We see open source as a strength. It's no secret that part of our offerings is open source, written by us or other reputable developers. For instance, here's the new version of our serverless log aggregation system:

https://github.com/OpenSecOps-Org/Foundation-control-tower-log-aggregator

The log aggregator is part of OpenSecOps Foundation and will massage your AWS log files to cut your log file storage costs in half, amongst other things. 

Suppose you use it with our open-source multi-account log aggregator, (https://github.com/OpenSecOps-Org/Foundation-CloudWatch2S3). In that case, you have a complete solution for automatically collecting CloudWatch logs from all accounts in an AWS organization and storing them centrally in a consistent format and structure along with all system logs. 

Best of all, it costs you absolutely nothing.

You'll find all our open-source offerings here.

Why do we do this? Because we like to get the initial complexities out of the way so we can assist our clients with the architecture that really matters. Thus, OpenSecOps Foundation has no license fee; we only charge for the time it takes us to install it. Now that's a value proposition you might want to consider.

P.S.: Apart from our open source, you'll like our proprietary security aspects too, which include fully text-based configuration and a battle-tested system to prevent any escalation of privileges, amongst other things. Full details here.

Yesterday, AWS added 85 new security controls to AWS Security Hub in the form of a new security standard, the AWS Resource Tagging Standard, used to identify if any of your AWS Resources are missing tag keys required by your organisation.

This brings the number of security controls to 386.

Best of all, if you're using software built on Security Hub, such as OpenSecOps SOAR, these 85 new controls are supported out of the box. In OpenSecOps SOAR's case, this means you can set any tag requirement and be sure your teams will be ticketed and instructed to add the appropriate tag in every single case. With SLAs and escalation.

It also means you don't have to write any additional automation to ensure your infrastructure is tag compliant. It just works.

Nice. 

The announcement from AWS is here.