AWS Security Blog

Following the award of PROTECTED certification to AWS in January 2019, we have now released updated Information Security Registered Assessors Program (IRAP) PROTECTED documentation via AWS Artifact. This information provides the ability to plan, architect, and self-assess systems built in AWS under the Digital Transformation Agency’s Secure Cloud Guidelines. The new documentation expands the scope […]

On January 6, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released an alert (AA20-006A) that highlighted measures for critical infrastructure to prepare for information security risks, but which are also relevant to all organizations. The CISA alert focuses on vulnerability mitigation and incident preparation. At AWS, security is our […]

AWS is continually expanding the scope of our compliance programs to help your organization run sensitive and regulated workloads. Today, we’re pleased to announce an additional array of AWS services that are available in the AWS US East/West and AWS GovCloud (US) Regions, marking a 17.7% increase in our number of FedRAMP authorizations since the […]

In June at re:Inforce 2019, AWS announced the general availability of AWS Security Hub, a security service that enables customers to centrally view and manage compliance checks and security findings across their AWS accounts. AWS Security Hub imports security findings from AWS Guard Duty, Amazon Inspector, Amazon Macie, and over 30 AWS partner security solutions. […]

We’re excited to announce the addition of 55 new services in scope under our latest Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) certification, for a total of 119 AWS services in scope. You can deploy environments onto AWS and inherit our HITRUST certification provided that you use only in-scope services and apply the […]

We’re pleased to announce that seven services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) certification, providing our customers more options to process and store their payment card data and architect their Cardholder Data Environment (CDE) securely in AWS. In the past year we have increased the […]

AWS continues to expand the number of services that customers can use to run sensitive and highly regulated workloads in the federal government space. Today, I’m pleased to announce another expansion of our FedRAMP program, marking a 36.2% increase in our number of FedRAMP authorizations. We’ve achieved authorizations for 26 additional services, 7 of which […]

December 10, 2019: This post was originally published July 2019. Since then, the number of services with a dedicated security chapter has grown from 40 to over 70. We’ve updated our post accordingly. We’re excited to announce the launch of dedicated security chapters in the AWS documentation for over 70 services. Security is a key […]

The Security Blog set new records for page views in 2019, but we’re always looking for ways to improve. Please tell us what you want to read about in the Comments section below. We read all of your feedback and do our best to act on it. The top 11 posts during 2019 based on […]

In this blog post, I’ll show you how to integrate Prowler, an open-source security tool, with AWS Security Hub. Prowler provides dozens of security configuration checks related to services such as Amazon Redshift, Amazon ElasticCache, Amazon API Gateway and Amazon CloudFront. Integrating Prowler with Security Hub will provide posture information about resources not currently covered […]