AWS Cloud Operations Blog
Tag: Security
Protect your AWS resources from unauthorized access using AWS Organizations integrations
In today’s digital landscape, customers have complex and distributed workloads running on AWS, involving a large number of AWS resources across multiple services. Tackling security risks across numerous resources can seem daunting, but with the right approach following best practices, can be addressed in a timely manner. AWS offers tools and services designed to help […]
Securely administer servers migrated with AWS Application Migration Service using AWS Systems Manager Session Manager
Introduction In this blog post, we will illustrate how to automate the configuration necessary to manage migrated servers with improved security and reduced costs. To administer servers in an on-premises environment, administrators often use secure shell (SSH) or Remote Desktop Protocol (RDP) to connect. After migrating to Amazon Web Services (AWS), this may not be […]
Enhance your AWS cloud infrastructure security with AWS Managed Services (AMS)
Introduction A security or data loss incident can lead to both financial and reputational losses. Maintaining security and compliance is a shared responsibility between AWS and you (our customer), where AWS is responsible for “Security of the Cloud” and you are responsible for “Security in the Cloud”. However, security in the cloud has a much […]
Auto-remediate best practice deviations detected by AWS Trusted Advisor
AWS Trusted Advisor inspects your AWS infrastructure and provides best practice recommendations when opportunities exist to reduce cost, optimize your AWS infrastructure, improve system availability and performance, help close security gaps and monitor service quotas. Trusted Advisor recommendations are based on best practices identified by AWS services experts and learnings from serving thousands of customers […]
Provisioning access to security and audit teams in an AWS multi-account environment created by AWS Control Tower
AWS Control Tower offers the easiest way to set up and govern a secure, compliant, and multi-account AWS environment based on best practices established by working with thousands of enterprises. Organizations can leverage built-in preventive, proactive, and detective controls as a starting point to address the customer part of the AWS Shared Responsibility Model. Control […]
Using Single Sign-on with Azure Active Directory and Cloud Migration Factory for simplified identity management
In this blog post we’ll look at how to configure the AWS Cloud Migration Factory (CMF) solution to use SAML authentication. We will use an existing identity provider (in this case Azure Active Directory). However, this can be replicated with any IDP that offers SAML authentication. By federating existing logins and accounts with CMF, the […]
Build a multi-account access notification system with Amazon EventBridge
While working with many of our customers, a recurring question has been “How can we be notified when users login to key accounts so we can take action if needed?” This post shows how to implement a flexible, simple, and serverless solution that creates notifications when sensitive accounts are logged in to. Alerting on high […]
Improve your IoT security posture using AWS
Introduction IoT applications and devices can be diverse and are used across industries such as utilities, agriculture, manufacturing, mining, transportation and consumer electronics. With the exponential growth of IoT devices and the increasing attack surface, it also means that IoT security needs to planned and designed into the solution from the ground up. IoT solutions […]
How Arctic Wolf uses AWS CloudTrail Lake to Simplify Security and Operations
In this post, we’ll discuss how Arctic Wolf is using AWS CloudTrail Lake to simplify compliance, enhance security operations, and obtain new operational insights from their CloudTrail data. Arctic Wolf, the leader in security operations, helps customers protect their organizations from rapidly evolving cyber threats with the Arctic Wolf Security Operations Cloud and Concierge Security® model. As […]
Analyzing AWS WAF Logs in Amazon CloudWatch Logs
Update April 17 2023 : The Contributor Insights rules provided in this blog post are now natively available in CloudWatch Contributor Insights. This post shows you how to use Amazon CloudWatch features, such as Logs Insights, Contributor Insights, and Metric Filters to analyze AWS Web Application Firewall (AWS WAF) logs, create dashboards, and generate alarms. […]