AWS DevOps & Developer Productivity Blog
Category: Security, Identity, & Compliance
Enabling DevSecOps with Amazon CodeCatalyst
DevSecOps is the practice of integrating security testing at every stage of the software development process. Amazon CodeCatalyst includes tools that encourage collaboration between developers, security specialists, and operations teams to build software that is both efficient and secure. DevSecOps brings cultural transformation that makes security a shared responsibility for everyone who is building the […]
Integrating with GitHub Actions – Amazon CodeGuru in your DevSecOps Pipeline
Many organizations have adopted DevOps practices to streamline and automate software delivery and IT operations. A DevOps model can be adopted without sacrificing security by using automated compliance policies, fine-grained controls, and configuration management techniques. However, one of the key challenges customers face is analyzing code and detecting any vulnerabilities in the code pipeline due […]
Secure CDK deployments with IAM permission boundaries
The AWS Cloud Development Kit (CDK) accelerates cloud development by allowing developers to use common programming languages when modelling their applications. To take advantage of this speed, developers need to operate in an environment where permissions and security controls don’t slow things down, and in a tightly controlled environment this is not always the case. […]
The most visited AWS DevOps blogs in 2022
As we kick off 2023, I wanted to take a moment to highlight the top posts from 2022. Without further ado, here are the top 10 AWS DevOps Blog posts of 2022. #1: Integrating with GitHub Actions – CI/CD pipeline to deploy a Web App to Amazon EC2 Coming in at #1, Mahesh Biradar, Solutions […]
Detecting security issues in logging with Amazon CodeGuru Reviewer
Amazon CodeGuru is a developer tool that provides intelligent recommendations for identifying security risks in code and improving code quality. To help you find potential issues related to logging of inputs that haven’t been sanitized, Amazon CodeGuru Reviewer now includes additional checks for both Python and Java. In this post, we discuss these updates and […]
Get started with AWS DevOps Guru Multi-Account Insight Aggregation with AWS Organizations
Amazon DevOps Guru is a fully managed service that uses machine learning (ML) to continuously analyze and consolidate operational data streams from multiple sources, such as Amazon CloudWatch metrics, AWS Config, AWS CloudFormation, AWS X-Ray, and provide you with a single console dashboard. This dashboard helps customers improve operational performance and avoid expensive downtime by […]
Automated security and compliance remediation at HDI
with Dr. Malte Polley (HDI Systeme AG – Cloud Solutions Architect) At HDI, one of the biggest European insurance group companies, we use AWS to build new services and capabilities and delight our customers. Working in the financial services industry, the company has to comply with numerous regulatory requirements in the areas of data protection […]
Building an end-to-end Kubernetes-based DevSecOps software factory on AWS
DevSecOps software factory implementation can significantly vary depending on the application, infrastructure, architecture, and the services and tools used. In a previous post, I provided an end-to-end DevSecOps pipeline for a three-tier web application deployed with AWS Elastic Beanstalk. The pipeline used cloud-native services along with a few open-source security tools. This solution is similar, […]
Integrating with Aarogya Setu Open API on AWS to ensure a safe workspace
The Indian government announced the Open API Service from Aarogya Setu (ASetu) in August, 2020. It enables organizations and business entities to fetch the COVID-19 risk status of their employees or any other ASetu app users. Most office spaces have a visitor management system that controls access or logs the identities of people entering the […]
Building end-to-end AWS DevSecOps CI/CD pipeline with open source SCA, SAST and DAST tools
DevOps is a combination of cultural philosophies, practices, and tools that combine software development with information technology operations. These combined practices enable companies to deliver new application features and improved services to customers at a higher velocity. DevSecOps takes this a step further, integrating security into DevOps. With DevSecOps, you can deliver secure and compliant […]