Skip to Content
Website banner
Solution

Cloud soc essentials for AWS

Providing foundational identification, alerting, and remediation guidance for threats to your AWS cloud environment

Enterprises know they need security, visibility, and actionable intelligence, but they often find themselves overwhelmed by alerts, lacking the funding to run their own security operations center (SOC), or struggling to justify the cost of a fully managed SOC service. Even the best native cloud security products may remain underutilized as IT and security teams are understaffed and unable to fully leverage their capabilities. But now they get the visibility they desperately need with Capgemini’s new Cloud SOC Essentials for AWS service, a first-of-its-kind managed offering providing foundational security operations center functionality at a fraction of the cost of traditional managed SOC services.

Visibility without the noise

The Cloud SOC Essentials for AWS service leverages Capgemini’s extensive cloud and SOC experience and business insight combined with Trend Micro’s advanced threat capabilities to provide customers with actionable visibility and intelligence to the highest value threats in their cloud environments, while also providing executive-level perspectives as they move into the cloud. This emphasis on actionable findings and remediation guidance will help customers to get started faster, avoid alert fatigue over time, and receive extensive value from a cost-efficient service.

Industry-leading business and security intelligence

The Cloud SOC Essentials for AWS service combines a fully managed detection and response SaaS platform with real-time monitoring and intelligence delivery for foundational cloud security issues. The service focuses solely on known high-risk indicators of compromise, helping customers identify and respond to cloud security threats by providing real-time alerting integrated into customers’ existing workflows, complete with suggested remediations. Additionally, curated executive-level briefings are provided on a periodic basis to help guide C-level executives on overall events, posture, and trends meaningful to the overall business. To begin, customers share access to only the required data feeds from their cloud environments with Capgemini for ingestion into the managed service platform using CloudFormation templates provided by Capgemini. Customers also provide the appropriate email addresses for each type of report. Once the data feeds are confirmed, the service begins evaluating behavior in the customer environment to identify known threat patterns and build a baseline of activity to later detect anomalous behavior using Trend Micro’s advanced threat hunting capabilities. If any alerts are identified, additional logic and analysis is applied to evaluate the impact and importance of the alert sent to the customer.

Actionable reporting

Customers will receive three different types of reports:

  • Incident report – Provides real-time incident notification based on known patterns indicating immediate threats to the environment.
  • Operation report – Provides the most recent actionable findings and common patterns on where those threats are coming from or what is most often being exploited.
  • Executive report – Provides an overall risk score, focusing on findings that represent a substantial risk to the business.

Key benefits

  • Provides actionable visibility and recommendations to high-risk activity in your AWS environment
  • Augments real-time analysis with periodic reports so you know where to invest your time
  • Delivers value at a fraction of the cost of doing this yourself or with a traditional managed service

Meet our experts

Michael Wasielewski Jr

Global Head of Cloud Security Services, Capgemini
Michael is responsible for global cloud security and next-gen secure architecture portfolio development. He brings a robust background ranging from network operations and engineering to running global information security teams and modernizing enterprises through their cloud and workplace journeys, as well as executing as a global cloud security specialist for AWS. When not playing video games with his two kids or struggling to learn French, you can often find Michael arguing about what zero trust really means, why you are almost always more secure in the cloud, and why New York-style pizza is the best.

Geert van der Linden

EVP and Head of Global Cybersecurity Practice & CISO, Cloud Infrastructure Services (CIS GBL), Capgemini