Integrated security system on CI AWS

Abstract

Amazon Web Services (AWS) is one of the top three cloud computing services. A cloud platform may expand its capacity by adding servers as more users use it, and as it adds servers, it gains from economies of scale. So, providing them with more incredible features at lesser prices. According to Synergy Research Group research from April 2022, AWS's yearly growth has outpaced the total market growth for three straight quarters. With 33% of the market, Amazon is dominant, outpacing No. 2 Microsoft by 11%. [1] An article comparing web services between AWS and Azure, Google, can be found on the page of Suite Cloud Company Ltd., a company that brings together top experts in the fields of business administration consulting, deploying software solutions, and information technology applications to help optimize system management in Vietnam's enterprise resource and operations system. The author mentions AWS, which has an enormous toolkit constantly expanding exponentially and unparalleled capabilities. [2] Because AWS is the leading cloud computing service, it will be noticed by many hackers. In 2020, AWS was attacked, and it was an attack that shook the world's information security problem, damaging the economy and reputation of AWS in the world market. Given the importance and influence of AWS, our team has included it in the group's capstone. Use SonarCloud, Code Build, and OWASP ZAP to implement static and dynamic scan integration. In the Dev Portal work, the team designs the interface connects it to the pipeline flow, and then creates a repo to display the scan results. We've determined that both SAST and DAST will have to pass the rule, plus DAST needs to be able to scan functions automatically. This will help AWS detect attacks early and take measures to protect and improve the security of user information