Category: Security, Identity, & Compliance

AWS provides a rich set of tools and capabilities for managing access to cloud architectures including AWS IAM Identity Center, which makes it easy to manage access across your entire organization. Learn how AWS customers can leverage Okta Access Requests and AWS IAM Identity Center to provide just-in-time access to cloud resources. Granting just-in-time access to developers for a limited time based on approval is an effective way to limit the active time frame for assignments to your AWS resources.

As organizations continue to build and migrate more of their applications in the cloud, ensuring websites and applications are protected from external threats has become a top concern for businesses of all shapes and sizes. We’re excited to announce the AWS WAF Ready specialization to help customers deploy and maintain their application layer security solution with AWS WAF Ready Partner software products.

Many organizations decide to implement AWS Control Tower because it provides an easy way to set up and govern a secure, multi-account AWS environment called a landing zone. Mphasis Stelligent offers an AWS Control Tower-based landing zone quick start with modules for automating account access, observability, security suite enablement, deploying industry-specific guardrails, and multi-account networking. Once implemented, companies can provision secure accounts fully baselined for utilization in less than an hour.

To ensure cloud infrastructure is compliant with organizational policies and regulatory requirements, many platform engineering teams are embedding the policy-as-code practice into their DevSecOps toolchain. Learn how to use Pulumi and its CrossGuard policy-as-code feature to ensure your infrastructure is compliant before it’s ever provisioned in AWS. We’ll also demonstrate how to define custom policies in Python, and how to create a reusable package of policies by storing them in AWS CodeArtifact.

AWS and BMC Software present a best practice-based approach to secure mainframe data from ransomware attacks or any other source of logical data corruption. Leveraging the scale, performance, and innovation of AWS allows mainframe customers to achieve cyber resiliency faster and more efficiently than with an on-premises solution. Learn how BMC AMI Cloud Vault takes advantage of Amazon S3 to create multiple copies of mainframe data and inherently ensure all copies are protected.

To help customers deal with cybersecurity challenges, AWS provides capability for aggregated and unified alerting—with a large array of technologies to monitor and control cloud-based application stacks and hosted data. Making intelligent use of this information—to end the opportunity of cyber threat—is the role of the Arctic Wolf Security Operations Cloud. Learn how it provides holistic visibility with data correlation and analytics, assuring detection and response of cyber threats.

An integral component to most serverless architectures is AWS Lambda, the compute service that lets you run code for virtually any type of application without provisioning or managing servers. Fastly has extended its Next-Gen WAF to Lambda functions, supporting customers looking to embed additional layers of security into their serverless workloads. Fastly’s Next-Gen WAF supports numerous other deployment scenarios including virtual machines, containers, and web servers.

The HashiCorp Terraform AWS provider has surpassed more than one billion downloads, and every single Terraform apply starts with a provider credentials setup. The new dynamic provider credentials feature offers the ability to generate dynamic, short-lived credentials for Terraform Cloud runs using OIDC. This feature is now available for all Terraform Cloud tiers. Terraform Cloud is HashiCorp’s managed service offering and eliminates the heavy lifting for practitioners, teams, and organizations to use Terraform in production.

Organizations have a requirement to implement data governance due to the presence of personally identifiable information. The process of sharing and operationalizing data movement becomes an involved task, as it must encompass data governance, data security, and include audit capabilities. Learn about a modern process LTIMindtree has introduced for data transfer using AWS Step Functions and for sharing transformed data to another account regardless of regional location.

Metal Toad has been working with major entertainment brands for decades, including keeping some of the highest-profile media sites live under unique traffic conditions. Keeping these sites up and running is one of Metal Toad’s superpowers, but the AWS Digital Customer Experience Competency Partner couldn’t do it without the tools provided by AWS. Explore some of the strategies Metal Toad deployed to protect a customer’s site during an event where failure was not an option.