Trend Micro Cloud One™
Security
and Compliance Solutions
Prepared by Silicon Overdrive
November 2021
This brochure summarises select security and cloud protection solutions that Trend Micro Cloud One™ provides your public, private, and hybrid cloud environments.
If you have any questions, please do not hesitate to reach out to Leon Jacobs at leon@overdrive.co.za or Ross Davie at ross@overdrive.co.za.
Understanding the Shared Security Responsibility in the Cloud
Whether you are using cloud providers, such as AWS and Microsoft Azure, to host your sensitive applications and data or taking advantage of the speed that Microsoft Office 365, Dropbox, and other cloud software-as-a-service (SaaS) providers offer, you have a role to play in cloud security.
AWS Shared Responsibility
Security and Compliance is a shared responsibility between AWS and you, the customer.
The shared model can help relieve your operational burden as AWS operates, manages and controls the components from the host operating system and virtualisation layer down to the physical security of the facilities in which the service operates.
AWS Responsibility “Security of the Cloud”
AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud. This infrastructure is composed of the hardware, software, networking, and facilities that run AWS Cloud services.
Customer Responsibility “Security in the Cloud”
Customer responsibility will be determined by the AWS Cloud services that a customer selects. This determines the amount of configuration work you must perform as part of your security responsibilities.
Securing the Cloud with
Trend Micro Cloud One™
Trend Micro Cloud One™, a security services platform for cloud builders, delivers the broadest and deepest cloud security offering in one solution, enabling you to secure your cloud infrastructure with clarity and simplicity.
By considering your cloud projects and objectives holistically, Trend Micro Cloud One™ is able to provide powerful security, while you leverage all of the benefits and efficiencies the cloud offers your business.
Trend Micro Cloud One™ is comprised of multiple services designed to secure your physical, virtual, cloud, and container environments.
How Silicon Overdrive Leverages Trend Micro Cloud One™ to Boost Cloud Security and Compliance
Why Trend Micro Cloud One™
Automated
Security as Code lets your DevOps teams bake security into their build pipeline to release continuously and frequently. With built-in automation, including automated discovery and deployment, quick-start templates, and Trend Micro’s Automation Center, secure your environment and meet compliance requirements quickly.
Flexible
Security for your hybrid cloud, multi-cloud, and multi-service environments, as well as protection for any vintage of application delivery—with broad platform support.
All-in-One Solution
One platform that has the breadth, depth, and innovation required to meet and manage your cloud security needs today, and in the future.
Hybrid Cloud Security Masters Certified - 1st in South Africa
Silicon Overdrive is the first partner in South Africa to achieve the Hybrid Cloud Security Masters certification. Our certified team includes:
Charlton Daniels
Director of AWS
Romano Moses
AWS Solutions Architect
Christopher Voges
AWS Engineer
Trend Micro
Cloud One™ - Conformity
Awarded both AWS Cloud Management Tools Competency and Security Partner Competency, Trend Micro Cloud One™ – Conformity’s security and governance platform delivers continuous assurance that your infrastructure is compliant, secure, and optimised.
You can pull instant compliance reports for major, global standards such as the AWS Well-Architected Framework, HIPAA, PCI DSS, GDPR, and CIS (Center for Internet Security).
Real-Time Threat Monitoring provides instant threat alerts, tracking at the user and event levels, paired with a highly actionable dashboard to address critical vulnerabilities, immediately. Connected to the open-source Auto-Remediation framework, high-risk policies can be instantly detected, and corrected, freeing engineers to build with peace of mind.
The Knowledge Base is built on the AWS Well-Architected Framework with clear, step-by-step remediation rules actionable through both the AWS Console and CLI (command-line interface). Each rule includes the rationale to encourage continuous best practice as your company commits deeper to the Cloud.
Why Conformity
Automate Security and Compliance Checks
Through hundreds of automated checks against industry compliance standards and cloud security best practice rules, you can continuously improve your security and compliance posture for your cloud infrastructure.
