AWS Security Blog

Visualizing Amazon GuardDuty findings

Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help protect your AWS accounts and workloads. Enable GuardDuty and it begins monitoring for: Anomalous API activity Potentially unauthorized deployments and compromised instances Reconnaissance by attackers. GuardDuty analyzes and processes VPC flow log, AWS CloudTrail event log, and […]

Read More

AWS completes TISAX high assessment

We have completed the European automotive industry’s TISAX high assessment for 43 services. To successfully complete the TISAX high assessment, EY Germany conducted an independent audit, and attested that our information management system meets industry-set standards. This provides automotive industry organizations the assurance needed to build secure applications and services on AWS. TISAX was established by the German Association […]

Read More

AWS Compliance Center for financial services now available

On Tuesday, September 4, AWS announced the launch of an AWS Compliance Center for our Financial Services (FS) customers. This addition to our compliance offerings gives you a central location to research cloud-related regulatory requirements that impact the financial services industry. Prior to the launch of the AWS Compliance Center, customers preparing to adopt AWS […]

Read More

AWS achieves FedRAMP JAB High and Moderate Provisional Authorization across 14 Services in the AWS US East/West and GovCloud Regions

Since I launched our FedRAMP program way back in 2013, it has always excited me to talk about how we’re continually expanding the scope of our compliance programs because that means you’re able to use more of our services for sensitive and regulated workloads. Up to this point, we’ve had 22 services in our US […]

Read More

How to use AWS Secrets Manager to rotate credentials for all Amazon RDS database types, including Oracle

You can now use AWS Secrets Manager to rotate credentials for Oracle, Microsoft SQL Server, or MariaDB databases hosted on Amazon Relational Database Service (Amazon RDS) automatically. Previously, I showed how to rotate credentials for a MySQL database hosted on Amazon RDS automatically with AWS Secrets Manager. With today’s launch, you can use Secrets Manager […]

Read More

New guide helps financial services customers in Brazil navigate cloud requirements

We have a new resource to help our financial services customers in Brazil navigate regulatory requirements for using the cloud. The AWS User Guide to Financial Services Regulations in Brazil is a deep dive into the Brazilian National Monetary Council’s Resolution No. 4,658. The cybersecurity cloud resolution is the first of its kind by regulators […]

Read More

How to automate the import of third-party threat intelligence feeds into Amazon GuardDuty

Amazon GuardDuty is an AWS threat detection service that helps protect your AWS accounts and workloads by continuously monitoring them for malicious and unauthorized behavior. You can enable Amazon GuardDuty through the AWS Management Console with one click. It analyzes billions of events across your AWS accounts and uses machine learning to detect anomalies in […]

Read More
R00tz DEF CON 2018 conference for kids

Amazon sponsors r00tz at DEF CON 2018

It’s early August, and we’re quickly approaching Hacker summer camp (AKA DEF CON). The Black Hat Briefings start August 8, DEF CON starts August 9, and many people will be closely following the latest security presentations at both conferences. But there’s another, exclusive conference happening at DEF CON that Amazon is excited to be a […]

Read More

How to use Amazon GuardDuty and AWS Web Application Firewall to automatically block suspicious hosts

When you’re implementing security measures across your AWS resources, you should use a holistic approach that incorporates controls across multiple areas. In the Cloud Adoption Framework (CAF) Security perspective whitepaper, we define these controls across four categories. Directive controls. Establish the governance, risk, and compliance models the environment will operate within. Preventive controls. Protect your […]

Read More

Using AWS CloudHSM-backed certificates with Microsoft Internet Information Server

SSL/TLS certificates are used to create encrypted sessions to endpoints such as web servers. If you want to get an SSL certificate, you usually start by creating a private key and a corresponding certificate signing request (CSR). You then send the CSR to a certificate authority (CA) and receive a certificate. When a user seeks […]

Read More