AWS News Blog

Category: Security

AWS CloudHSM – Secure Key Storage and Cryptographic Operations

Back in the early days of AWS, I would often receive questions that boiled down to “This sounds really interesting, but what about security?” We created the AWS Security & Compliance Center to publish information about the various reports, certifications, and independent attestations that we’ve earned and to provide you with additional information about the […]

Read More

The AWS CISO on AWS Security

As you can tell by looking at the AWS Security and Compliance Center, we take security seriously. You can find information about our certifications and accreditations in the center, along with links to four security white papers. I would also like to recommend a new AWS video to you. In the video, AWS VP and […]

Read More

Updated AWS Security White Paper; New Risk and Compliance White Paper

We have updated the AWS Security White Paper and we’ve created a new Risk and Compliance White Paper.  Both are available now. The AWS Security White Paper describes our physical and operational security principles and practices. It includes a description of the shared responsibility model, a summary of our control environment, a review of secure […]

Read More

AWS Achieves PCI DSS 2.0 Validated Service Provider Status

If your application needs to process, store, or transmit credit card data, you are probably familiar with the Payment Card Industry Data Security Standard, otherwise known as PCI DSS. This standard specifies best practices and security controls needed to keep credit card data safe and secure during transit, processing, and storage. Among other things, it […]

Read More

Security, compliance, and governance in the cloud with AWS and Freedom OSS

Freedom OSS, one of our solutions integrators, specializes in helping enterprise customers and Federal agencies build and deploy secure, compliant applications on AWS. On Tuesday 16 November, AWS and Freedom OSS are joining forces in a half-day event in Chicago. Presenters include: Werner Vogels, Amazon Web Services CTO Max Yankelevich, Freedom OSS Chief Cloud Architect […]

Read More

Getting Secure *In* the Cloud: Hosted Two-factor Authentication

One of the aspects that attracted me to come work at AWS was my sense that the cloud is becoming a logical place in which to build security solutions. Now, two of my favorite notions — deploying security into the cloud and accelerating the adoption of multi-factor authentication — have come together with DS3 CloudAS, […]

Read More

Updated: AWS Security Whitepaper

Good news for all those interested in security…we’ve released the fourth version of our Overview of Security Processes whitepaper. It contains ten pages of new and additional detailed information. Highlights of new content include: A description of the AWS control environment A list of our SAS-70 Type II Control Objectives Some discussion of risk management […]

Read More

What’s New in AWS Security: Vulnerability Reporting and Penetration Testing

Security is a top priority for Amazon Web Services. Providing a trustworthy infrastructure for you to develop and deploy applications is a responsibility we take very seriously. One important aspect of gaining your trust is being open and transparent about our security processes and continually working toward achieving industry-recognized certifications. Other important aspects include providing […]

Read More