Category: Amazon GuardDuty

In this post, the first in a two-part series, we focus on the detection and forensic readiness side of satellite IR. This post walks through instrumenting your ground segment with Amazon Web Services (AWS) security services and AWS Ground Station so that threats surface before they cause damage, and forensic data is already flowing when an incident occurs.

This blog covers what to do when those detections fire. Satellite incident response (IR) must account for constraints that ground-based systems never face: containment actions that wait for the next orbital pass, decisions that trade mission continuity against security, and recovery procedures where the compromised endpoint cannot be physically accessed. It walks through containment, eradication, recovery, automated runbooks, and tabletop exercises designed for satellite operations teams.

In this post, you will learn how the Maritime Cloud Environment (MCE) addresses these challenges by offering suppliers a secure, compliant, Navy-provided Amazon Web Services (AWS) Cloud environment for digital engineering collaboration.

Why preventive controls matter for FedRAMP 20x Organizations strengthen their security posture when Amazon Web Services (AWS) cloud resources consistently align with security and regulatory requirements. Preventive security controls, which are designed to minimize or avoid threat events, help enforce these requirements before misconfigurations are deployed. In this post, we show how service control policies […]

Learn how Amazon Web Services (AWS) operates inside a scoped compute environment with an AWS Identity and Access Management (IAM) execution role, network segmentation, and defense-in-depth security meeting FISMA, FedRAMP, and DoD CCSRG standards.

This post brings guidance on Customer Responsibility Matrices (CRMs), authorization boundary definitions, and multi-provider control ownership into a single actionable framework for defense contractors preparing for third-party assessment.

Ivanti’s 2025 State of Cybersecurity Report revealed that only one in three organizations feel prepared to protect themselves from software supply chain threats. According to Cowbell’s Cyber Roundup Report 2024, with respect to supply chain threats, operating systems pose the greatest immediate threat as “they form the foundational layer of an organization’s entire IT infrastructure.” […]

In this post, we demonstrate how to use the advanced malware detection features of Amazon GuardDuty to uncover malicious and suspicious files compromising your Amazon Elastic Compute Cloud (Amazon EC2) instances. We use the investigative capabilities of Amazon Detective to gain deeper insights into the security event. After the key questions about the security event are addressed, we outline steps to remediate the potentially compromised EC2 instance.

In this blog, we will guide you through the process of setting up a secure multi-account AWS environment using AWS Control Tower, AWS IAM Identity Center, AWS Organizations and will show you how to secure your environment using AWS Config, AWS Security Hub, and Amazon GuardDuty.

Nonprofit organizations face unique security challenges due to their resource constraints and prioritization of mission-focused initiatives. In this blog post, we discuss Amazon Web Services (AWS) security best practices to accelerate mission impact and demonstrate how upfront security investments can both improve security and save time on redundant processes in the long run.