24/7/365 Managed Security

AWS Level 1 MSSP with
Modern Compute Security

Working closely with AWS, Deepwatch has earned the distinction of the AWS Level 1 Managed Security Service Provider (MSSP) competency, successfully addressing 10 AWS Managed Security Service (MSS) specialization requirements.

In addition, our AWS Modern Compute Security speciality extends beyond the Level 1 baseline, establishing Deepwatch expertise in container security for more demanding AWS environments.

Dedicated AWS VPC

Establish a Solid Foundation

As a designated Level 1 MSSP Competency Partner, Deepwatch has proven capabilities to protect AWS environments. The Deepwatch Managed Security Platform includes a curated set of best-of-breed SOC technologies which are securely deployed in a dedicated AWS VPC and includes a comprehensive suite of AWS security services. We help you establish a solid foundation to protect your most critical cloud assets.

  • Managed Detection & Response (MDR)
  • Managed Vulnerability Management Program
  • Integrated Endpoint Detection and Response
  • 24/7/365 Threat Monitoring & Response
  • Integrated container security
  • AWS Cloud Security best practices

Breaches involving cloud misconfigurations cost organizations on average $4.62 million in 2020.

- Cost of a Data Breach 2021 Report by IBM

Security Integration

Managed Security Services Built within AWS VPC

With Deepwatch as your AWS Level 1 MSSP, you receive the Deepwatch Managed Security Platform along with a team of experts to protect and monitor your data 24/7/365. Customers who choose Deepwatch as their AWS Level 1 MSSP receive:

  • A secure, dedicated AWS VPC with AWS security services
  • The Deepwatch Managed Security Platform, built around Splunk as the core analytics engine
  • Custom, prioritized data ingested and monitored, including GuardDuty, CloudTrail, and Security Hub
  • Secure and compliant AWS certified environment, using AWS recommended best practices and enabling customers to address the shared responsibility model
  • An assigned team of 24/7/365 security experts, called a "Squad," which includes certified AWS Cloud Security experts, who collaborate closely with in-house security teams
  • Aligned with MSSP Level 1 specializations, including Compliance Monitoring to meet PCI-DSS, HIPAA, and SOC2 Type II standards
  • Scalable platform with Maturity Model and Score to measure and benchmark your SecOps maturity and help progress your security program over time
  • Fast time to value, with initial security feeds alerting within days, and final on-boarding completed by Day 60

AWS Cloud Security

Deepwatch Demonstrates Technical Proficiency

As an AWS MSSP Level 1 Security Competency Partner, Deepwatch demonstrates proven technical proficiency and customer success in delivering effective, innovative cybersecurity solutions that maximize the AWS Suite of Security and Cloud technology services.

The Deepwatch suite of security solutions achieves this designation and qualifies within six security competency domains:

  • Vulnerability Management
  • Cloud Security Best Practices & Compliance
  • Threat Detection And Response
  • Network Security
  • Host and Endpoint Security
  • Application Security

Healthcare Security Testimonial

Trusted Partners in Managed Security Services

"The magic sauce of any MSS relationship is how much can they acclimate to your specific business nuances and the specific things about your risk model and your risk tolerance, what assets are valuable to you. We found a partner that could meet us there, and it worked".
- Joey Johnson, CISO, Premise Health
AWS Partner Network Validated Level 1 MSSP Software Competency

Security Visibility Confidence

AWS and the Deepwatch Managed Security Platform

Deepwatch is qualified by AWS to provide managed solutions, security architecture, and guidance to AWS customers. In our unique collaboration, Deepwatch harnesses the power of native AWS security services within the Deepwatch Managed Security Platform and includes a fully provisioned, dedicated AWS VPC for every customer. Deepwatch experts then engineer customized AWS security solutions that best suit your existing environment and desired security outcomes. We also help customers scale AWS environments and security to meet evolving business needs.

AWS MSSP Level 1 Services Benefits
AWS Infrastructure Vulnerability Scanning

Deepwatch performs both authenticated and unauthenticated vulnerability scans to identify infrastructure in your AWS environment that is subject to known vulnerabilities, leverage our findings to remediate, and ensure your infrastructure is in line with security best practices.

Deepwatch offers fully-managed vulnerability management program services - from VM technology management and scanning to risk reporting and prioritization to comprehensive remediation planning.

AWS Resource Inventory Visibility

Full visibility into AWS resources is maintained by Deepwatch with the ability to see inventory by type of service, region, account, and other relevant attributes. Logs are indexed continuously and logging is enriched with AWS tags and other relevant metadata.

