Category: Security

Security is something keeping many IT leaders up at night in this new normal. As companies build their long-term digital workplace strategies, looking at Zero Trust and what that means from a user perspective is key. In this post, we’ll define Zero Trust, highlight solutions that are key to delivering trust at the user level, and showcase AWS Competency Partners that offer these solutions to customers.

A Managed Security Service Provider (MSSP) can integrate, join forces with, and work alongside in-house security teams, or provide full outsourcing for AWS security operations. To help customers looking for support from MSSPs, we created a new baseline standard of quality called Level 1 Managed Security Services. The new AWS Level 1 MSSP Competency designation features AWS Partners that have had their technical and operational capabilities successfully validated against this baseline.

The Center for Internet Security (CIS) is responsible for the CIS Controls and CIS Benchmarks, which are globally recognized best practices for securing IT systems and data. The implementation of these can help harden systems through various means, whether it be disabling unnecessary ports or eliminating unneeded services. Purchasing a pre-hardened image is a great option, especially since you are ensured compliance with the CIS Benchmark, and deploying it would not require much maintenance on your end.

Learn how TalaTek uses Amazon CloudWatch as an alternative to traditional SIEM solutions with the same functionality. CloudWatch gives TalaTek system-wide visibility, allowing them to monitor their AWS-based SaaS solution, the TalaTek Intelligent Governance and Risk Integrated Solution (TiGRIS). CloudWatch helps TalaTek keep TiGRIS running efficiently while allowing us to meet FedRAMP logging requirements.

From pre-seed to IPO, the world’s most innovative startups build on AWS. This month, we’re excited to show our support through the next AWS Startup Showcase, a virtual AWS Loft-style event we’re hosting in partnership with theCUBE. The event is geared towards an audience of business decision makers, developers, and IT professionals. It features some of the most innovative companies from the APN Global Startup Program showcasing their latest offerings and innovations in AI, security, and life sciences.

Learn how Q2, a financial experience company that provides digital banking and lending solutions, worked with AWS ISV Partner ALTR, a provider of data security as a service that runs exclusively on AWS, to launch a PCI DSS-compliant application in a fraction of the time it normally takes to achieve certification. Q2’s Biller Direct application provides a centralized payment environment where users can enroll, manage their bills, and view projected spend.

Dive deep on AWS Identity and Access Management (IAM) permissions and how the principle of least privilege can be best achieved when using AWS CloudFormation, and more specifically CloudFormation Modules, to provision resources on AWS. CloudFormation Modules are a way to package resource configurations for inclusion across stack templates, in a transparent, manageable, and repeatable way.

AWS Identity and Access Management (IAM)‘s 10th anniversary continues with Part 2 of our blog series. Writing an IAM policy can be tricky, but don’t feel overwhelmed. Learn how the IAM visual editor helps you create policies by providing helpful documentation and the correct syntax. You’ll also learn why you should use federation due to the short-term credentials made possible by IAM roles. More tips like these can be found throughout our 4-part blog series.

This year marks the 10th anniversary of AWS Identity and Access Management (IAM), which is essential in securing your applications and your AWS environment as a whole. To help you get the most out of this critical AWS service, we are excited to share a blog series featuring top recommendations for using IAM from AWS Heroes and APN Ambassadors, who will share recommendations which are driven from personal experiences using a service that’s foundational for the security of AWS customers.

An often-overlooked aspect of migration is the configuration checks on the underlying cloud infrastructure. In order to make sure the foundational infrastructure is safe, secure and compliant, there’s a need to validate the cloud configuration early in the migration cycle. Infosys has developed an innovative automation solution that addresses the need for secure configuration reviews, while ensuring agility and reliability through the migration journey.