AWS Partner Network (APN) Blog

Category: Security

AWS-SaaS-Factory-1

Isolating SaaS Tenants with Dynamically Generated IAM Policies

Many SaaS organizations leverage AWS Identity and Access Management (IAM) to define a series of policies and roles that can be used to ensure tenants are not allowed to cross tenant boundaries when accessing resources. To make this work, you have to create separate policies for each tenant which can create an explosion of tenant policies that push the account limits of IAM. Learn how dynamic policy generation creates a more scalable and manageable isolation experience.

Read More
Aqua-AWS-Partners

Deploying DevSecOps on Amazon EKS with Aqua Security – Part 2

Aqua Security was built to redefine security and help you address the security skills gap in a rapidly evolving cloud-native landscape, automating security controls at the speed of DevOps. Unlike traditional security, cloud-native security cannot adopt a one-size-fits-all approach. It has to be seamlessly integrated with the existing processes, organizational culture as well as the technology. Learn how to implement a DevSecOps pipeline using AWS CodePipeline and Aqua Platform.

Read More

Easily Delegate Responsibilities Using AWS Permissions Boundaries and cloudtamer.io

Permissions boundaries allow admins to delegate permissions to users so they can create new AWS service roles without elevating their own permissions. This removes the need for admins to field requests for these role creations and promotes self-service for users. The ultimate goal is to remove blockers for enhanced productivity. Learn how to pair permissions boundaries with cloudtamer.io for increased automation and delegation.

Read More

Minimizing the PCI Compliance Burden Using Containerization, Microservices, and AWS

Leveraging cloud-based microservices is not a solution that works for everyone or every application, but it’s one more point in favor of transitioning legacy applications to microservices. If you’re already looking to re-architect, consider it an opportunity to spin out regulated data into separate containers. From there, it’s not much more effort to move those containers to AWS. Learn how AWS technologies can help organizations reduce their Payment Card Industry (PCI) compliance burden.

Read More
Okta-AWS-Partners

Implementing SAML AuthN for Amazon EMR Using Okta and Column-Level AuthZ with AWS Lake Formation

As organizations continue to build data lakes on AWS and adopt Amazon EMR, especially when consuming data at enterprise scale, it’s critical to govern your data lakes by establishing federated access and having fine-grained controls to access your data. Learn how to implement SAML-based authentication (AuthN) using Okta for Amazon EMR, querying data using Zeppelin notebooks, and applying column-level authorization (AuthZ) using AWS Lake Formation.

Read More
Aqua-AWS-Partners

Deploying DevSecOps on Amazon EKS with Aqua Security — Part 1

Customers running their microservices-based applications on Amazon EKS come to Aqua Security looking for guidance about architecting end-to-end CI/CD pipelines using DevSecOps principles. Sometimes called security as code, DevSecOps integrates security best practices into a DevOps pipeline instead of bolting them on at the end. Aqua Security has formulated a security portfolio that provides coverage throughout the application development lifecycle while also securing the underlying infrastructure.

Read More

How to Deploy a Rapid7 InsightVM Scan Engine for AWS Graviton2-Based EC2 Instances

With the recent launch of Amazon EC2 M6g instances, the new instances powered by AWS Graviton2 Arm-based processors deliver up to 40 percent better price and performance over the x86-based current generation M5 instances. At Rapid7, an AWS Security Competency Partner, thousands of customers use InsightVM scan engine to assess their EC2 instances for vulnerabilities. Learn how to deploy the InsightVM scan engine in an AWS Graviton2-based environment.

Read More
TCS-AWS-Partners

How TCS Cloud Exponence Monitors Security and Compliance Across AWS Accounts

The move to primarily cloud-based operations has pushed enterprises to prioritize digital security mechanisms and regulatory compliance controls to safeguard weaknesses and reduce effects of an attack. TCS Cloud Exponence is a multi-cloud operations solution with a focus on a range of critical security operations such as cloud perimeter monitoring, patch management, vulnerability assessment, compliance monitoring, alerting, and reporting.

Read More
Capgemini-AWS-Partners

Developing Payment Card Industry Compliant Solutions on AWS to Protect Customer Data

Financial institutions possess and process data that are very sensitive and have immense business value. In recent years, regulations like open banking and data residency law have forced organizations to be even more adaptive to frequent challenges to systems storing and processing the data. Explore how Capgemini developed an application to address this customer challenge and learn how the approach helped worldwide credit card provider comply with PCI DSS security standards.

Read More

Managing Red Hat Enterprise Linux Systems on AWS with Red Hat Insights

Red Hat Insights helps you manage Red Hat Enterprise Linux (RHEL) Systems on AWS by analyzing physical, virtual, container, and hybrid private and public cloud environments, comparing them to more than 1,000 rules. These rules identify potential threats that could lead to business disruptions. Insights scans your environments daily, summarizes any identified risks in its dashboard, and provides remediation steps for those risks.

Read More