Simplify Reporting
A single-pane-of-glass dashboard provides full and clear visibility of your entire multi-cloud infrastructure. Run reports on an endless combination of filters to exhaustively audit your infrastructure.
Integrate with Existing Workflows
Trend Micro Cloud One™ – Conformity integrates seamlessly into your existing workflows and allows you to maintain full autonomy.
Utilise single sign-on (SSO) solutions, individual access levels, and connecting your preferred third-party ticketing or notification provider.
What We Offer
Discounted Subscriptions
Silicon Overdrive provides customers with discounted Trend Micro Cloud One™ – Conformity subscriptions through AWS Marketplace.
Discounts start at 20% below the AWS Marketplace pricing.
Subscriptions Management
Our team can manage the subscriptions to remove this operational overhead for you.
Technical Expertise
Our team is certified and has the expertise to deploy and manage, or assist your team to implement, Trend Micro Cloud One™ – Conformity in your cloud environments.
Trend Micro Cloud One™ - Workload Security
Workload Security is a comprehensive security and cloud protection suite that scales seamlessly and helps you maintain continuous compliance.
Workload Security protects your AWS workloads against threats, malware, and vulnerabilities with Intrusion Prevention System (IPS) or Intrusion Detection System (IDS), application control, and more.
You can manage IPS/IDS, application control, anti-malware and more, in a single console. It helps you defend your network against attacks with intrusion detection and prevention, hardens your servers and speeds patching and response to zero-threats.
Workload Security also protects Windows and Linux workloads from malware, monitors unplanned or suspicious changes to your systems, stops SQL injection and XSS (Cross-Site Scripting) attacks on your applications.
Workload Security provides:
- IPS and IDS
- Integrity Monitoring
- Firewall
- Anti-malware
- Log Inspection and Content Filtering
Why Workload Security
Seamless Integration
Become a trusted partner with DevOps and increase security adoption across your organisation by introducing security tools that fit seamlessly into the Dev and Ops process without introducing friction.
Pay For What You Use
The AWS and Azure Marketplace offerings include an hourly pricing option, giving you the flexibility to deploy quickly and easily in the cloud.
Protect Against More Threats Faster
Detect and protect against vulnerabilities, malware, and unauthorised change with the broadest hybrid cloud security capabilities for your mixed environment of virtual, physical, cloud, and containers. Trend Micro Workload Security can automatically protect new and existing workloads against even known threats with techniques like machine learning and virtual patching.
Unified Security
Workload Security eliminates the cost of deploying multiple point solutions while achieving consistent security across physical, virtual, cloud, and container environments.
What We Offer
Discounted Subscriptions
Silicon Overdrive provides customers with discounted Trend Micro Cloud One™ – Workload Security subscriptions through AWS Marketplace.
Discounts start at 20% below the AWS Marketplace pricing.
Subscriptions Management
Our team can manage the subscriptions to remove this operational overhead for you.
Technical Expertise
Our team is certified and has the expertise to deploy and manage, or assist your team to configure, Trend Micro Cloud One™ – Workload Security in your cloud environments.
This can include the Intrusion Prevention, Anti-Malware, Firewall, Web Reputation, Integrity Monitoring, Log Inspection, and Application Control modules.
Trend Micro
Cloud One™ - File Storage Security
Cloud-native application architectures incorporate cloud file/object storage services into their workflow, creating a new attack vector where they are vulnerable to malicious files.
File Storage Security protects the workflow through innovative techniques, such as malware scanning, integration into your custom workflows, and broad cloud storage platform support – freeing you to go further and do more.
Why File Storage Security
Insightful Scanning
Take advantage of faster automated malware scanning via the latest file reputation and variant protection technologies, backed by leading threat research.
- File reputation: Block known-bad files with anti-malware signatures
- Variant protection: Look for obfuscated or polymorphic variants of malware via fragments of previously seen malware and detection algorithms
- Extensive flexibility: Trusted scanning support for small to large files, and support for various types of file
- Advanced intel: Thirty years of cyber threat research and experience
Flexible Integration
Deploy in minutes and start protecting your organisation’s downstream workflows from upstream risks.
