Posted On: Jan 31, 2023

Amazon Web Services(AWS) today announced support for Credential Guard, a Windows Virtualization Based Security (VBS) feature. Credential guard uses VBS isolation to prevent the extraction of Windows login credentials from OS memory. When Credential Guard is turned on, login credentials cannot be used from another host or after a user has logged out. With the availability of this capability, enterprises running Windows Server, especially those that operate in regulated industries, no longer have to choose between meeting compliance requirements and being able to move to the cloud to innovate faster; they can get both on EC2.

Customers running Windows Server on Amazon EC2 can now turn on Credential Guard. When Windows is run on EC2, Credential Guard uses the Nitro system to protect Windows login credentials by enabling the creation of isolated environments to protect security assets.

Credential Guard is available in all AWS Regions, including the AWS GovCloud (US) Regions. For a list of all supported instance types, and to learn more about Credential Guard, see documentation.