AWS Security Blog

Category: Learning Levels

Internet Security Notification – Department of Homeland Security Alert AA20-006A

On January 6, 2020, the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released an alert (AA20-006A) that highlighted measures for critical infrastructure to prepare for information security risks, but which are also relevant to all organizations. The CISA alert focuses on vulnerability mitigation and incident preparation. At AWS, security is our […]

Read More

AWS achieves FedRAMP JAB High and Moderate Provisional Authorization across 16 services in the AWS US East/West and AWS GovCloud (US) Regions

AWS is continually expanding the scope of our compliance programs to help your organization run sensitive and regulated workloads. Today, we’re pleased to announce an additional array of AWS services that are available in the AWS US East/West and AWS GovCloud (US) Regions, marking a 17.7% increase in our number of FedRAMP authorizations since the […]

Read More

How to import AWS Config rules evaluations as findings in Security Hub

In June at re:Inforce 2019, AWS announced the general availability of AWS Security Hub, a security service that enables customers to centrally view and manage compliance checks and security findings across their AWS accounts. AWS Security Hub imports security findings from AWS Guard Duty, Amazon Inspector, Amazon Macie, and over 30 AWS partner security solutions. […]

Read More

55 additional AWS services achieve HITRUST CSF Certification

We’re excited to announce the addition of 55 new services in scope under our latest Health Information Trust Alliance (HITRUST) Common Security Framework (CSF) certification, for a total of 119 AWS services in scope. You can deploy environments onto AWS and inherit our HITRUST certification provided that you use only in-scope services and apply the […]

Read More

AWS achieves FedRAMP JAB High and Moderate Provisional Authorization across 26 services in the AWS US East/West and AWS GovCloud (US) Regions

AWS continues to expand the number of services that customers can use to run sensitive and highly regulated workloads in the federal government space. Today, I’m pleased to announce another expansion of our FedRAMP program, marking a 36.2% increase in our number of FedRAMP authorizations. We’ve achieved authorizations for 26 additional services, 7 of which […]

Read More

How to get specific security information about AWS services

December 10, 2019: This post was originally published July 2019. Since then, the number of services with a dedicated security chapter has grown from 40 to over 70. We’ve updated our post accordingly. We’re excited to announce the launch of dedicated security chapters in the AWS documentation for over 70 services. Security is a key […]

Read More

Use AWS Fargate and Prowler to send security configuration findings about AWS services to Security Hub

In this blog post, I’ll show you how to integrate Prowler, an open-source security tool, with AWS Security Hub. Prowler provides dozens of security configuration checks related to services such as Amazon Redshift, Amazon ElasticCache, Amazon API Gateway and Amazon CloudFront. Integrating Prowler with Security Hub will provide posture information about resources not currently covered […]

Read More

How to get started with security response automation on AWS

December 2, 2019: We’ve updated this post to include some additional information about Security Hub. At AWS, we encourage you to use automation to help quickly detect and respond to security events within your AWS environments. In addition to increasing the speed of detection and response, automation also helps you scale your security operations as […]

Read More

Additional on-premises option for data localization with AWS

Today, AWS released an updated resource — AWS Policy Perspectives-Data Residency — to provide an additional option for you if you need to store and process your data on premises. This white paper update discusses AWS Outposts, which offers a hybrid solution for customers that might find that certain workloads are better suited for on-premises […]

Read More