Trellix Helix Connect Extends Support for Amazon VPC Lattice

By Martha Vazquez · March 05, 2024

Empowering Organizations with Seamless Integration and Advanced Protection

In an increasingly interconnected digital landscape, cybersecurity has become a top priority for organizations of all sizes. The rapid adoption of cloud computing and the expansion of virtual private clouds (VPCs) have opened new frontiers for both businesses and cybercriminals.

As customers try to keep pace with dynamic attacks and ensure greater peace of mind, they are on the lookout for more centralized visibility and quick resolution of their security issues. Trellix is at the forefront of the revolution—pioneering a brand-new way to bring detection, response, and remediation together in a single living security solution. Trellix XDR platform seamlessly integrates with our broad portfolio of endpoint, email, network, cloud, and other security products. Providing industry-leading integrations with over 1000 data sources, we equip customers with intelligent threat sensing, analytics, and automated response.

In this dynamic environment, Trellix Helix Connect, product now extends its support for Amazon VPC Lattice, enhancing its capabilities to protect organizations' critical assets.

What is Amazon VPC Lattice?

Amazon VPC Lattice is an application networking service that consistently connects, monitors, and secures communications between services, helping to improve productivity so that developers can focus on building features that matter to their business.

Developers can define policies for network traffic management, access, and monitoring to connect compute services in a simplified and consistent way across instances, containers, and serverless applications.

Modern applications can consist of multiple small and modular services, which are often called microservices. While modernization has its advantages, it can also introduce networking complexities and challenges when you connect these microservices. For example, if the developers are spread across different teams, they might build and deploy microservices across multiple accounts or VPCs.

How can Amazon VPC Lattice and Trellix improve my security operations?

Mutual customers can leverage Trellix Helix Connect and integrate with the other thirteen AWS services to gain visibility rapidly by ingesting metadata from AWS. This data is then enriched with threat intelligence and evaluated with behavior analysis and machine learning to prioritize those alerts that are most actionable. Trellix Helix Connect provides content and rules against AWS data, helping security analysts understand the security event faster. Trellix Helix Connect, with Amazon VPC Lattice support, provides enhanced visibility and helps security teams identify vulnerabilities and threats in a complex multi-VPC environment. With improved visibility comes the ability to detect threats in real-time. Trellix leverages its advanced analytics and machine learning capabilities to identify suspicious activities across interconnected VPCs.

Trellix seamlessly brings in Amazon VPC lattice logs, allowing for smoother operations and streamline incident response. When a threat is detected, Trellix empowers security teams to respond quickly and effectively. Its automated response capabilities can isolate compromised resources, reducing the risk of further damage. In addition, with enhanced scalability from Trellix XDR, organizations can have a handful of VPCs or a vast network of interconnected environments, adapting to an organization’s requirements.

Amazon VPC Lattice streamlines the access provisioning process across different environments, underscoring the importance of robust auditing and monitoring capabilities. As access becomes more accessible through VPC Lattice, it becomes imperative to implement measures that enable clear tracking and understanding of access activities to uphold security and compliance standards. By integrating Trellix with Amazon VPC Lattice, organizations can confidently secure their cloud environments, ensure compliance, and prioritize their core missions without the persistent concern of cyber threats. This advancement in cybersecurity marks a significant shift for organizations aiming to safeguard their digital infrastructure amidst a progressively interconnected landscape.

To Get Started with Trellix and Amazon VPC Lattice:

Navigate to the Trellix Helix Cloud Connect portal:

1. Select Configure > Cloud Connect to open the Cloud Connect page.
2. Click Add Connection.
3. Locate the connection under Cloud Infrastructure
   
   
   
   

Installation Steps:

This integration will forward Amazon VPC Lattice logs from the designated bucket into Trellix Helix for audit and detection capabilities.

1. Ensure that the correct Helix instance. 
2. Log into your AWS account (https://console.aws.amazon.com).
3. Follow the steps listed (here) to forward Lattice logs to Amazon S3
4. Note the AWS region this bucket is in and the bucket name and record it.
5. Click Submit and Verify which will generate a AWS CloudFormation template for you.
6. Important! If there is an existing notification configuration on the bucket, the template will fail unless you set OverwriteExistingConfig to1. This will remove the existing configuration, so ensure that is acceptable first.

Want to learn more?

Start leveraging the speed and efficiency used between Trellix and AWS to respond to security issues today. Please reach out to AWS@Trellix.com to learn more or attend our latest workshop to get hands-on with Trellix Helix Connect today! Start a free trial today to see how Trellix and AWS work together, view our integrations and marketplace listings on the AWS Marketplace.