovery, automated runbooks, and tabletop exercises designed for satellite operations teams.

In this blog, we will explore how customers can use Innovation Sandbox on AWS to transform the management of temporary sandbox environments, so that they can focus on driving innovation, skill building, and developing the next big technological breakthrough.

In this post, we demonstrate how to use the advanced malware detection features of Amazon GuardDuty to uncover malicious and suspicious files compromising your Amazon Elastic Compute Cloud (Amazon EC2) instances. We use the investigative capabilities of Amazon Detective to gain deeper insights into the security event. After the key questions about the security event are addressed, we outline steps to remediate the potentially compromised EC2 instance.

In July 2021, the U.S. Department of Defense (DoD) released a cloud native access point (CNAP) reference design that follows zero trust architecture (ZTA) principles and provides a new approach to access mission owner (MO) applications. The DoD’s reference design discusses four core capabilities of CNAP: authenticated and authorized entities (C1), authorized ingress (C2), authorized egress (C3), and security monitoring and compliance enforcement (C4). In this blog post, we walk through how to establish the C2 component via a virtual internet access point (vIAP) with AWS. The proposed architectures can reduce operational cost and management overhead, while improving the accessibility, resiliency, and security of mission owner applications.

In this blog post, we explain how government agencies can accelerate their development workflows while maintaining strict application and operational security using the principles of continuous integration and continuous delivery (CI/CD) and DevSecOps. We provide a solution to walk you through how you can quickly set up your own DevSecOps pipeline that incorporates AWS and third-party security tools to give you a fast, flexible, and secure software delivery process.