Category: Security, Identity, & Compliance

Even the most technically astute organizations can find it challenging to conform to such requirements and do so efficiently. The Authority to Operate (ATO) on AWS partner program supports Amazon Web Services (AWS) customers overcome these hurdles by building a community of vetted, expert partners. While the ATO on AWS program was originally launched in the United States, it has begun supporting customers globally and we are excited to formally launch the program in Canada.

DevSecOps teams are responsible for providing enhanced infrastructure observability while ensuring they have the ability to respond to security events in a matter of minutes across the entire organization. To address this challenge, Sumo Logic and AWS collaborated to build a solution that provides end-to-end security and incident management (SIEM) across an enterprise using AWS Organizations. This SIEM solution is based on the AWS Security Reference Architecture.

Most applications require a form of identity service to manage, authenticate, and authorize users. In SaaS applications, multi-tenancy adds specific challenges to this task. To meet these needs, SaaS builders must consider integrating with an identity service provider. AWS services such as Amazon Cognito or AWS Partner services like Auth0 provide deep expertise in the field and allow you to focus on your SaaS application’s value proposition while relying on a secure, feature-rich identity provider.

Cloud security is the top priority at AWS and the security partner ecosystem plays a critical role in building and executing security capabilities. Learn how Infopercept is leveraging Shuffle, an open-source general purpose security automation platform that can be used for building security playbooks. The key elements of Shuffle are ease of integration with AWS services, as well as open source-like integration with Yara malware analysis.

Learn how you can securely migrate your data from an on-premises network file system (NFS) to Amazon S3 using AWS DataSync. We’ll also provide guidance on how Trend Micro Cloud One – File Storage Security can be implemented to perform malware scanning, as well as address compliance, needs such as PCI-DSS and HIPAA. Trend Micro is an AWS Security Competency Partner and global leader in cybersecurity, helping make the world safe for exchanging digital information.

Federation using SAML 2.0 enables customers to use their existing external IdP and avoid managing multiple sources of identities when accessing AWS accounts. This post builds on the recommendation of using regional SAML endpoints for failover by showing how you can configure Okta‘s federation with IAM to increase its availability. Learn how to configure Okta, an AWS Security Competency Partner, to utilize multiple regional AWS SAML sign-in endpoints that can be deployed at setup by the Okta admin.

From a single pane of glass in Komprise, you can gain visibility across your data silos, tag files with granular metadata to support easier search for precise data sets, and create intelligent policies to migrate infrequently used data to economical storage targets and/or leverage cloud-based AI/ML services. Walk through the process of using Komprise with Amazon Macie, a fully managed data security and data privacy service that uses machine learning and pattern matching to discover sensitive content such as PII.

Most SaaS solutions which undergo an AWS Foundational Technical Review (FTR) ingest, manage, and store sensitive data. The FTR is a review based on the AWS Well-Architected Framework and enables AWS Partners to identify and remediate risks in their solutions. Learn how to manage and secure sensitive data within their SaaS solutions with a focus on addressing requirements related to PII or PHI requirements in the Foundational Technical Review.

As you consider migrating to VMware Cloud on AWS or have already done so, you could have the requirement to protect web servers residing in a vSphere environment on the AWS global infrastructure. To provide one aspect of security for these workloads, you can leverage the AWS WAF, a web application firewall that helps protect your apps or APIs against common web exploits and bots. AWS WAF provides scanning of designated HTTP/HTTPS traffic to protect against various attacks.

It’s often required for a partner solution running on Amazon Web Services to access AWS accounts owned by their customers (third-party AWS accounts). This kind of access is known as cross-account access. In such scenarios, a cross-account AWS Identity and Access Management (IAM) role with external ID should be used. Explore the best practices for using external ID to avoid the confused deputy problem it is designed to solve.