Use cases

Phishing

Automate the handling of phishing incidents and response.

Ransomware

Automated playbooks to circumvent incoming attacks at machine speed.

User life cycle management

Automate users’ on and offboarding. Orchestrate the monitoring of suspicious activities.

Threat Intelligence

Enable continuous updates and data sharing from worldwide intelligence feeds.

Threat Hunting

Gather resources spread across your company to decipher previously unknown threats.

Incident triage

Build automated workflows to depart false positives and duplications from real threats.

Endpoint Protection

Automate and Orchestrate the detection and remediation of incidents on your devices.

Threat Detection

Decipher threats running in your organization by mapping abnormal activities.

Forensic investigation

Alleviate the work of forensics with streamlined resources.

Cloud Security

Maintain constant monitoring of your cloud configuration to reduce risks of misconfiguration.
Integrations

Cybersecurity

Put your cybersecurity stack on steroids

Threat Intelligence

SIEM

Network & Firewalls

EDR

Vulnerability Management

Connect your cybersecurity ecosystem

IT & Business

Break silos in your modern IT stack

Ticketing

Communication

IAM

Cloud

Miscellaneous

Explore the paradigm of fusion

Featured Integrations

We cover your entire environment

Jira

Okta

Splunk

Sentinel One

Slack

CyberReason

Discover our 200+ integrations
ITOps
SecOps
CloudOps
Company
- Partners
- Hiring
- Security
Blog

Use cases

Phishing

Automate the handling of phishing incidents and response.

Ransomware

Automated playbooks to circumvent incoming attacks at machine speed.

User life cycle management

Automate users’ on and offboarding. Orchestrate the monitoring of suspicious activities.

Threat Intelligence

Enable continuous updates and data sharing from worldwide intelligence feeds.

Threat Hunting

Gather resources spread across your company to decipher previously unknown threats.

Incident triage

Build automated workflows to depart false positives and duplications from real threats.

Endpoint Protection

Automate and Orchestrate the detection and remediation of incidents on your devices.

Threat Detection

Decipher threats running in your organization by mapping abnormal activities.

Forensic investigation

Alleviate the work of forensics with streamlined resources.

Cloud Security

Maintain constant monitoring of your cloud configuration to reduce risks of misconfiguration.
Integrations

Cybersecurity

Put your cybersecurity stack on steroids

Threat Intelligence

SIEM

Network & Firewalls

EDR

Vulnerability Management

Connect your cybersecurity ecosystem

IT & Business

Break silos in your modern IT stack

Ticketing

Communication

IAM

Cloud

Miscellaneous

Explore the paradigm of fusion

Featured Integrations

We cover your entire environment

Jira

Okta

Splunk

Sentinel One

Slack

CyberReason

Discover our 200+ integrations
ITOps
SecOps
CloudOps
Company
- Partners
- Hiring
- Security
Blog

AWS IAM

Vendor

Overview

AWS IAM and Mindflow have partnered to enable users to automate their incident management and better protect their information systems.

AWS IAM Overview

AWS Identity and Access Management (AWS IAM) is a service that helps you to control access to your AWS resources. Control who is authenticated and authorized to use resources.

First-time access leads you to create an AWS account root user identity with an email address and password. You’ll use it to sign in to AWS. You can sign in to the AWS Management Console using this root user identity. When you use your root user credentials, you have complete and unrestricted access to all resources in your AWS account.

The “identity” aspect of AWS IAM helps you with the question “Who is that user?” (authentication). Instead of sharing your root user credentials with others, you can create individual IAM users within your account that correspond to users in your organization.

IAM users are not separate accounts; they are users within your account. Each user can have their own password for access to the AWS Management Console.

The access management (authorization) portion of AWS Identity and Access Management (IAM) helps you define what a principal entity is allowed to do in an account. A principal entity is a person or application that is authenticated using an IAM entity (user or role).

You manage access in AWS by creating policies (to define permissions) and attaching them to IAM identities (users, groups of users, or roles) or AWS resources. AWS evaluates these policies when a principal uses an IAM entity (user or role) to make a request. Permissions in the policies determine whether the request is allowed or denied.

Attribute-based access control (ABAC) is an authorization strategy that defines permissions based on attributes. In AWS, these attributes are called tags. You can attach tags to IAM resources, including IAM entities (users or roles) and to AWS resources. You can create a single ABAC policy or a small set of policies for your IAM principals.

These ABAC policies can be designed to allow operations when the principal’s tag matches the resource tag. ABAC is helpful in environments that are growing rapidly and helps with situations where policy management becomes cumbersome.

Benefits

Use roles to delegate permissions to receive a temporary credentials role session
Grant least privilege: Determine what users (and roles) need to do and then craft policies to allow them to perform only those tasks
Use permissions with AWS IAM managed policies to cover common use cases
Use access levels to review AWS IAM permissions: Make sure that your policies grant the least privilege that is needed to perform only the necessary actions
Configure a custom password policy that requires your users to create a custom password policy and optionally enforce them to rotate their passwords periodically.
Enable MFA
Configure the program to retrieve temporary security credentials using an IAM role and not share access keys.
Find unused passwords or access keys using the console, using the CLI or API, or by downloading the credentials report
Write conditions to specify a range of allowable IP addresses that a request must come from
Use logging features in AWS to determine the actions users have taken in your account and the resources that were used