Understanding the safety of your account should be your first priority. Below is a recommended checklist you can follow to improve the security of your AWS account. This is based on the offical AWS Answer () coupled with the latest security features released by AWS. (Guard Duty & Security Hub)

Identity and Access (IAM) Security Status

AWS provides a best practices checklist for IAM.

Keep your account details up to date

The My Account section in the AWS console is where you can:

• Update the contact details which AWS will use to contact you when there are Billing, Operational and Security notices.

• Define your secret questions so that AWS can validate your identity when you need to contact customer support for help.

• Setup the appropriate AWS support plan to suit the critically of your service.

Enable guard duty

Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts and workloads. This service it will automatically scan the following:

• VPC flow logs

• Cloud Trail

• DNS requests

If you are in an enterprise environment you may also wish to forward these in your SIEM tool (Security Information and Event Management tool).

Gain centralized visibility with Security Hub

AWS Security Hub gives you a comprehensive view of your high-priority security alerts and compliance status. It this does by:

• Running compliance checks: AWS Security provides customers with prepackaged compliance standards, such as the CIS AWS Foundations Benchmark.

• Finding ingestion events: AWS Security Hub ingests findings from various AWS services and from partner products.