- Automates file scanning to be triggered whenever new files are uploaded
- Deploys using cloud deployment templates
- Enables workflow integration through serverless functions
- Provides the option to be deployed as a centralised service managed by a security team
Secure Cloud Storage Data
Maintain data sovereignty with security designed for your Amazon Simple Storage Service (Amazon S3) buckets and Microsoft Azure Blob storage.
Trend Micro Cloud One™ - Application Security
Application Security minimises design and deployment risks by protecting against sophisticated hacks from inside the application.
Optimised for modern application architectures, Application Security immediately blocks unwanted activity in real-time to protect data and business logic.
Application Security lets you monitor and review exploitation attempts across an unlimited number of applications. Attack details are propagated across your infrastructure, meaning, if an attack is detected on one application, it is immediately flagged on every app server and for every monitored app in your account.
Application Security also gives your developers full visibility into how the vulnerability in your code would have been exploited, including a stack trace down to the line of code (where relevant), reporting of request parameters, and how your app’s behavior would have been modified.
Why Application Security
Automatic Protection
When your app is exposed to a malicious attack, the agent identifies the attacker, type of attack, and blocks it. User data is protected, and you have the insight you need to fix the coding vulnerabilities.
No Code Changes Required
The self-contained Application Security agent runs inside the process of your application without
requiring any code changes in the application itself.
Secure Your Customers' Data
Application Security is designed specifically to secure web assets in the cloud and within local
networks, protecting your customers’ data and your business.
Experience Faster Results
Deploy Security as Code into applications in only two minutes, with no additional code changes or rules to set up.
Improve Developer Productivity
Spend more time delighting your customers with a great application and less time on tedious maintenance caused by coding oversights and weaknesses in dependencies.
Our Services
AWS Security and Best Practice Assessment
Our team can conduct an AWS Security and Best Practice Assessment utilizing Trend Micro Cloud One™ – Conformity with analysis and improvement recommendations, using over 750+ cloud infrastructure configuration best practices.
Alternatively, you can subscribe to Trend Micro Cloud One™ – Conformity to continuously monitor, analyse and report on any security and compliance shortfalls identified.
Trend Micro
Cloud One™ Maintenance
With our expertise, experience and systems, we can provide you with the Managed Services and Service Level Agreement you need for your AWS workloads including console maintenance and monitoring, incident support, patch management, and more.
Trend Micro Cloud One™ – Conformity and Workload Security maintenance is performed by our specialist certified Trend Micro Security engineers.
What happens next?
Please get in touch if you’d like Silicon Overdrive to help you meet your cloud security needs with Trend Micro Cloud One™.
If you have any questions, please do not hesitate to reach out to Leon Jacobs at leon@overdrive.co.za or Ross Davie at ross@overdrive.co.za.
About Silicon Overdrive
Silicon Overdrive has significant experience and expertise in helping customers migrate, secure, optimise and manage their AWS infrastructure, as well as achieve and maintain security and compliance, including POPIA, GDPR, PCI DSS, ISO 27001, and HIPAA.
Silicon Overdrive has been awarded the AWS Public Sector Partner of the Year – SSA 2021 and AWS Consulting Partner of the Year – SSA 2020.
We are an AWS Advanced Consulting Partner, AWS DevOps Services Competency Partner, AWS Education Services Competency Partner, AWS Solution Provider Partner, AWS Public Sector Partner, and AWS Immersion Day Partner.
We are also an AWS Well-Architected Partner and an Amazon EC2 for Windows Server Delivery Partner.
Our AWS team has 100+ AWS certifications including, AWS DevOps Engineer Professional, AWS Solutions Architect Professional, Security Specialty, Machine Learning Specialty, and SysOps Administrator, Developer and Solutions Architect Associate certifications.
Board of Directors
Silicon Overdrive owes much of its leadership and vision to its Board of Directors.
Gareth Bowers
CEO
Charlton Daniels
Director of AWS
Ross Davie
Business Development Director
