AWS Security Blog

Category: Security, Identity, & Compliance

Artifact

AWS Artifact is now available in AWS GovCloud (US) Regions

AWS Artifact is now available in the AWS GovCloud (US) Regions, where you’ll now have on-demand access to AWS compliance reports and select online AWS agreements with a single-click in the AWS Management Console. The AWS GovCloud (US) Regions are isolated and designed to host sensitive data and regulated workloads in the cloud, assisting customers […]

Read More
Maritza Mills, Senior Product Manager

AWS Security Profiles: Maritza Mills, Senior Product Manager, Perimeter Protection

In the weeks leading up to re:Invent 2019, we’ll share conversations we’e had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current […]

Read More
s2n logo

Post-quantum TLS now supported in AWS KMS

November 11, 2019: Based on customer feedback, we’ve corrected the name of one of our sources. AWS Key Management Service (AWS KMS) now supports post-quantum hybrid key exchange for the Transport Layer Security (TLS) network encryption protocol that is used when connecting to KMS API endpoints. In this post, I’ll tell you what post-quantum TLS […]

Read More
Las Vegas strip

AWS re:Invent 2019 security guide: sessions, workshops, and chalk talks

With re:Invent 2019 just weeks away, the excitement is building and we’re looking forward to seeing you all soon! If you’re attending re:Invent with the goal of improving your organization’s cloud security operations, here are some highlights from the re:Invent 2019 session catalog. Reserved seating is now open, so get your seats in advance for […]

Read More

Accept an ANDB Addendum for all accounts within your AWS Organization

For customers who use AWS to store or process personal information covered by the Australian Privacy Act 1988, I’m excited to announce that you can now accept a single AWS Australian Notifiable Data Breach Addendum (ANDB Addendum) for all accounts within your AWS Organization. Once accepted, all current and future accounts created or added to […]

Read More

AWS Security Profiles: Greg McConnel, Senior Manager, Security Specialists Team

In the weeks leading up to re:Invent 2019, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current […]

Read More
re:Invent attendees

Your AWS re:Invent 2019 guide to AWS Identity sessions, workshops, and chalk talks

November 6, 2019: Post updated to include four new sessions — SEC316, SEC317, OIG304, and ACT17. AWS re:Invent 2019 is coming fast! You’ll soon need to prioritize your sessions. Here’s a list of AWS Identity sessions, workshops, and chalk talks at AWS re:Invent 2019. If you haven’t registered yet for re:Invent, here’s a template you […]

Read More

AWS Security Profile: Ron Cully, Principal Product Manager, AWS Identity

In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]

Read More

AWS achieves FedRAMP JAB High and Moderate Provisional Authorization across 18 services in the AWS US East/West and AWS GovCloud (US) Regions

It’s my pleasure to announce that we’ve expanded the number of AWS services that customers can use to run sensitive and highly regulated workloads in the federal government space. This expansion of our FedRAMP program marks a 28.6% increase in our number of FedRAMP authorizations. Today, we’ve achieved FedRAMP authorizations for 6 services in our […]

Read More

Updated whitepaper available: “Navigating GDPR Compliance on AWS”

The European Union’s General Data Protection Regulation 2016/679 (GDPR) safeguards EU citizens’ fundamental right to privacy and to personal data protection. In order to make local regulations coherent and homogeneous, the GDPR introduces and defines stringent new standards in terms of compliance, security and data protection. The updated version of our Navigating GDPR Compliance on […]

Read More