AWS Security Blog

Get ready for upcoming changes in the AWS Single Sign-On user sign-in process

To improve security, enhance user experience, and address compatibility with future AWS Identity changes, AWS Single Sign-On (SSO) is making changes to the sign-in process that will affect some AWS SSO customers. The changes will go into effect globally in early October 2020. The AWS SSO sign-in pages are moving to a new top-level DNS […]

Read More

How Security Operation Centers can use Amazon GuardDuty to detect malicious behavior

The Security Operations Center (SOC) has a tough job. As customers modernize and shift to cloud architectures, the ability to monitor, detect, and respond to risks poses different challenges. In this post we address how Amazon GuardDuty can address some common concerns of the SOC regarding the number of security tools and the overhead to […]

Read More

Role-based access control using Amazon Cognito and an external identity provider

Amazon Cognito simplifies the development process by helping you manage identities for your customer-facing applications. As your application grows, some of your enterprise customers may ask you to integrate with their own Identity Provider (IdP) so that their users can sign-on to your app using their company’s identity, and have role-based access-control (RBAC) based on […]

Read More

Integrating AWS CloudFormation security tests with AWS Security Hub and AWS CodeBuild reports

The concept of infrastructure as code, by using pipelines for continuous integration and delivery, is fundamental for the development of cloud infrastructure. Including code quality and vulnerability scans in the pipeline is essential for the security of this infrastructure as code. In one of our previous posts, How to build a CI/CD pipeline for container […]

Read More

How to configure an LDAPS endpoint for Simple AD

In this blog post, we show you how to configure an LDAPS (LDAP over SSL or TLS) encrypted endpoint for Simple AD so that you can extend Simple AD over untrusted networks. Our solution uses Network Load Balancer (NLB) as SSL/TLS termination. The data is then decrypted and sent to Simple AD. Network Load Balancer […]

Read More

Introducing the AWS Best Practices for Security, Identity, & Compliance Webpage and Customer Polling Feature

The AWS Security team has made it easier for you to find information and guidance on best practices for your cloud architecture. We’re pleased to share the Best Practices for Security, Identity, & Compliance webpage of the new AWS Architecture Center. Here you’ll find top recommendations for security design principles, workshops, and educational materials, and […]

Read More

TISAX scope broadened

The Trusted Information Security Assessment Exchange (TISAX) provides automotive industry organizations the assurance needed to build secure applications and services on the cloud. In late June, AWS achieved the assessment objectives required for data with a very high need for protection according to TISAX criteria. We’re happy to announce this broadened scope of our TISAX […]

Read More

Deploying defense in depth using AWS Managed Rules for AWS WAF (part 2)

In this post, I show you how to use recent enhancements in AWS WAF to manage a multi-layer web application security enforcement policy. These enhancements will help you to maintain and deploy web application firewall configurations across deployment stages and across different types of applications. In part 1 of this post I describe the technologies […]

Read More

Defense in depth using AWS Managed Rules for AWS WAF (part 1)

In this post, I discuss how you can use recent enhancements in AWS WAF to manage a multi-layer web application security enforcement policy. These enhancements will help you to maintain and deploy web application firewall configurations across deployment stages and across different types of applications. The post is in two parts. This first part describes […]

Read More

New third-party test compares Amazon GuardDuty to network intrusion detection systems

A new whitepaper is available that summarizes the results of tests by Foregenix comparing Amazon GuardDuty with network intrusion detection systems (IDS) on threat detection of network layer attacks. GuardDuty is a cloud-centric IDS service that uses Amazon Web Services (AWS) data sources to detect a broad range of threat behaviors. Security engineers need to […]

Read More