Secure AWS and Custom Cloud Apps

Amazon Web Services is the leading infrastructure-as-a-service platform (IaaS). While AWS provides some native security & compliance functionality, such as admin transaction logging, there are gaps. Only Bitglass fills those gaps, combining Cloud Access Security Broker (CASB) with Cloud Security Posture Management (CSPM) to provide data protection and encryption, continuous monitoring and compliance, identity management, contextual access control, and cross-application user behavior analytics.


Bitglass on the AWS Marketplace

Bitglass’ solutions are now available on the AWS Marketplace along with content that can help you learn more about Bitglass. Check it out by clicking the link below.

Cloud Security Posture Management

Deploying AWS means that not only do you need to protect data and the applications accessing that data, but you must ensure that the underlying IaaS controls are configured for continuous security and compliance.


Bitglass combines its Next-Gen CASB architecture with a comprehensive CSPM platform to ensure comprehensive protection of all data and applications running on AWS.

Bitglass Cloud Security Posture Management

Encrypt or Tokenize Stored Data

Encrypt or Tokenize Stored Data

Among the top concerns for organizations adopting AWS is securing data-at-rest while making that data accessible to users when needed. Only Bitglass can effectively protect data lakes.  

  • Protect data in any storage format with full-strength 256-bit AES encryption or tokenization.
  • Define security levels to control which users can decrypt sensitive data.
  • Support for KMIP gives you control over your own encryption keys.

Data & Threat Protection on any Device

Data & Threat Protection on any Device

Cloud apps enable your users to be productive on any device anywhere, and your security solution needs to match. Bitglass’ Next-Gen multi-protocol proxies enable Zero-Day threat protection of your data on any device.


Bitglass’ Advanced Threat Protection (ATP) powered by CrowdStrike, Cylance and Bitdefender, blocks the spread of unknown and zero day attacks. Policies can be enforced in real-time on the proxy for uploads and downloads, or via API for data-at-rest in the cloud.

Contextual Control of Admin Users

Contextual Control of Admin Users

Privileged users with admin access to your AWS instance require contextual access control to ensure the highest level of security and compliance. Bitglass integrates IaaS with IAM and SSO while enforcing step-up multi-factor authentication and Role-Based-Access-Control that depends on the context of access.


  • Flexible identity integration options include Active Directory Sync, integration with leading IAM providers like Okta and Ping, and native identity management provided directly by Bitglass.
  • Step-up MFA for high-risk transactions.
  • Control access privileges depending on user, group, geo, IP, device type and more.

Webinar: IaaS Security

Join Bitglass and (ISC)² for a presentation on the various components of leading IaaS platforms and the tools to secure your deployment.

Enable AWS security

Learn more about how Bitglass can secure your use of AWS by downloading the brief below.