AWS CAF Security Perspective - AWS Security Incident Response Guide

AWS CAF Security Perspective

The Security Perspective includes four components:

  • Directive controls establish the governance, risk, and compliance models within which the environment operates.

  • Preventive controls protect your workloads and mitigate threats and vulnerabilities.

  • Detective controls provide full visibility and transparency over the operation of your deployments in AWS.

  • Responsive controls drive remediation of potential deviations from your security baselines.

Although IR is generally viewed under the responsive controls component, these are dependent and influenced by the other components. For example, directive and preventative security controls help establish a baseline, so you can monitor and investigate any deviations from this baseline. This approach not only eliminates noise, but it also contributes to a defensive security design.