Category: Security

It is time for an update on our on-going effort to make AWS a great host for healthcare and life sciences applications. As you can see from our Health Customer Stories page, Philips, VergeHealth, and Cambia (to choose a few) trust AWS with Protected Health Information (PHI) and Personally Identifying Information (PII) as part of […]

Hot on the heels of some other great updates is another vital enhancement: the ability to use Patch Manager on Linux instances! We launched Patch Manager with SSM at re:Invent in 2016 and Linux support was a commonly requested feature. Starting today we can support patch manager in: Amazon Linux 2014.03 and later (2015.03 and […]

Are you aware of the Open Web Application Security Project (OWASP) and the work that they do to improve the security of web applications? Among many other things, they publish a list of the 10 most critical application security flaws, known as the OWASP Top 10. The release candidate for the 2017 version contains a […]

My colleague Eric Fitzgerald wrote the guest post below in order to show you how to use an AWS Lambda function to forward Amazon Inspector findings to your ticketing and workflow systems. At AWS Re:Invent 2015 we announced Amazon Inspector, our security vulnerability assessment service that helps customers test for security vulnerabilities early and often.  […]

AWS already supports the use of encrypted volumes and snapshots, with keys stored in and managed by . It also supports copying of EBS snapshots with other AWS accounts so that they can be used to create new volumes. Today we are joining these features to give you the ability to copy encrypted EBS snapshots […]

We want to make it as easy as possible for you to secure your AWS environment. Some of our more recent announcements in this area include encrypted EBS boot volumes, encryption at rest for Amazon Aurora, and support for across several different services. Today we are giving you some additional options for data stored in […]

In the early days of AWS, customers were happy to simply learn about the cloud and its benefits. As they started to learn more, the conversation shifted. It went from “what is the cloud” to “what kinds of security does the cloud offer” to “”how can I use the cloud” over the course of just […]

I am fascinated by things that are simple on the surface and complex underneath! For example, consider the popular padlock icon that is used to signify that traffic to and from a web site is encrypted: How does the browser know that it should display the green padlock? Well, that’s quite the story! It all […]

Ever since we launched AWS, customers have been curious about how they can use it to build and run applications that must meet many different types of regulatory requirements. For example, potential AWS users in the pharmaceutical, biotech, and medical device industries are subject to a set of guidelines and practices that are commonly known […]

I am happy to announce that AWS has achieved ISO 27017 certification. This new criteria builds upon the ISO 27002 standard, with additional controls specifically applicable to cloud service providers. AWS is the first cloud provider to obtain this certification, which is available now for download on our compliance site. Additionally, we’ve posted a Frequently […]