cloud security icon
Public Cloud Security & Compliance
2nd Watch offers one of the most flexible, reliable and secure Managed Clouds in the market. Our comprehensive cloud security capabilities support almost any workload and adhere to all major regulatory and industry compliance frameworks. Powered by AWS, the features of our platform span all areas needed to secure your workload including Network Security, Access Control, Monitoring and Logging, Backup and Replication, and Data Encryption.
Shared Security Model
The workloads you run on AWS are secured via a shared model. While AWS delivers a strong security foundation of the underlying infrastructure and virtualization, you are responsible for protecting the applications and data in your cloud environment, which can be complex and involved. Third-party tools and services, like 2nd Watch Professional Services and Managed Cloud and Alert Logic ActiveWatch, can help you meet security, governance and compliance needs.
shared cloud security model icon
secure cloud compliance
Ensuring security, reliability, compliance and cost efficiency
2nd Watch offers a range of security defense tools and services that allow you to take full advantage of AWS’ security features to ensure your data is safe. We implement highly-secure access and managed firewalls, establish AWS Identity and Access Management (IAM) controls, leverage multi-factor authentication (MFA), implement private subnets through Virtual Private Cloud (VPC), provide patching, and encrypt data and much more for your workloads. Additional services for highly-compliant workloads are offered, such as intrusion detection, vulnerability scanning, and log management. 2nd Watch ensures that your systems and data on AWS are reliable, scalable and – most importantly – secure. 2nd Watch designs, deploys, and manages your workloads to take full advantage of AWS security services. By integrating third-party tools, like those from Alert Logic, 2nd Watch’s software-enabled-services increase the level of security for your workloads. 2nd Watch Managed Cloud is so secure that you can run workloads that are highly compliant—like HIPAA, SOC2, FEDRAMP, or PCI—on the public cloud.

SOC 2

SOC2 logo
2nd Watch publishes a Service Organization Controls 2 (SOC 2), Type II report. The SOC 2 report is an atation report that expands the evaluation of controls to the criteria set forth by the American Institute of Certified Public Accountants (AICPA) Trust Services Principles. These principles define leading practice controls relevant to security, availability, processing integrity, confidentiality, and privacy applicable to service organizations. The 2nd Watch SOC 2 is an evaluation of the design and operating effectiveness of controls that meet the criteria for the security, confidentiality, and availability principle set forth in the AICPA’s Trust Services Principles criteria. This report provides transparency into 2nd Watch’s security, confidentiality, and availability based on a defined industry standard and further demonstrates 2nd Watch’s commitment to securely managing customer environments. SOC 2 Compliance
  • Reports on controls at a service organization relevant to Security, Availability, Privacy, Confidentiality and Processing.
  • SOC 2 engagements use the predefined criteria in Trust Services Principles, Criteria and Illustrations, as well as the requirements and guidance in AT Section 101, At Engagements, of SSAEs and TSP 100
  • SOC 2 framework is a reporting option designed for entities such as data centers, IT managed services, software as a service (SaaS) vendors, and other technology and cloud computing based businesses.
  • A Type 2 report also includes the service auditor’s opinion on whether the controls were operating effectively and describes s of the controls performed by the service auditor to form that opinion and the results of those s.
Request a 2nd Watch SOC 2 Report

