AWS Security Blog

Category: Security, Identity, & Compliance*

Customer Update—AWS and EU Safe Harbor

Recently, the European Court of Justice determined that the 15-year-old US-EU Safe Harbor framework is no longer valid for the transfer of personal data from the European Economic Area (EEA) to the US. At AWS, we know customers care deeply about privacy and data security; we optimize our work to get these issues right for […]

Read More

New Security Services Launched at AWS re:Invent 2015—Amazon Inspector, AWS WAF, and AWS Config Rules

Today at re:Invent, AWS announced two new security services and one new feature to help you improve your security posture and protect applications deployed on AWS. Amazon Inspector is an automated security assessment service that helps minimize the likelihood of introducing security or compliance issues when deploying applications on AWS. Amazon Inspector automatically assesses applications […]

Read More

Today’s Security and Compliance Sessions at re:Invent 2015

If you are attending re:Invent 2015 in Las Vegas, you can attend any of the following Security & Compliance track sessions taking place today. Didn’t register before the conference sold out? All sessions are being recorded and will be made available on YouTube after the conference. Also, all slide decks from the sessions will be made available […]

Read More

Now Available: New AWS Security Training Classes

Today we launched a new AWS training curriculum on security. The two new classes made available today are designed to help you meet your cloud security objectives under the AWS Shared Responsibility Model, by showing you how to create more secure AWS architectures and solutions and address key compliance requirements. Here’s a closer look at the new training […]

Read More

Learn About re:Invent 2015 Compliance Sessions

As I mentioned previously, the breakout sessions for the Security & Compliance track at re:Invent 2015 have been announced. And in my most recent re:Invent post, I focused on the AWS Identity and Access Management (IAM) sessions that will be offered as part of the Security & Compliance track. Today, I want to highlight the […]

Read More

AWS IAM Sessions at re:Invent 2015

As I said last week, the breakout sessions for the Security & Compliance track have been announced and are shown in the re:Invent 2015 session catalog. If you are going to re:Invent 2015, you can add these sessions to your schedule now. Today, I will highlight the AWS Identity and Access Management (IAM) sessions that […]

Read More

Use AWS Services to Adhere to Security Best Practices—Minus the Inordinate Time Investment

As security professionals, it is our job to be sure that our decisions adhere to best practices. Best practices, though, tend to be time consuming, which means we either don’t get around to following best practices, or we spend too much time on tedious, manual tasks. This blog post includes two examples where AWS services […]

Read More

re:Invent 2015: All Security and Compliance Track Breakout Sessions

If you will be attending re:Invent 2015 in Las Vegas next month, you know that you’ll have many opportunities to learn more about AWS security at the conference. The following breakout sessions compose this year’s Security and Compliance track. Look for blog posts in the coming three weeks to highlight some of these specific breakout sessions […]

Read More

Introducing New APIs to Help Test Your Access Control Policies

AWS Identity and Access Management (IAM) has added two new APIs that enable you to automate validation and auditing of permissions for your IAM users, groups, and roles. Using these two APIs, you can call the IAM policy simulator using the AWS CLI or any of the AWS SDKs. Use the new iam:SimulatePrincipalPolicy API to […]

Read More

Need NIST Compliance in the AWS Cloud? AWS Compliance Has You Covered: NIST 800-171

AWS’s industry-leading security strength benefits you in many ways, one of which is by using a platform that is audited extensively by independent third-party assessors. At times, these audits confirm we can meet new requirements, even as they are issued, and this is the case for the National Institute of Standards and Technology (NIST) guidelines 800-171, […]

Read More