Amazon Inspector and common assessment templates
Network security components (for example, security groups, network ACLs, routing, AWS Network Firewall, AWS WAF, AWS Shield)
Application storage patterns (for example, Amazon Elastic File System [Amazon EFS], Amazon S3, Amazon Elastic Block Store [Amazon EBS])
Configuring deployment agents (for example, CodeDeploy agent)
AWS metrics and logging services (for example, CloudWatch, X-Ray)
Encrypting data in transit and data at rest (for example, AWS KMS, AWS CloudHSM, ACM)
Configuring load balancing to support cross-AZ services
Configuring alerting based on unexpected or anomalous security events
Automating the configuration of software applications to the desired state (for example, OpsWorks, Systems Manager State Manager)
Identifying and implementing appropriate auto scaling, load balancing, and caching solutions
Integrating AWS event sources (for example, AWS Health, EventBridge, CloudTrail)
Collecting custom metrics (for example, using the CloudWatch agent)
Automating system inventory, configuration, and patch management (for example, Systems Manager, AWS Config)
Automating the application of security controls in multi-account and multi-Region environments (for example, Security Hub, Organizations, AWS Control Tower, Systems Manager)
Configuring S3 events to process log files (for example, by using Lambda) and deliver log files to another destination (for example, OpenSearch Service, CloudWatch Logs)