AWS Open Source Blog

Category: Security

illustration showincg 6 padlocks

How a startup wants to help secure the open source ecosystem with huntr, a bug bounty board

This article is a guest post from 418sec co-founders Adam Nygate, Jake Mimoni, and Jamie Slome. Dependency on open source code has grown over the years, and as new open source technologies are introduced, so are more vulnerabilities. Review by “many eyes” helps secure open source software, and depends on exposing the code to as […]

Read More
Open Distro for Elasticsearch logo.

Launching Open Distro for Elasticsearch security features on Amazon Elasticsearch Service

We are excited to announce that we are making new Open Distro for Elasticsearch security features available on Amazon Elasticsearch Service. Amazon Elasticsearch Service is frequently used for sensitive enterprise workloads, and today’s launch adds multiple capabilities to give you even tighter control over your data. New features include the ability to use roles to […]

Read More
Security Hub Cloud Custodian logo

Announcing Cloud Custodian Integration with AWS Security Hub

中文版 One of the popular options for automated security, compliance, and cost management solutions in the cloud is Cloud Custodian, an open source project sponsored by Capital One. Cloud Custodian is a flexible rules engine with policies written in simple YAML configuration files, with support for over 144 AWS resource types. However, because Cloud Custodian […]

Read More

Better Random Number Generation for OpenSSL, libc, and Linux Mainline

中文版 In 2015, AWS introduced s2n, a new open source implementation of the TLS/SSL protocols that protect the privacy and integrity of data moving over a network. s2n was designed to be secure, simple, small, and fast. The project is thriving, and we use it extensively. In February, our CISO Stephen Schmidt shared that “we […]

Read More