Category: Security

National security and defense depend upon close collaboration between international allies. To protect sensitive data and promote robust cybersecurity frameworks, organizations must consider one another’s compliance requirements. One such requirement is the United States International Traffic in Arms Regulations (ITAR), which restricts and controls the export of defense and military-related technologies in order to safeguard US national security. Here, we set out how an innovation called Trusted Secure Enclaves (TSE) on Amazon Web Services (AWS) allows non-US national organizations who want to use the most modern and innovative technology to deliver defense and security missions using the cloud can do this and be compliant.

The healthcare industry is undergoing a profound transformation, driven by the adoption of generative artificial intelligence (AI), cloud computing, and connected care devices. This digital revolution promises to improve patient outcomes, reduce costs, and enhance the overall healthcare experience. However, it also introduces new challenges in terms of cybersecurity, privacy, and regulatory compliance. To navigate this complex landscape, healthcare organizations are turning to scalable, affordable, and highly available cloud infrastructures such as Amazon Web Services (AWS) to build resilient, secure, and innovative solutions.

Amazon Web Services (AWS) today announced the launch of its first AWS UK Cyber Education Grant Program, a £5 million initiative aimed at strengthening the cybersecurity capabilities of educational institutions across the United Kingdom. Read this post to learn more about the program.

Amazon Bedrock is now generally available in the Amazon Web Services (AWS) Top Secret cloud. With authority to operate in the AWS Top Secret Cloud, Amazon Bedrock is providing U.S. Government customers with secure access to foundation models (FMs) and generative artificial intelligence (AI) capabilities within AWS’s classified environment.

The National Institutes of Health (NIH) has long maintained guidelines governing the responsible management of controlled access human genomic and phenotypic data maintained in NIH-designated data repositories. Recently, the NIH updated these guidelines to align with the NIST SP 800-171 security standard, which defines a comprehensive framework for securing Controlled Unclassified Information (CUI). In this blog post, we will explore the specifics of the updated NIH guidance and outline how Amazon Web Services (AWS) can help customers build a compliant environment to meet these requirements.

Federal agencies can use Amazon Web Services (AWS) to meet Trusted Internet Connections (TIC) 3.0 requirements. To facilitate this, AWS has published detailed architectural overlays that demonstrate how to effectively implement TIC 3.0 guidelines within AWS deployments. AWS Verified Access (AVA) is a cloud-based service that enables secure access to applications without requiring the use of a virtual private network (VPN). It evaluates each application request and gives users access to each application only when they meet the specified security requirements. AVA supports TIC 3.0 requirements in the areas of configuration management, centralized log management, strong authentication features, resilience, and policy enforcement. Read this post to learn more.

During AWS re:Invent 2024, an Innovation Session presented by Worldwide Public Sector Vice President Dave Levy illustrated how AWS empowers customers to innovate and tackle critical challenges faster and more efficiently using cloud technology and generative artificial intelligence (AI). Take a few minutes to read this post and learn more about the transformative initiatives, inspiring customer stories, and technological developments that help AWS public sector customers improve life on Earth.

CMMC compliance will soon be a must-have for federal contractors, so they need to plan now for how to achieve it. The path towards compliance differs according to the level needed and the assessments involved. Fortunately, there is no shortage of resources available to help—including from Amazon Web Services (AWS) and its partners.

The Amazon Web Services (AWS) Modular Data Center (MDC) is a service that enables rapid deployment of AWS managed data centers for running location- or latency-sensitive applications in locations with limited infrastructure. It reduces deployment time in remote areas and supports up to five racks of AWS Outposts or AWS Snow Family devices. In this post, we guide you through the end-to-end process of deploying the MDC at your site.

Malcolm is a powerful, open source network traffic analysis tool suite created by the Cybersecurity and Infrastructure Security Agency (CISA) to aid public and private sector customers in improving their network security monitoring and incident response. Malcolm is most commonly used for incident response, network monitoring, threat hunting, training, and research, but can be adapted for other use cases. In this post, we introduce you to the key components of Malcolm on Amazon Elastic Kubernetes Service (Amazon EKS).