Deepwatch utilizes CloudTrail logs for event driven notification of instance state changes and recommends AWS Config be activated and rules built around infrastructure. AWS Config logging is then ingested to Splunk for alerting and monitoring. Deepwatch uses AWS Control Tower for guardrails, which sits on top of AWS Config.

AWS Security Best Practices Monitoring

Deepwatch recommends that customers enable AWS Security Hub and the "AWS Foundational Security Best Practices" standard within all AWS accounts.

The AWS Foundational Security Best Practices standard is a set of automated security checks that detect when AWS accounts and deployed resources do not align with security best practices as defined by security experts. Deepwatch then indexes logs to Splunk for dashboards and alerting.

AWS Compliance Monitoring

Deepwatch leverages AWS Security Hub and AWS Config to detect configuration drifts within an AWS account. Logs are ingested to Splunk where dashboards reveal configuration drifts which are continuously reviewed.

The compliance packages you choose to enable are ingested to Splunk where we have dashboards, alerting, and reporting around the findings.

Monitor, Triage Security Events

Deepwatch provides full visibility into security alerts related to your AWS environment with a consolidated list of security events and recommended remediation guidance.

The Deepwatch Managed Security Platform includes a curated set of best-of-breed SecOps technologies which are securely deployed in your own dedicated AWS VPC and include a comprehensive set of embedded AWS services.

Your AWS environment is fully monitored and security events triaged 24/7/365 by a named Squad of security experts to keep your most critical cloud assets protected.

24/7/365 Incident Alerting and Response

Deepwatch maintains 24/7/365 security incident monitoring, alerting, and response services for our customer environments.

Our award-winning Squad Delivery model maintains named security analysts and gives our customers the ability to access their assigned Squad members directly at any time via direct instant messaging, e-mail, and phone numbers.

Distributed Denial of Service (DDoS) Mitigation

Deepwatch recommends that customers deploy AWS Shield for their managed DDoS protection of cloud workloads. AWS Shield integrates easily with existing services to provide instant protection against attacks.

For customers that require a higher level of protection, we recommend subscribing to AWS Shield Advanced protection. Logging for these services is collected by Deepwatch via CloudWatch and delivered to customers in the event of an attack.

Managed Intrusion Prevention System (IPS)

Deepwatch recommends using an Endpoint Detection & Response (EDR) solution from one of the EDR technology leaders including CrowdStrike, SentinelOne or Cybereason. Deepwatch offers fully-managed EDR services which includes the EDR technology stack management and 24/7/365 endpoint threat detection and response delivered by cloud security experts working to continuously detect, investigate, and remove threats from your AWS endpoints.

Managed Web Application Firewall (WAF)

Deepwatch uses and recommends the AWS Web Application Firewall (WAF). AWS WAF helps protect your web applications and APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources. The AWS WAF addresses OWASP Top 10 security risks.

Container Threat Detection Deepwatch integrates with native services such as GuardDuty to continuously monitoring cluster activity to identify malicious or suspicious behavior that represents potential threats to container workloads.
AWS Alliance Data logo

Financial Services Customer Testimonial

Leveraging Deepwatch and AWS VPC

"Alliance Data uses Amazon Web Services (AWS) platform through our partnership with Deepwatch, an industry-leading managed security services provider. This relationship leverages a Deepwatch-managed AWS Virtual Private Cloud (VPC), which hosts our security information and event management (SIEM) solution, security orchestration, automation, and response (SOAR) solution, and our user and entity behavior analytics (UEBA) solution.

Since these solutions are hosted in an AWS VPC, we enjoy exceptional availability and inherent disaster recovery capabilities, dynamic scalability to ensure our performance goals are always met, as well as a robust shared platform where my team can collaborate, in real-time, with our Deepwatch squad of security analysts, engineers, and threat hunters to monitor, detect, and respond to threats targeting Alliance Data and its brand partners."

Deepwatch Financial Case Study

Customized Workflows

Bank Moves To The Cloud Case Study

An enterprise banking client chose Deepwatch to scope, design, and build a full security monitoring solution customized to their workflows with AWS cloud services.The solution included the Deepwatch Managed Security Platform built within a Dedicated AWS Virtual Private Cloud (VPC), Amazon Simple Email Service (SES), scalable Amazon EC2 compute instances, and more. Within a total of 60 days, the entire security monitoring solution was fully functional and monitored 24/7/365.

Let's Talk

Ready to Become Cyber Resilient?

Meet with our managed security experts to discuss your use cases, technology and pain points and learn how Deepwatch can help.