Tag: Security

With the recent release of Amazon Elasticsearch Service integration with Amazon Cognito, you can now enable corporate users to access Amazon Elasticsearch Service with Kibana using your corporate directory credentials through identity federation. In this post, we share a step-by-step integration of Auth0 and Amazon Cognito. With Amazon Cognito User Pool, you can extend your directory so Auth0 users are able to log in to Kibana with the same security credentials.

The golden AMI pipeline addresses challenges faced by customer cloud teams. It describes a method for providing a repeatable, scalable, and approved application stack factory that increases innovation velocity, reduces effort, and increases the chief information security officer’s confidence that IT teams are compliant in their cloud deployments. In this post, we explored how to set up a golden AMI creation pipeline with a combination of AWS services, as well as the Qualys Scanner available on AWS Marketplace.

With the recent release of Amazon Elasticsearch Service integration with Amazon Cognito, you can now enable corporate users to access Amazon Elasticsearch Service with Kibana using your corporate directory credentials through identity federation. In this post, we share a step-by-step integration of Active Directory (AD) and Amazon Cognito. With Amazon Cognito User Pool, you can extend your directory so AD users are able to log in to Kibana with the same security credentials.

When you’re enabling external access to an Amazon EC2 instance or Amazon VPC, there’s a need to expose some sort of inbound path from the users to the application, usually over the internet. Zscaler has been working with customers to redefine secure access to applications either on-premises or as they move to AWS. In this post, we discuss how you can implement a Zero Trust approach for access to workloads and services hosted on AWS with the aid of Zscaler Private Access.

The Center for Internet Security (CIS) Benchmark on AWS Quick Start helps you to make securing and monitoring resources easier to implement and understand. The Quick Start was developed by Accenture, an APN Premier Partner and Managed Service Provider (MSP) with the AWS Security Competency. We also created a new video offering step-by-step best practice guidance on how to deploy the CIS Benchmark Quick Start and build foundational security capabilities into your account, in just 10 minutes.

The AWS Competency Program welcomed 39 new APN Partners in November—spanning workload, solution, and industry designations. The AWS Competency Program helps customers identify and choose the world’s top APN Partners that have demonstrated technical proficiency and proven customer success in specialized solution areas. Please join us in welcoming our newest AWS Competency Partners!

Take a look at the most popular APN Blog posts in 2018. Our goal with this blog is to share timely and relevant news, technical solutions, Partner success stories, and more from Amazon Web Services and the APN specifically. For AWS customers, you can trust that APN Partners are focused on your success, helping you take full advantage of the business benefits AWS has to offer. With their deep expertise, APN Partners are uniquely positioned to help your company at any stage of your Cloud Adoption Journey.

AWS Security Hub is a great way to get visibility into your security profile for all your AWS accounts. PagerDuty gives you the ability to display, triage, and investigate events within your organization. When used together, Security Hub and PagerDuty gives you the ability to have full visibility and response to the security events happening in your AWS accounts. I invite you to explore PagerDuty and Security Hub further and see what you can do to build out your own integrations.

Cyber-attacks are going to happen; vulnerabilities and exploits are going to be identified. Having a solid security-in-depth strategy, coupled with the right tools and people that understand how to respond, will put your company in stronger position to minimize exposure and risk. AWS has security-in-depth strategies for their global infrastructure that cover processes, people, and technology that protect the physical and foundational layers of their offering.

AWS Security Hub’s Custom Actions allow you to initiate responsive actions against findings selected through the console. Your workflow benefits from these defined actions, reducing the dwell time to investigate and remediate findings in Security Hub. We introduce the process of creating Custom Actions with two examples: (1) sending findings to email; and 2) sending findings to Slack. This post will help you understand the process to create your own Custom Actions for utilization in Security Operations playbooks.