AWS Partner Network (APN) Blog

Category: Security, Identity, & Compliance

Authority to Operate on AWS-1

Authority to Operate on AWS Program Helps Public Sector Partners Accelerate Security and Compliance for Customers

Security and compliance are primary considerations for many AWS customers as they begin their cloud journey. Public sector customers, in particular, face obstacles and challenges using commercially available solutions that may not have an Authority to Operate (ATO). To help customers overcome these obstacles, the Authority to Operate on AWS program provides resources to solution providers who need assistance pursuing a compliance authorization.

Read More
Secrets Manager-1

Keeping the Security and Scalability of Serverless Apps Problem-Free with AWS Secrets Manager

AWS Secrets Manager helps you protect secrets needed to access your applications, services, and IT resources while enabling you to easily rotate, manage, and retrieve database credentials, API keys, and other secrets throughout their lifecycle. If you’re researching how to improve secrets management, it’s critical to curate the advice you find. The engineers at Stackery have spent lots of time doing just that and share several benefits for using AWS Secrets Manager to keep security and scalability problem-free down the line.

Read More

Extending On-Premises Cisco Cloud ACI Network Security Segmentation to AWS

Businesses need a network that can empower the data center to move workloads to the cloud. In most data centers, the diverse and disjointed visibility, as well as troubleshooting capabilities with no correlation across different environments, results in complex operational models. Cisco Cloud Application Centric Infrastructure (ACI) automates the management of end-to-end connectivity as well as the enforcement of consistent security policies for applications running in on-premises data centers and on AWS.

Read More
Sumo Logic_AWS Solutions

Enabling Seamless Security and Compliance with Sumo Logic and AWS Security Hub

AWS Security Hub gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. The service also aggregates security events—called findings—from specific AWS security services while supporting third-party finding providers such as Sumo Logic. Learn how Sumo Logic’s integration with AWS Security Hub works and how to leverage it to address your goals.

Read More

Enabling Digital Transformation with Secure Team Collaboration from Symphony

Symphony was built by a consortium of 15 leading global financial institutions to solve the critical issue of how to collaborate while remaining secure and compliant. This initial goal has lead Symphony to develop a platform that’s changing the way companies do business in critical industries like financial services. Its open APIs, integrations, bots, and workflows are helping to create a more democratic ecosystem for innovation, within and beyond financial services.

Read More
Cloud Management Tools-1

Control Access to Your Data with Slack Enterprise Key Management and AWS KMS

Slack has become a vital tool for collaboration for teams and companies around the world, and we are excited about the launch of Slack Enterprise Key Management (EKM). By integrating with AWS Key Management Service (KMS) in a customer’s AWS account, Slack EKM gives you tighter control over access to data that is stored in Slack. With Slack EKM, you can create a Customer Master Key that always stays under your control. Then, using key policies, you grant Slack access to use your CMK to generate and decrypt data keys.

Read More
Elasticsearch Service

Use Amazon Elasticsearch Service with Kibana for Identity Federation – Auth0

With the recent release of Amazon Elasticsearch Service integration with Amazon Cognito, you can now enable corporate users to access Amazon Elasticsearch Service with Kibana using your corporate directory credentials through identity federation. In this post, we share a step-by-step integration of Auth0 and Amazon Cognito. With Amazon Cognito User Pool, you can extend your directory so Auth0 users are able to log in to Kibana with the same security credentials.

Read More
AWS Security

Creating a Golden AMI Pipeline Integrated with Qualys for Vulnerability Assessments

The golden AMI pipeline addresses challenges faced by customer cloud teams. It describes a method for providing a repeatable, scalable, and approved application stack factory that increases innovation velocity, reduces effort, and increases the chief information security officer’s confidence that IT teams are compliant in their cloud deployments. In this post, we explored how to set up a golden AMI creation pipeline with a combination of AWS services, as well as the Qualys Scanner available on AWS Marketplace.

Read More
Elasticsearch Service

Using Amazon Elasticsearch Service with Kibana for Identity Federation – Active Directory

With the recent release of Amazon Elasticsearch Service integration with Amazon Cognito, you can now enable corporate users to access Amazon Elasticsearch Service with Kibana using your corporate directory credentials through identity federation. In this post, we share a step-by-step integration of Active Directory (AD) and Amazon Cognito. With Amazon Cognito User Pool, you can extend your directory so AD users are able to log in to Kibana with the same security credentials.

Read More

How to Securely Access Amazon Virtual Private Clouds Using Zscaler Private Access

When you’re enabling external access to an Amazon EC2 instance or Amazon VPC, there’s a need to expose some sort of inbound path from the users to the application, usually over the internet. Zscaler has been working with customers to redefine secure access to applications either on-premises or as they move to AWS. In this post, we discuss how you can implement a Zero Trust approach for access to workloads and services hosted on AWS with the aid of Zscaler Private Access.

Read More