Pump Secure

Apart from saving money with Pump Save, we also offer customers the opportunity to secure their infrastructure by identifying and addressing critical issues in their AWS Environment! Below is some information about Pump Secure at a high level, and a step-by-step guide to self-service!

What is Pump Secure? Pump Secure is a free feature that allows our customers to run a scan on AWS accounts infrastructure. This scan runs hundreds of security checks based on AWS Well Architected Framework in a matter of minutes to identify critical issues.

Within 5 or so minutes, customers can see the critical issues they pass and fail ensuring the safety and integrity of their AWS infrastructure. This allows customers to build secure, high-performing, resilient, and efficient infrastructure for a variety of applications and workloads. Built around six pillars (coined by AWS)—operational excellence, security, reliability, performance efficiency, cost optimization, and sustainability.

At a high level, here's how Pump Secure works:

Step One: Create a Read-Only Permissions Cloud Formation Stack (this does NOT allow us to make infrastructure changes).

Step Two: Run the 5 minute infrastructure scan for an AWS account.

Step Three: Receive a list of hundreds of generated tests that let you know if you passed or failed that security check based on a given resource.

Step Four: Fix 45% of critical issues, and run the 5 minute scan again.

Some Frequently Asked Questions:

-> How much does it cost me? It is totally and completely free. It does take some time (5 to 10 minutes for running the scan of the infrastructure, and fixing the critical issues, and running the scan a second time.)

-> How does Pump benefit from Pump Secure? When you join Pump, we get billed from AWS on your behalf. Therefore, we want to secure our AWS organization and lower our risk.

Step by Step Guide to Using Pump Secure:

Step One: Make sure you are logged in, and go to Pump Secure. This can be found by going here: https://app.pump.co/security

Step Two: Click Authorize. Press the green 'Authorize' button.

Step Three: Click Authorize. Press the green 'Authorize' button.

Step Four: Create Cloud Stack Formation. Just like you gave permissions to Pump for read-only and autopilot when you onboarded with Pump, this is another set of permissions we are asking so we can run a series of checks based on AWS Well Architected Framework. Once the stack is complete, go back to https://app.pump.co/security.

If you are curious what permissions we use, this information can be found here: https://pump-public-readonly.s3.us-west-2.amazonaws.com/pump-secure.json.

Step Five: Click Scan. Once the Cloud Stack Formation is created, after 1-2 minutes, you can run the scan for Pump Secure.

Step Six: Wait 5-10 minutes. It may take a few minutes for the scan to finish. Once the scan is run, you should be able to refresh and see a series of tests, and whether the tests passed or failed. This is an example of how your Pump Secure dashboard should look:

Step Seven: Fix 45% of Critical Issues. Filter by critical issues and solve 45% of issues. For example, you will notice that the above account has just under 150 critical issues. In this example, you will see that ~68 critical issues would need to be resolved.

Step Eight: Complete Scan + Run a Second Scan. Once you remediate the ~68 issues, you will then click 'Scan' again.

We hope you enjoy using Pump Secure! If you have any other questions, please reach out to us at support@pump.co, and we will get back to you in a timely manner!