AWS - Amazon Web Services

Data is now at your fingertips as a result of technological innovation. Using the cloud, you may now access your data anytime and anywhere you want. Cloud security is yet another critical feature of cloud services. INVESICS provides AWS security needs for cloud services. AWS security services are just one of the many security services provided by INVESICS.‎

INVESICS’ AWS security services gives you a sense of security and we believe in the success of your company.  and let us help each other grow and take the next step of success together. Become an AWS certified security partner with INVESICS‎

Amazon web services is a subsidiary of which provides on-demand cloud computing services. ‘Pay for what you use’ feature.‎ It also provides distributed computing by allowing us to access multiple virtual instances at the same time. It emulates almost all of the IT infrastructure services including networking and system administration. It operates through server farms spread throughout the world from where the instances can be accessed. Whereas some services are provided through the rest API call of specific service.

AWS Security

AWS provides you with a flexible architecture

AWS Architecture

  • The main component of AWS is EC2 or Elastic compute cloud which provides services based on the configuration of virtual instances.
  • Aws has a networked architecture which consists of mainly 3 components, such as the internet, AWS region and database called bucket.

Join Hands with us for AWS security needs

A simple how-to?

Aws region - Any geographical location wherein instances are deployed, all the regions are connected via the internet regions. Provides facilities to access the virtual instances based on your AWS configurations. Within a region, there are multiple EC2 instances configured.‎

  •  AWS uses load balancing to effectively distribute the traffic across multiple EC2 instances to lower the network traffic load.Also, there is a layer of security for each EC2 instance called security groups where traffic is routed through a firewall between the instance and internet or instance and database.‎
  • AWS uses ARDS or amazon relational database system RDBS to manage the database using queries similar to Mysql or ORACLE database. Within the database, all the data is stored in resources called buckets, amazon S3 directly interacts with buckets to store and retrieve data.‎
  • To deliver contents from S3 buckets to various access locations, AWS uses a feature called Cloudfront which creates a network between them. The locations are referred to as edges, the nearest edge is determined by various factors such as routing speed, the bandwidth of the network, etc.‎
  • EC2 instances use S3 or Simple Storage Service to store and retrieve data from a repository or database which is accessed using an elastic IP address. Also, every instance has a volume for storing data and logs called elastic block storage[EBS] which is for backup purposes, in case the database encounters a fatal error.‎
  • VPS or virtual private server allows you to deploy cloud resources onto a user-defined private network which can be defined according to the subnet scheme of the resources.In addition to this AWS has many other advanced features for advanced computing technologies such as blockchain and IOT services‎
  • AWS managed blockchain is a service that creates and manages blockchain networks for the resources using standard blockchain platforms like Ethereum. AWS IOT core is a cloud service mainly for connecting and managing various types of devices across the AWS network. ‎
AWS Security
AWS Security

AWS Security Practices

  • Use a strong password for your resources – always have a security layer of a complex password for securing your AWS resources as any attacker can have unauthorized access by cracking your simple password. You can create and manage passwords with any third party password management tool. ‎
  • Use multi-factor authentication – MFA or multi-factor authentication is an additional layer of security on top of username and password. ‎
  • It can be some information based on the device you want to secure or some kind of token or captcha.‎
  • Use group policies to restrict access – to protect your resources from unprivileged access user identity and access management to create users, groups and roles based on the privileges you want to grant the users.‎
  • Never store your access keys – though you can access your resources easily using access keys in the command line, it can sometimes prove fatal, so delete them and create a user and grant privileges to access the resources using API.‎
  • Enable Amazon CloudTrail – by starting Cloudtrail, you can track activity performed on your resources, this way you can get alerts if anybody tries to get unauthorized access to your resources.‎

If you'd like additional information on how to shape your company's AWS security strategy


Security Testing of AWS

Here are some methods to perform AWS security testing to help identify and mitigate threats

Unauthorized access in Bucket
the most critical part of AWS is the database or buckets, where most of the attacks are targeted, so try to test if the database can be easily accessed by performing SQL injection attacks.‎
Extracting keys from ec2 instance
AWS has a feature to directly access resources from the command line using special keys called access keys, but it may prove fatal if an attacker accesses them, so try to infiltrate the services and find the keys to check whether the keys can be directly accessed.
Analyze network traffic logs
If the AWS deployment has Cloudtrail enabled, which monitors and logs network traffic, try to analyze the logs to find any threat to prevent it.
Stealing Virtual Images
Sometimes attackers can try to steal the virtual instance images to steal user data, so also test whether the instances can be directly accessed or there is some kind of encryption to protect the directory where the instance image is stored.

AWS Vulnerabilities

Issue which caused information disclosure during parsing of ICMP packets in TCP component of AWS freetos.
Issue found in aws freetos which caused any DNS response to be accepted without matching whether it was a valid DNS request.
Information disclosure vulnerability due to which out of bounds memory access is caused while parsing NBNS packets which can help the attacker to steal sensitive data.
Information disclosure vulnerability due to which out of bounds memory access is caused while parsing arp packets which can help the attacker to steal sensitive data.‎‎
Remote code execution vulnerability in AWS freertos due to which a crafted IP header can occupy full memory leading to Denial of service attack which can further lead to remote code execution.
Buffer overflow vulnerability found in AWS freertos version 1.3.1 which caused out of bounds memory access in DHCP responses of TCP component which lead to sensitive data leakage.‎
Buffer overflow vulnerability found in aws freertos version 1.3.1 which caused out of bounds memory access in source and destination fields of tcp component which lead to sensitive data leakage.
Authentication bypass vulnerability in AWS SDK in android which stores AWS credentials in plain text, which allows any attacker to access them and gain access into the account.

Here are some methods to perform AWS security testing to help identify and mitigate threats:

Here are some methods used for security testing any WordPress website which can help us identify many vulnerabilities

  • Try to look for outdated plugins as most of the plugins are not secure and are an easy target for attackers
  • By default, we can perform user enumeration to list out all the WordPress usernames to identify any critical username whose access could lead to critical outcomes
  • Try to access the critical files of any WordPress website to make sure any unauthorized user cannot access them by performing directory traversal attacks
  • Since WordPress has a MySQL database in its backend so any attacker can also perform SQL injection attacks to access the sensitive data stored in the database so try to perform SQL injection on critical databases of the WordPress website
  • Try to find any services which are not required as they can be used as entry points by attackers to gain access

Any Query?

Frequently Asked Questions

Explore How Invesics Can Become Your Digital Guard!

Find out from our cyber-security experts on a FREE consultation call