Sentinel 360

Sentinel 360 is a customized and unique solution for security operations, based on the Netflix OSS project Security Monkey.

Sentinel 360 is a solution for monitoring and analyzing the security of Amazon Web Services (AWS) and Google Cloud Platform (GCP) configurations. Sentinel 360 monitors your AWS and GCP accounts for policy changes and alerts on insecure configurations. It provides a single user interface  (UI) to browse and search through all of your accounts, regions, and cloud services. Sentinel 360 remembers previous states and can show you exactly what changed, and when. Sentinel 360 scores multiple accounts to visually represent the security posture across an organization.

Sentinel 360 can be extended with custom account types, custom watchers, custom auditors, and custom alerters.  Sentinel 360 allows you to monitor changes to your cloud environment and how those changes affect your security profile. 

Already a customer?  Please refer to our quickstart guide here.

Typical Use Cases
  • Checking historical details for a given configuration item (e.g. the different states a security group has had over time).
  • Viewing reports to check what audit issues exist (e.g. all S3 policies that reference unknown accounts or all IAM users that have active access keys).
  • Justifying audit issues (providing background or context on why a particular issues exists and is acceptable though it may violate an audit rule).

Note on AWS CloudTrail and AWS Trusted Advisor. Why Sentinel 360? Doesn't AWS do this already?

CloudTrail is AWS’ service that records and logs API calls. Trusted Advisor is AWS’ premium support service that automatically evaluates your cloud deployment against a set of best practices (including security checks).

Sentinel 360 surpasses both of these services and meets a bit of each services’ goals while having unique value of its own:

CloudTrail provides verbose data on API calls, but has no sense of state in terms of how a particular configuration item (e.g. security group) has changed over time. Sentinel 360 provides exactly this capability.

Trusted Advisor has some excellent checks, but it is a paid service and provides no means for the user to add custom security checks. For example, Netflix has a custom check to identify whether a given IAM user matches a Netflix employee user account, something that is impossible to do via Trusted Advisor. Trusted Advisor is also a per-account service, whereas Sentinel 360 scales to support and monitor an arbitrary number of AWS accounts from a single Sentinel 360 installation.

Sentinel 360 is a comprehensive solution for multi-account security. The tool continuously monitors and detects potential anomalies and risky configurations in the cloud infrastructure. It is an “AWS security configuration tracker and analyser that scales for large and globally distributed cloud environments.

AdvanceCo Support for Sentinel 360:

At AdvanceCo we offer production support and ongoing maintenance to Sentinel 360.  We will provide support for migration between versions, and from the last two versions to a currently supported version.   Version upgrades may occur on a quarterly basis.  Upgrades and updates will be communicated to all subscribers.  Support will include package updates, FAQ, and quickstart instructions. We offer various levels of support for Sentinel 360 as well as custom installation, reporting, and notifications.

Our support can be customized to serve your organization.  We can also create unique integrations into custom systems such as CMDB, ITSM, ticketing, and service dashboards.

AdvanceCo Sentinel 360+

FEATURE SERVICE

Standard

Plus

Enterprise


Sentinel 360 updates:

Product Upgrades and Updates

12/5 Support via web, and email

24/7 with phone support



Custom Alerter, Notification, and Report Creation


✓(1)

✓(2)

Multi-Zone Capable Database

(AWS RDS Postgres)


Case Management and Escalation Assistance


Certificate and Email Setup


Contracted SLA response times (4 hour)


Scale Out Reference Architectures

Designated Enterprise Account Manager




included with active cloud subscription$300/month per subscription$750/month
per subscription