Australian automated cybersecurity startup 5pillars.io, AWS Advanced consulting partner, RedBear IT and AWS Premier consulting partner Versent have become among the first partners globally to achieve the newly launched Amazon Web Services (AWS) Level 1 managed security service provider (MSSP) competency.
The designation recognises partners that have successfully met AWS’ requirements for a baseline of managed security services to protect and monitor essential AWS resources 24/7, known as Level 1 managed security services.
This new baseline standard was revealed on 24 August, with the cloud giant naming 27 global launch partners including 5pillars.io and Versent. Other partners named by AWS included Accenture, Capgemini, Deloitte, Infosys and PwC.
The Level 1 MSS baseline was introduced to benefit cloud environments of any size. It spans six security domains: vulnerability management, cloud security best practices and compliance, threat detection and response, network security, host and endpoint security and application security.
The six domains contain multiple MSSP services, each with technical skillset and operational process requirements specific to AWS.
AWS security experts annually validate the tools and operational processes used by each MSSP to address specific cloud security challenges, such as continuous event monitoring, triaging, AWS service configuration best practices and 24/7 incident response.
It is claimed the AWS Level 1 MSSP Competency provides a faster and easier experience for customers to select the right MSSP to help them achieve their goals for business risk and cloud strategy confidence.
“Our team is dedicated to helping companies achieve their business transformation goals by leveraging the agility, breadth of services, and pace of innovation that AWS provides," VMS managing director, Dean Robinson said.
RedBear IT managing director, Doug Woodford said it has been an interesting journey for the company, which embarked on its MSSP journey in 2019.
"Our team is dedicated to helping companies enhance cloud security and reduce cyber risk by leveraging the agility, breadth of services, and pace of innovation that AWS provides," Woodford said.
5pillars is the brainchild of Lorenzo Modesto, who launched the startup late last year after taking some time out following his 10-year stint with cloud services provider Bulletproof until its acquisition by AC3 in 2018.
“5pillars is unique in delivering managed security through a patent pending automation platform coupled with a suite of AWS native security services,” he said. “For customers that are in AWS, we deploy a whole raft of native security services and deploy the 5pillars’ automation cyber security platform which then references an automation library.
"That then reconfigures a customer’s AWS environment if they are at some point non-complaint with AWS best security practice.”
In addition to achieving AWS Level 1 MSSP competency status, 5pillars’ automated security and compliance platform has achieved the ‘Reviewed by AWS’ solution badge as a member of the AWS Partner Network (APN).
5pillars’ automation platform, coupled with its comprehensive 5pillars Security Hub Auto Remediation Playbook (5Sharp) open-source project, delivers real-time remediation of security issues and continuous compliance with leading international standards.
To date, 5pillars has gained early customer success with map-based property information search solution GlobalX Terrain to ensure its development cycle was matched with its security posture and accelerate its journey to best of breed DevSecOps through automation and continuous compliance with cloud best practice.
“Change is a constant when delivering development agility and performance, and we need to ensure that our security is as good as our dev team’s output,” GlobalX Terrain CTO Angus Scown said. “5pillars’ automated security delivers not only a best practice environment but one that maintains continuous compliance with cloud security best practice through automation.
“This allows us to maintain continuous best practice in a changing and dynamic environment to mitigate risk and maximise our security posture.”
Corporate travel platform provider Kudos Travel Technology is also another customer that pivoted to embrace cloud best practice as well as maximise its compliance and security posture through shifting to a continuous compliance model, leveraging automation.
“High levels of compliance are operationally daunting and can be prohibitively expensive. In addition, compliance is always driven by a panicked project that companies typically push through, ignore for nine months and then dread the anniversary of the same process,” Kudos Travel Technology managing director Phil Rasmussen said.
“We quickly realised that 5pillars could not only massively accelerate our achievement of AWS best practice including the highest level of PCI-DSS compliance but, by achieving continuous compliance through 5pillars automation, enable us to turn compliance into a powerful differentiator and compelling USP that allows us to win market share and grow revenue.
"With 5pillars now we’re not just compliant, we’re continuously compliant and best practice.”