Ian, looks great!
A few feedback items you might want to consider for your next revision...
I don't see mention of AWS Audit Manager? Is there an equivalent on Azure (or GCP)? There are some commercial vendors out there that do this across clouds (maybe Intezer is one of these?)
Also no mention of AWS Detective? I guess Azure has ASC and Graph API (+ powerBI + ?) for this?
For AWS container security I think you're right that there is no point-and-click AWS service but it's also fairly transparent via blogs, meeting attendance and github commits that AWS has participated with CNCF from day 1 on things like OPA Gatekeeper, eg:
https://aws.amazon.com/blogs/containers/using-gatekeeper-as-a-drop-in-pod-security-policy-replacement-in-amazon-eks/So while technically, yes, it's "3rd party" it's also true that kubernetes itself is "3rd party" in that respect. Similarly for runtime scanning, Falco - another CNCF project - is a drop-in to kubernetes on EKS, eg:
https://aws.amazon.com/blogs/containers/implementing-runtime-security-in-amazon-eks-using-cncf-falco/Azure retired ACS I believe so you may need to update to point to Azure Defender for Kubernetes
.
I like the comparison format overall! Helpful to those of us trying to keep this all straight in our heads :)
------------------------------
Robert Ficcaglia
CTO
SunStone Secure, LLC
------------------------------
Original Message:
Sent: Apr 21, 2021 06:15:43 AM
From: Ian Gallagher
Subject: Security Features of the Big 3 Comparison
Intezer put together a side-by-side comparison of the built-in security features offered by AWS, Azure and GCP. This single point of reference can help security teams develop their strategy across different clouds.
Available here β Security Features of the Big 3 Comparison (also attached for those who don't want to leave their details)
Security controls and categories:
- Network security
- Vulnerability management
- Cloud Workload Protection Platform (CWPP)
- Cloud Security Posture Management (CSPM)
- SIEM capability
- Additional threat detection and monitoring
We hope you find it useful π
------------------------------
Ian Gallagher
Marketing Manager
Intezer
------------------------------