SOC 3

SOC2 logoAICPA’s Security Trust Principles included in the SOC 2 report, the assertion from 2nd Watch’s management regarding the effectiveness of controls, and an overview of 2nd Watch Managed Services.The difference between a SOC 2 report and a SOC 3 report is that a SOC 2 report contains a detailed description of the service auditor’s s of controls and results of those s as well as the auditor’s opinion on the description of the service organization’s system. A SOC 3 report provides only the auditor’s report on whether the system achieved the trust services criteria. There is no description of s and results or opinion on the description of the system. The SOC 3 report is a great resource for customers to validate that 2nd Watch has obtained external auditor assurance without going through the process of requesting a SOC 2 report.View the 2nd Watch SOC 3 report
Partnering for Increased Security
2nd Watch recommends these highlighted security vendors to meet the needs for your different workloads. Working in conjunction with 2nd Watch Managed Cloud, these services support your security posture and mitigate risk.
Alert Logic
Evident.IO
Alien Vault
Fortinet
Trend Micro
AlertLogic logo
Partnering for Increased Security
2nd watch recommends these highlighted security vendors to meet the needs for your different workloads. Working in conjunction with 2nd Watch Managed Cloud, these services support your security posture and mitigate risk.
2nd Watch partners with Alert Logic to help ensure your environment’s security. Our intrusion detection, vulnerability scanning, log management and web application firewall solutions run natively in AWS environments and take advantage of unique cloud capabilities like auto-scaling. Alert Logic may be provided as a part of our service:
  • Web Security Manager delivers inline protection of web applications from dangerous cyber threats such as SQL Injection and Cross Site Scripting, along with full coverage of OWASP Top Ten attacks. Using a combination of both positive and negative security models, Web Security Manager blocks malicious traffic while allowing legitimate traffic to pass unaffected. Designed and built for Amazon Web Services, Web Security Manager Auto Scales with protected cloud instances. Learn More.
  • Threat Manager is a network intrusion detection system (IDS) solution for Amazon EC2, providing 24×7 monitoring of threats that could compromise data or impact system availability. Learn More.
  • Log Manager delivers security monitoring of log data by collecting, parsing, analyzing and archiving data. Learn More.
Download Alert Logic’s Cloud Security Report to learn about the state of security across customer cloud and on-premises infrastructures, or read Forrester’s Total Economic Impact report for a rundown on The True Cost of Security: In-House vs Alert Logic.
Evident.io logo
Partnering for Increased Security
2nd watch recommends these highlighted security vendors to meet the needs for your different workloads. Working in conjunction with 2nd Watch Managed Cloud, these services support your security posture and mitigate risk.The Evident Security Platform (ESP) is a cloud-native infrastructure security solution providing full coverage of all AWS accounts, services and regions. ESP combines the detection and analysis of misconfigurations, vulnerabilities, and risk with guided remediation and audit capabilities to meet compliance requirements – all in one solution. ESP was designed specifically to help modern IT and DevOps teams implement and maintain security best practices within the AWS shared responsibility model. ESP provides IT and compliance teams with a continuous global view of security risk, actionable intelligence needed to rapidly remediate risks, and auditing functions that provide customers with a complete security audit for cloud infrastructure to assist with compliance reporting and forensic investigations. Try the Evident Security Platform free for 14 days.
Alien Vault logo
Partnering for Increased Security
2nd watch recommends these highlighted security vendors to meet the needs for your different workloads. Working in conjunction with 2nd Watch Managed Cloud, these services support your security posture and mitigate risk.Alien Vault’s Unified Security Manager (USM) for AWS platform detects the la threats targeting your network, for protection based on 5 essential principles of security – Asset Discovery, Behavior Monitoring, Vulnerability Assessment, Intrusion Detection, and SIEM – delivering complete security visibility. With threat detection, incident response, compliance management, and real-time updates, AlienVault delivers expert threat intelligence and identifies malicious hosts communicating with your system. The USM’s AWS-native security is purpose-built for the AWS shared responsibility model to ensure your AWS environment is secure.With AlienVault, you gain visibility into:
  • The state of your AWS infrastructure
  • Assets in your environment
  • Assets that are misconfigured or vulnerable to exploits
  • >Who is using your resources and how they are using them
  • Malicious activity targeting your environment
Learn more about AlientVault USM for AWS and start your free trial now
Fortinet logo
Partnering for Increased Security
2nd watch recommends these highlighted security vendors to meet the needs for your different workloads. Working in conjunction with 2nd Watch Managed Cloud, these services support your security posture and mitigate risk.Fortinet protects the most valuable assets of some of the largest enterprise, service provider and government organizations across the globe. The company offers a broad network security platform that includes network security and access, data center security, as well as application and end-point security and management tools to secure enterprise IT and to meet scalability, metering and time-to-market requirements. Fortinet provides cloud security while offering economies of scale with flexible Bring-Your-Own-License and metering billing options. Solutions include:
  • FortiGate – a VM firewall solution that includes content and network protection
  • FortiAnalyzer – securely aggregates log data/li>
  • FortiManager – a management solution that allows customers to centrally manage any number of Fortinet network security devices
  • Fortweb –a Web application firewall designed with added treat protection
Learn More
Trend Micro logo
Partnering for Increased Security
2nd watch recommends these highlighted security vendors to meet the needs for your different workloads. Working in conjunction with 2nd Watch Managed Cloud, these services support your security posture and mitigate risk.Trend Micro’s Deep Security platform delivers automated and highly scalable cloud security and integrates seamlessly with AWS workloads against threats, malware and vulnerabilities. The centrally-managed platform protects your enterprise applications and data from breaches and business disruptions and helps you simplify security operations.Simplify procurement, streamline management and speed PCI-DSS compliance with a single, comprehensive product to protect your AWS workloads. Deep Security defends your network against attack with intrusion detection and prevention, hardens your servers, and eases patch management with virtual patches for vulnerabilities and zero-day issues like Shellshock or Heartbleed. Deep Security also protects Windows and Linux workloads from malware, monitors unplanned or suspicious changes to your systems, stops SQL injection and XSS attacks on your applications, and identifies potential security events in system logs. Learn more and start your free trial today.
Managed Cloud logo
2nd Watch Managed Cloud Security
2nd Watch Managed Cloud security offers:
  • Identity & Access Management
  • Monitoring & Alarming
  • Application monitoring with New Relic
  • Infrastructure management monitoring & alarming
  • Workload monitoring & alarming
Optional Alert Logic ActiveWatch provides:
  • Combines technology, content, analytics and people to monitor infrastructure and provides vulnerability scanning
  • 24×7 threat detection
  • Monitored by experts in the Alert Logic Security Operations Center
  • Identifies potential problems and threats
Contact us to schedule a security review with one of our experts.