The included artifacts are sample overlays for AWS services.
TIC overlays are intended to align TIC security capabilities, described in the TIC 3.0 Security Capabilities Catalog (Security Capabilities Catalog), with available vendor products, services, and applications.
AWS will continue to update this repo with new overlays and as new AWS services and features are released:
- This XLS file includes a mapping of TIC-3 Security workbook requirements and PEP controls to AWS services and also overlays them against NIST CSF, NIST 800-53r4 and NIST 800-53r5
- This overlay demonstrates how TIC security capabilities are achieved in the case of an N-tier (typically a 3-tier) web application.
- This overlay demonstrates how TIC security capabilities are achieved in the case of a Remote/Virtual Desktop environment.
- This overlay demonstrates how TIC security capabilities are achieved for Hybrid/Edge computing.
- This overlay demonstrates how TIC security capabilities are achieved in the case of a containerized or abstracted (serverless) services.
- This overlay demonstrates how TIC security capabilities are achieved for centralized inspection.
See CONTRIBUTING for more information.
The documentation is made available under the Creative Commons Attribution-ShareAlike 4.0 International License. See the LICENSE file.
The sample code within this documentation is made available under the MIT-0 license. See the LICENSE-SAMPLECODE file.