AWS Open Source Blog

Category: Security

kras99 - stock.adobe.com internet digital security technology concept for business background. Lock on circuit board

Introducing AWS Security Analytics Bootstrap

Organizations running workloads in Amazon Web Services (AWS) often must search and analyze logs to troubleshoot or investigate operations, governance, or security events. Amazon Athena enables AWS customers to search and analyze log data directly from in Amazon Simple Storage Service (Amazon S3) using standard SQL queries. Additionally, we understand that customers need a common […]

Read More
Song_about_summer – stock.adobe.com

Scaling threat prevention on AWS with Suricata

This post was written by Victor Julien, Kelley Misata, Shakeel Ahmad, and Maritza Mills. Suricata is a fast, robust, open source network threat detection engine that includes real-time intrusion detection (IDS), an inline intrusion prevention system (IPS), network security monitoring (NSM), and offline packet capture (pcap) processing. Suricata is owned by the community-run, non-profit Open […]

Read More

How a startup wants to help secure the open source ecosystem with huntr, a bug bounty board

This article is a guest post from 418sec co-founders Adam Nygate, Jake Mimoni, and Jamie Slome. Dependency on open source code has grown over the years, and as new open source technologies are introduced, so are more vulnerabilities. Review by “many eyes” helps secure open source software, and depends on exposing the code to as […]

Read More
Open Distro for Elasticsearch logo.

Launching Open Distro for Elasticsearch security features on Amazon Elasticsearch Service

September 8, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. Visit the website to learn more. We are excited to announce that we are making new Open Distro for Elasticsearch security features available on Amazon Elasticsearch Service. Amazon Elasticsearch Service is frequently used for sensitive enterprise workloads, and today’s launch adds multiple […]

Read More
Security Hub Cloud Custodian logo

Announcing Cloud Custodian Integration with AWS Security Hub

中文版 One of the popular options for automated security, compliance, and cost management solutions in the cloud is Cloud Custodian, an open source project sponsored by Capital One. Cloud Custodian is a flexible rules engine with policies written in simple YAML configuration files, with support for over 144 AWS resource types. However, because Cloud Custodian […]

Read More

Better Random Number Generation for OpenSSL, libc, and Linux Mainline

中文版 In 2015, AWS introduced s2n, a new open source implementation of the TLS/SSL protocols that protect the privacy and integrity of data moving over a network. s2n was designed to be secure, simple, small, and fast. The project is thriving, and we use it extensively. In February, our CISO Stephen Schmidt shared that “we […]

Read More