Category: Foundational (100)

Approached correctly, cloud migrations are a great opportunity to improve the security and stability of your applications. Many organizations are looking for guidance on how to meet their security requirements while moving at the speed that the cloud enables. They often try to configure everything perfectly in the data center before they migrate their first […]

April 3, 2023: This guidance is out of date. It is being updated and will be republished as soon as possible. September 12, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. October 21, 2020: […]

The AWS Security team has made it easier for you to find information and guidance on best practices for your cloud architecture. We’re pleased to share the Best Practices for Security, Identity, & Compliance webpage of the new AWS Architecture Center. Here you’ll find top recommendations for security design principles, workshops, and educational materials, and […]

The Trusted Information Security Assessment Exchange (TISAX) provides automotive industry organizations the assurance needed to build secure applications and services on the cloud. In late June, AWS achieved the assessment objectives required for data with a very high need for protection according to TISAX criteria. We’re happy to announce this broadened scope of our TISAX […]

A new whitepaper is available that summarizes the results of tests by Foregenix comparing Amazon GuardDuty with network intrusion detection systems (IDS) on threat detection of network layer attacks. GuardDuty is a cloud-centric IDS service that uses Amazon Web Services (AWS) data sources to detect a broad range of threat behaviors. Security engineers need to […]

As you put more and more data in the cloud, you need to rely on security automation to keep it secure at scale. AWS recently launched Amazon Macie, a fully managed service that uses machine learning and pattern matching to help you detect, classify, and better protect your sensitive data stored in the AWS Cloud. […]

I’m excited to share that the Defense Information Systems Agency (DISA) has authorized 19 additional AWS services at Impact Level (IL) 5 and four services at IL 4 in the AWS GovCloud (US) Regions. With these additional 19 services, a total of 80 AWS services and features at IL4 and IL 5 are authorized and […]

Just over a year ago, on July 1, 2019, the Australian Prudential Regulation Authority’s (APRA’s) Prudential Standard CPS 234 Information Security became effective. This standard is a set of legally enforceable information security requirements for APRA-regulated entities. CPS 234 aims to: “…ensure that an APRA regulated entity takes measures to be resilient against information security […]

We are pleased to announce that Amazon Web Services (AWS) has achieved FedRAMP JAB authorization on an additional nine AWS services. These services provide capabilities that enable your organization to: Assemble and deploy serverless architectures in powerful new ways using AWS Serverless Application Repository Simplify application delivery and complete workload migration to the cloud using […]

We’re happy to share an update on the service documentation initiative that we first told you about on the AWS Security Blog in June, 2019. We’re excited to announce that over 150 services now have dedicated security chapters available in the AWS security documentation. In case you aren’t familiar with the security chapters, they were […]