Configure Aperture Security Controls
Aperture Security Controls allow you to define and enforce policy rules for monitoring settings and activities so that you can automatically detect and remediate risks around data exfiltration, exposure, or risky user behavior. For example, you can create a policy that sends an email alert or creates a log entry when a user forwards a corporate email to a personal email address or when a security key pair rotation does not follow defined policies. Security Controls include a robust set of match criteria that allow you to precisely define which settings and activities to track.
The Aperture service supports the following types of security controls:
Security Control Name
Administrative Access of End Users Inbox
Identifies administrators who have access to an end users inbox. The Admin Email lists the email address of the administrator and the User Email lists the email address of the user whose inbox can be accessed by the administrator.
Email Forwarding Rule
Identifies Corporate emails that are forwarded to personal email domains. Rule Name identifies the email forwarded and the email address is listed in Forwarded Email Address.
Email Public Folder
Identifies exposed public folders that users can access within the Enterprise, and Folder Name and Folder Owner to exclude.
Identifies user-generated email retention settings that vary from the Corporate Administrator policy settings.
Inbound Accessible Services
Identifies Inbound Security Groups that have access to specific services and ports that are scanned in AWS.
Sends an alert for keys that have not been rotated within a specific time frame such as one week, one month, three months, or one year.
Identifies users and sends an alert when they log in to the SaaS application without multi-factor authentication.
Non-Standard Amazon Web Services EC2 Appliance (AMI)
Identifies AMIs that are not trusted by the organization and sends an alert on non-standard AMIs.
Outbound Accessible Services
Identifies Outbound Security Groups that have access to specific services and ports that are scanned in Amazon Web Services.
Checks the password (such as complexity, reuse, or expiration) against the password policy and sends an alert when there is a discrepancy.
Identifies and alerts on Elastic Block Storage
(EBS) storage volumes that are not encrypted.
Add a New Policy Rule for Security Controls
Add a New Policy Rule for Security Controls To add a new policy rule for security controls: Add a new rule. Select Policy Security Controls ...
New Features Introduced in October 2017
New Features Introduced in October 2017 The following table provides a snapshot of new features introduced for Aperture™ in October 2017. Refer to the Aperture ...
Aperture service focuses on Content Security, User Activity Monitoring, Security Configuration Controls and Third-Party App Integrations. ...
What is an Incident?
The Aperture service identifies and sets the state and category for each incident discovered during the scanning of your assets. ...
Security Controls Incident Details
Security Controls Incident Details The Aperture service scans and analyzes email assets, settings, and user behavior and applies Security Control policies to identify exposures, risky ...
Supported SaaS Applications
The Aperture service provides a consistent security policy for your SaaS applications to detect data exfiltration and malware propagation. ...
Change Sharing SaaS applications make it easy for users to collaborate and share information in the cloud. However, tracking and controlling the different types of ...
Begin Scanning a Microsoft Exchange App
Use the Aperture service to scan and identify incidents found when scanning assets and email attachments in your MS Exchange app. ...
Manage Aperture Policy
Manage Aperture Policy Policy in Aperture™ is simple and aims to create an awareness of user actions and minimize the risks associated with the use ...