AWS Security Blog

Category: Advanced (300)

How AWS WAF threat intelligence features help protect the player experience for betting and gaming customers

The betting and gaming industry has grown into a data-rich landscape that presents an enticing target for sophisticated bots. The sensitive personally identifiable information (PII) that is collected and the financial data involved in betting and in-game economies is especially valuable. Microtransactions and in-game purchases are frequently  targeted, making them an ideal case for safeguarding […]

Automate detection and response to website defacement with Amazon CloudWatch Synthetics

Website defacement occurs when threat actors gain unauthorized access to a website, most commonly a public website, and replace content on the site with their own messages. In this blog post, we show you how to detect website defacement, and then automate both defacement verification and your defacement response by using Amazon CloudWatch Synthetics visual […]

Solution architecture

Create security observability using generative AI with Security Lake and Amazon Q in QuickSight

Generative artificial intelligence (AI) is now a household topic and popular across various public applications. Users enter prompts to get answers to questions, write code, create images, improve their writing, and synthesize information. As people become familiar with generative AI, businesses are looking for ways to apply these concepts to their enterprise use cases in […]

Main Image

Reduce risks of user sign-up fraud and SMS pumping with Amazon Cognito user pools

If you have a customer facing application, you might want to enable self-service sign-up, which allows potential customers on the internet to create an account and gain access to your applications. While it’s necessary to allow valid users to sign up to your application, self-service options can open the door to unintended use or sign-ups. […]

mDL issuing authority architecture and process flow in AWS

Build a mobile driver’s license solution based on ISO/IEC 18013-5 using AWS Private CA and AWS KMS

A mobile driver’s license (mDL) is a digital representation of a physical driver’s license that’s stored on a mobile device. An mDL is a significant improvement over physical credentials, which can be lost, stolen, counterfeited, damaged, or contain outdated information, and can expose unconsented personally identifiable information (PII). Organizations are working together to use mDLs across […]

Automatically replicate your card payment keys across AWS Regions

In this blog post, I dive into a cross-Region replication (CRR) solution for card payment keys, with a specific focus on the powerful capabilities of AWS Payment Cryptography, showing how your card payment keys can be securely transported and stored. In today’s digital landscape, where online transactions have become an integral part of our daily […]

Making sense of secrets management on Amazon EKS for regulated institutions

Amazon Web Services (AWS) customers operating in a regulated industry, such as the financial services industry (FSI) or healthcare, are required to meet their regulatory and compliance obligations, such as the Payment Card Industry Data Security Standard (PCI DSS) or Health Insurance Portability and Accountability Act (HIPPA). AWS offers regulated customers tools, guidance and third-party audit reports […]

Announcing AWS KMS Elliptic Curve Diffie-Hellman (ECDH) support

When using cryptography to protect data, protocol designers often prefer symmetric keys and algorithms for their speed and efficiency. However, when data is exchanged across an untrusted network such as the internet, it becomes difficult to ensure that only the exchanging parties can know the same key. Asymmetric key pairs and algorithms help to solve […]

AWS Secret Manager

How to centrally manage secrets with AWS Secrets Manager

In today’s digital landscape, managing secrets, such as passwords, API keys, tokens, and other credentials, has become a critical task for organizations. For some Amazon Web Services (AWS) customers, centralized management of secrets can be a robust and efficient solution to address this challenge. In this post, we delve into using AWS data protection services […]

Amazon Bedrock logo

Hardening the RAG chatbot architecture powered by Amazon Bedrock: Blueprint for secure design and anti-pattern mitigation

Mitigate risks like data exposure, model exploits, and ethical lapses when deploying Amazon Bedrock chatbots. Implement guardrails, encryption, access controls, and governance frameworks.