Leveraging native AWS security service components
As a mandatory resource on the Audit AWS account, this threat detection service continuously monitors your AWS accounts and workloads for malicious activity, delivering detailed security findings for visibility
This mandatory resource, enabled for compliance purposes on the Audit AWS account, monitors and records account activity across your infrastructure, giving you control over storage, analysis, and remediation actions.
Citadel utilises Simple Notification Service (SNS) to centralise the sending of security notifications to admins from the security services configured in the Audit account.
Citadel increases security and compliance by utilising S3 buckets to store log files and security events for long-term storage, centralising them in a single account isolated from others.
Highly-recommended on the Audit AWS account, this cloud security posture management service ensures continuous compliance by performing security best practice checks, aggregating alerts, and enabling automated remediation. This aggregates to all Citadel environments.
Citadel follows AWS best practices creating a 3-tier structure with Public, Private and Secure Subnets with Access Control between the tiers to restrict traffic. Multiple Availability-Zones are also leveraged to reach high-availability when running your applications.
Increase internal security by specifying who or what can access services and resources in your AWS accounts, managing fine-grained permissions from a central location, and analysing access to refine permissions across AWS.