We use best-in-breed tools that provide customers with powerful insight into their cloud environments. With real-time alerting, scheduled reporting, and automated remediation, each customer gets access to tools that suits their unique business needs.
Our base plan is what we consider "industry table stakes" and includes, but is not limited to the following:
EC2 RI Types with Unused Hours
Excessive Costs for a Glacier Restore
RDS Reserved Instance Payment Failed
Idle RDS DB Instances
Idle SQL Database Instances
Redis Cache Using Basic-Tier Pricing
Stopped or Deallocated Virtual Machines with Disks Attached
Security & Compliance
S3 Public Sensitive Objects Stored
CloudTrail Unauthorized Access Attempts
Publicly Accessible RDS Instances
SNS Topic w/ Permission Set to All
Blob Containers Set to Full Public Read Access
Dangerous Ports Exposed
Publicly Accessible SQL Servers
Server Firewall Allows a Broad range of IPs
Utilization & Performance
Under-Utilized EC2 Instances/VMs
Auto Scaling Groups Not Being Utilized
Excessive Log Files
Failed Activities in RDS Events
Under-Utilized App Service Plan CPU
Unused Network Interfaces
App Service Has Exceeded Usage Quota
App Service Without Backup Service Enabled
EBS Volumes Without A Snapshot
EC2 Errors in Console Output
RDS Instance <10% Free Storage
AWS CloudFormation Stack w/ no Policy
Managed Disk Without Backup Protection
SQL Server Database <10% of Free Storage
Unhealthy Virtual Machines
App Service Plan is Unavailable
Get Secure, Reduce Spend and Improve Control with bash9.io
Bash9 can augment and optimize your operational capabilities in both new and existing AWS environments, providing operational flexibility, enhanced security and compliance. Our services help you operate your cloud infrastructure more efficiently and securely by leveraging our growing library of automation, configurations, and run books. In addition to custom too integrations, here are some of the automated we can assist with:
Get control (Lockdown)
Lockdown a secure baseline for services, permissions, networks and access.
Maintain control (Guardrails)
Add automated policy enforcement, with drift detection & repair.
Protect applications (Isolation)
Separate applications for control, cost, network access and change management.
Clarify responsibilities (IAM)
Establish a hierarchy of permissions with clear ownership, named users & activity audit trails.
Empower (Self Service)
Self service and infrastruction automation by app teams within policy guardrails.
Monitor applications, support teams and automate best practices.
Audit trail & Log management
Ensure audit logging of all actions, with named users and protection of records.
Separate AWS, Azure & GCP accounts
Separate apps into different cloud accounts for easier management & control.
Automatic encryption, backup, rotation and deletion protection for all data.
Management of credentials, with reminders and automatic rotation.
User & Permission management
LDAP & SAML integration with predefined policies. Simple cross account user management.
Automatic setup and removal of monitoring with centralized alarms & ticketing.
Save some time with bash9.io