Terminologies

• ABI : AWS Built-In (ABI).
• ABI modules : The GitHub repositories based on AWS Security Reference Architecture (AWS SRA). Modules provide templates for enabling AWS foundational services such as AWS CloudTrail, Amazon GuardDuty, AWS Security Hub, etc.
• ABI solutions : The GitHub repositories built by partners in collaboration with AWS. While building these solution, partners use ABI modules to enable AWS services as needed before creating partner-specific assets. The solution contains (1) Infrastructure as Code (IaC) templates to automate enablement of both AWS and partner services, and (2) wrappers for most common formats such as CfCT manifest, AWS Service Catalog baselines, and more, so customers can pick and choose from the available services.
• CrowdStrike API client: CrowdStrike Falcon API client authentication credentials for interaction with CrowdStike APIs via OAuth 2.0 token. Includes an API client ID and API client secret.
• CrowdStrike event bus: The AWS event bus in CrowdStrike’s environment for receiving events from EKS clusters and providing runtime protection data to CrowdStrike.
• ECR Registry Connections: Integration that enables CrowdStrike to assess container images stored in Amazon Elastic Container Registry (ECR) for vulnerabilities and malware.
• EKS Protection: Runtime security monitoring for Amazon Elastic Kubernetes Service clusters that detects suspicious activities and provides visibility into containerized workloads.
• SSM Distributor: Install the Falcon sensor on instances across your AWS accounts using AWS SSM State Manager Associations.

Next: Choose Cost and licenses.