After seven months in preview, Amazon Web Services on Monday night announced the general availability of AWS Control Tower and AWS Security Hub, aiming to make it easier for corporate customers to set up, secure and monitor cloud environments.
Unveiled at AWS re:Invent in Las Vegas last year, the new services are part of a broader effort by the public cloud leader to lower the barriers to entry for large businesses that want to shift to the cloud, and to reduce the friction for existing business customers that want to grow their cloud footprint.
Amazon isn’t alone in this quest. AWS is looking to leapfrog similar services from its rivals, including Microsoft’s Azure Security Center and the Google Cloud Security Command Center. Along with pricing, issues like security and ease of deployment are among the most common concerns for companies as they look to put more workloads in the cloud.
The announcements come on the eve of the AWS re:Inforce conference in Boston, where Steve Schmidt, AWS chief information security officer, is scheduled to give a keynote address on Tuesday morning.
With AWS Security Hub, in particular, the Seattle-based cloud giant says it’s addressing a practical pain point for chief information security officers at big companies.
“One of the challenges here is that most companies use lots of different security software, third-party software, AWS services,” explained Amazon Web Services CEO Andy Jassy at re:Invent. “One of the big challenges is, you have all these findings, they’re different data formats, they’re different services, and CISOs are forced to be constantly pivoting between different consoles and different services, or aggregating all that data and trying to normalize it to make it coherent, but it’s a lot of work on their side.”
AWS Security Hub seeks to address this issue by providing a dashboard view of Amazon Web Services’ own security tools in addition to those from third-party security services. After a 30-day free trial, pricing for AWS Security Hub is based on usage. See detailed pricing information here.
Amazon lists companies including GoDaddy, HERE, the Pokémon International Co., Rackspace, Splunk and PagerDuty as initial partners and customers using and integrating Security Hub.
AWS Control Tower, meanwhile, automates the process of setting up a multi-account AWS environment by using blueprints for best practices in areas such as data access, security and compliance. In some ways, it’s analogous to going with the default operating system setup when booting up a PC for the first time, with additional controls and options.
Amazon says there’s no extra charge to use Control Tower beyond the underlying cost of the services and resources it sets up on a customer’s behalf.
Here’s Jassy discussing both services at re:Invent 2018.