Requirement 7 - Plan for incident response and information sharing

Cyber incident response planning

Preparation is critical for a successful incident response program. The AWS Security Incident Response Guide whitepaper provides you with an overview of the fundamentals of responding to security events within a customer’s AWS Cloud environment. AWS provides a number of security tools and services to allow organizations to track, monitor, analyze, and audit events.

The Well Architected Security pillar also provides guidance to customers on Incident Response.

Security training and awareness

AWS offers training to develop critical security skills to simplify your organization’s journey to the AWS Cloud, protect data and applications, and innovate with confidence.

AWS Training and Certification has created the AWS Ramp-Up Guide: Security for AWS Cloud Security, Governance and Compliance Professionals and other AWS Ramp-Up Guides to help build your knowledge of the AWS Cloud. Each expertly curated guide features free training, classroom courses, videos, whitepapers, certifications, and other information.

Penetration testing

The AWS Acceptable Use Policy describes permitted and prohibited behavior on AWS, and includes descriptions of prohibited security violations and network abuse. AWS customers are welcome to carry out security assessments or penetration tests against their accounts on AWS infrastructure without prior approval for eight services, listed in Penetration Testing under “Permitted Services.” All penetration testers and vulnerability scan managers must understand and comply with the AWS Customer Support Policy for Penetration Testing.

AWS Security Competency Partners offer an array of security offerings like network and infrastructure security, vulnerability and configuration analysis, application security, and security engineering.