AWS Security Blog

Category: Management Tools

How to Use AWS Config to Monitor for and Respond to Amazon S3 Buckets Allowing Public Access

AWS Config enables continuous monitoring of your AWS resources, making it simple to assess, audit, and record resource configurations and changes. AWS Config does this through the use of rules that define the desired configuration state of your AWS resources. AWS Config provides a number of AWS managed rules that address a wide range of […]

Read More

All AWS Services GDPR ready

Today, I’m very pleased to announce that AWS services comply with the General Data Protection Regulation (GDPR). This means that, in addition to benefiting from all of the measures that AWS already takes to maintain services security, customers can deploy AWS services as a key part of their GDPR compliance plans. This announcement confirms we […]

Read More

How to Patch Linux Workloads on AWS

Most malware tries to compromise your systems by using a known vulnerability that the operating system maker has already patched. As best practices to help prevent malware from affecting your systems, you should apply all operating system patches and actively monitor your systems for missing patches. In this blog post, I show you how to […]

Read More

Attend This Free December 14 Online Tech Talk: “Centralized AWS IAM Governance Using AWS CloudFormation StackSets and AWS Organizations”

As part of the AWS Online Tech Talks series, AWS will present Centralized AWS IAM Governance Using AWS CloudFormation StackSets and AWS Organizations on Thursday, December 14. This tech talk will start at 9:00 A.M. Pacific Time and end at 9:40 A.M. Pacific Time. With the introduction of AWS Organizations and AWS CloudFormation StackSets, you can create and manage […]

Read More

The 10 Most Viewed Security-Related AWS Knowledge Center Articles and Videos for November 2017

The AWS Knowledge Center helps answer the questions most frequently asked by AWS Support customers. The following 10 Knowledge Center security articles and videos have been the most viewed this month. It’s likely you’ve wondered about a few of these topics yourself, so here’s a chance to learn the answers! How do I create an AWS […]

Read More

How to Patch, Inspect, and Protect Microsoft Windows Workloads on AWS—Part 1

Most malware tries to compromise your systems by using a known vulnerability that the maker of the operating system has already patched. To help prevent malware from affecting your systems, two security best practices are to apply all operating system patches to your systems and actively monitor your systems for missing patches. In case you […]

Read More

Greater Transparency into Actions AWS Services Perform on Your Behalf by Using AWS CloudTrail

To make managing your AWS account easier, some AWS services perform actions on your behalf, including the creation and management of AWS resources. For example, AWS Elastic Beanstalk automatically handles the deployment details of capacity provisioning, load balancing, auto-scaling, and application health monitoring. To make these AWS actions more transparent, AWS adds an AWS Identity and Access […]

Read More

Getting Started: Follow Security Best Practices as You Configure Your AWS Resources

After you create your first AWS account, you might be tempted to start immediately addressing the issue that brought you to AWS. For example, you might set up your first website, spin up a virtual server, or create your first storage solution. However, AWS recommends that first, you follow some security best practices to help […]

Read More

How to Audit Your AWS Resources for Security Compliance by Using Custom AWS Config Rules

AWS Config Rules enables you to implement security policies as code for your organization and evaluate configuration changes to AWS resources against these policies. You can use Config rules to audit your use of AWS resources for compliance with external compliance frameworks such as CIS AWS Foundations Benchmark and with your internal security policies related […]

Read More

AWS CloudTrail Now Tracks Cross-Account Activity to Its Origin

You can use AWS Identity and Access Management (IAM) roles and AWS Security Token Service (STS) to set up cross-account access between AWS accounts. When you assume an IAM role in another AWS account to obtain cross-account access to services and resources in that account, AWS CloudTrail logs the cross-account activity. Starting today, CloudTrail logs […]

Read More