AWS News Blog

Category: Security, Identity, & Compliance

New – Cloud NGFW for AWS

In 2018 I wrote about AWS Firewall Manager (Central Management for Your Web Application Portfolio) and showed you how you could host multiple applications, perhaps spanning multiple AWS accounts and regions, while maintaining centralized control over your organization’s security settings and profile. In the same way that Amazon Relational Database Service (RDS) supports multiple database […]

Read More

New – Additional Checksum Algorithms for Amazon S3

Amazon Simple Storage Service (Amazon S3) is designed to provide 99.999999999% (11 9s) of durability for your objects and for the metadata associated with your objects. You can rest assured that S3 stores exactly what you PUT, and returns exactly what is stored when you GET. In order to make sure that the object is […]

Read More

New for Amazon CodeGuru Reviewer – Detector Library and Security Detectors for Log-Injection Flaws

Amazon CodeGuru Reviewer is a developer tool that detects security vulnerabilities in your code and provides intelligent recommendations to improve code quality. For example, CodeGuru Reviewer introduced Security Detectors for Java and Python code to identify security risks from the top ten Open Web Application Security Project (OWASP) categories and follow security best practices for AWS […]

Read More

Amazon GuardDuty Enhances Detection of EC2 Instance Credential Exfiltration

[This blog post was updated on Jan. 23rd to show how to use imdsv2 instead of imdsv1] Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon Simple Storage Service (Amazon S3). Informed by a multitude of public […]

Read More

New – Amazon VPC Network Access Analyzer

If you are a member of your organization’s networking, cloud operations, or security teams, you are going to love this new feature. The new Amazon VPC Network Access Analyzer helps you identify network configurations that lead to unintended network access. As you will see in a moment, it will point out ways that you can […]

Read More

AWS Shield Advanced Update – Automatic Application Layer DDoS Mitigation

In 2016, we launched AWS Shield, a managed Distributed Denial of Service (DDoS) protection service that safeguards applications running on AWS. AWS Shield provides always-on detection and automatic inline mitigations that minimize application downtime and latency without needing to contact AWS Support. There are two tiers of AWS Shield: Standard and Advanced. All AWS customers […]

Read More

New – Simplify Access Management for Data Stored in Amazon S3

Today, we are introducing a couple new features that simplify access management for data stored in Amazon Simple Storage Service (Amazon S3). First, we are introducing a new Amazon S3 Object Ownership setting that lets you disable access control lists (ACLs) to simplify access management for data stored in Amazon S3. Second, the Amazon S3 […]

Read More
Console screenshot.

New for AWS Control Tower – Region Deny and Guardrails to Help You Meet Data Residency Requirements

Many customers, such as those in highly regulated industries and the public sector, want to have control over where their data is stored and processed. AWS already offers many tools and features to comply with local laws and regulations, but we want to provide a simplified way to translate data residency requirements into controls that […]

Read More