AWS Security Blog

Category: Best Practices

Access accounts with AWS Management Console Private Access

Access accounts with AWS Management Console Private Access

AWS Management Console Private Access is an advanced security feature to help you control access to the AWS Management Console. In this post, I will show you how this feature works, share current limitations, and provide AWS CloudFormation templates that you can use to automate the deployment. AWS Management Console Private Access is useful when […]

Computer monitor

Understanding DDoS simulation testing in AWS

Distributed denial of service (DDoS) events occur when a threat actor sends traffic floods from multiple sources to disrupt the availability of a targeted application. DDoS simulation testing uses a controlled DDoS event to allow the owner of an application to assess the application’s resilience and practice event response. DDoS simulation testing is permitted on […]

Automating the detection and mitigation of traffic floods using network ACLs

Automatically detect and block low-volume network floods

In this blog post, I show you how to deploy a solution that uses AWS Lambda to automatically manage the lifecycle of Amazon VPC Network Access Control List (ACL) rules to mitigate network floods detected using Amazon CloudWatch Logs Insights and Amazon Timestream. Application teams should consider the impact unexpected traffic floods can have on an application’s availability. Internet-facing applications can […]

people holding smart phones

Reduce the security and compliance risks of messaging apps with AWS Wickr

Effective collaboration is central to business success, and employees today depend heavily on messaging tools. An estimated 3.09 billion mobile phone users access messaging applications (apps) to communicate, and this figure is projected to grow to 3.51 billion users in 2025. This post highlights the risks associated with consumer messaging apps and describes how you […]

Data Perimeter Image

Establishing a data perimeter on AWS: Allow access to company data only from expected networks

In the first three blog posts in the Establishing a data perimeter on AWS series, we covered the identity and resource perimeters. In this post, we dive into the third dimension, the network. A key part of protecting your organization’s non-public, sensitive data is to understand who can access it and from where. One of […]

Percentage improvement of ACCP 2.0 over 1.6 performance benchmarks on c7g.large Amazon Linux Graviton 3

Accelerating JVM cryptography with Amazon Corretto Crypto Provider 2

Earlier this year, Amazon Web Services (AWS) released Amazon Corretto Crypto Provider (ACCP) 2, a cryptography provider built by AWS for Java virtual machine (JVM) applications. ACCP 2 delivers comprehensive performance enhancements, with some algorithms (such as elliptic curve key generation) seeing a greater than 13-fold improvement over ACCP 1. The new release also brings […]

Discover the benefits of AWS WAF advanced rate-based rules

Discover the benefits of AWS WAF advanced rate-based rules

In 2017, AWS announced the release of Rate-based Rules for AWS WAF, a new rule type that helps protect websites and APIs from application-level threats such as distributed denial of service (DDoS) attacks, brute force log-in attempts, and bad bots. Rate-based rules track the rate of requests for each originating IP address and invokes a […]

Two real-life examples of why limiting permissions works: Lessons from AWS CIRT

Welcome to another blog post from the AWS Customer Incident Response Team (CIRT)! For this post, we’re looking at two events that the team was involved in from the viewpoint of a regularly discussed but sometimes misunderstood subject, least privilege. Specifically, we consider the idea that the benefit of reducing permissions in real-life use cases […]

Validate IAM policies by using IAM Policy Validator for AWS CloudFormation and GitHub Actions

Validate IAM policies by using IAM Policy Validator for AWS CloudFormation and GitHub Actions

In this blog post, I’ll show you how to automate the validation of AWS Identity and Access Management (IAM) policies by using a combination of the IAM Policy Validator for AWS CloudFormation (cfn-policy-validator) and GitHub Actions. Policy validation is an approach that is designed to minimize the deployment of unwanted IAM identity-based and resource-based policies […]

SageMaker machine learning insights architecture for Security Lake

Generate machine learning insights for Amazon Security Lake data using Amazon SageMaker

Amazon Security Lake automatically centralizes the collection of security-related logs and events from integrated AWS and third-party services. With the increasing amount of security data available, it can be challenging knowing what data to focus on and which tools to use. You can use native AWS services such as Amazon QuickSight, Amazon OpenSearch, and Amazon […]