Specifications
Specifications ⫘
The subsections below specify the Cloud Services from which data can be collected for analysis, as well as the in-scope Control Areas, Frameworks and Standards, and Benchmarks that will be used to analyze and interpret the data, and to provide recommendations and remediation opportunities to address the findings.
Cloud Services
Listed below are the Cloud Services (categorized by provider) that Secureworks will review as applicable to your in-scope cloud environment(s). These Cloud Services will be reviewed, in addition to any applicable cloud resources that are associated with them, for the existence and efficacy of security configurations and controls as related to the Control Areas, Frameworks and Standards, and Benchmarks listed in the next subsection.
| Amazon Web Services | Azure | Google Cloud Platform | ||
|---|---|---|---|---|
| ACM | GuardDuty | ActiveDirectory | Insight | AppEngine |
| AutoScaling | IAM | AKS | KeyVault | BigQuery |
| CloudFormation | Kinesis | ApplicationGateway | MySQL | Bigtable |
| CloudFront | KMS | AppService | Network | CloudFunctions |
| CloudTrail | Lambda | Authorization | NetworkSecurityGroup | CloudRun |
| DynamoDB | RDS | Cache | PostgreSQL | Compute |
| EC2 | Redshift | CDN | ResourceManager | DNS |
| ECR | Route53 | Compute | Security | GKE |
| ECS | S3 | ContainerRegistry | SQL | IAM |
| EFS | SecretsManager | CosmosDB | Storage | KMS |
| EKS | SNS | EventHub | TrafficManager | Logging |
| ElastiCache | SQS | Firewall | VirtualNetwork | SecretManager |
| Elasticsearch | SSM | FrontDoor | WAF | Spanner |
| ELB | WAFv2 | Functions | SQL | |
| ELBv2 | HDInsight | Storage | ||
Analysis
Secureworks will analyze your cloud environment(s) as related to the Control Areas, Frameworks and Standards, and Benchmarks listed below.
| Control Areas | Frameworks and Standards | Benchmarks |
|---|---|---|
| Cyber Kill Chain | MITRE ATT&CK Cloud | CIS Azure Foundations |
| Access Control | NIST SP 800‐53 | CIS AWS Foundations |
| Networking Security | ISO IEC 27001 | CIS Amazon EKS |
| Cryptography | AICPA SOC 2 | CIS GCP Foundations |
| Security Hardening | EU GDPR | CIS Google GKE |
| Audit and Logging | NIST SP 800‐171 | |
| Operations | NIST CSF | |
| Reliability | PCI DSS | |
| HIPAA |