AWS Security Blog

Category: Security, Identity, & Compliance

New AWS services launch with HIPAA, PCI, ISO, and SOC – a company first

Our security culture is one of the things that sets AWS apart. Security is job zero — it is the foundation for all AWS employees and impacts the work we do every day, across the company. And that’s reflected in our services, which undergo exacting internal and external security reviews before being released. From there, […]

Read More

How to use AWS WAF to filter incoming traffic from embargoed countries

AWS WAF provides inline inspection of inbound traffic at the application layer to detect and filter against critical web application security flaws from common web exploits that could affect application availability, compromise security, or consume excessive resources. The inbound traffic is inspected against web access control list (web ACL) rules that you can create manually […]

Read More

How to centralize and automate IAM policy creation in sandbox, development, and test environments

To keep pace with AWS innovation, many customers allow their application teams to experiment with AWS services in sandbox environments as they move toward production-ready architecture. These teams need timely access to various sets of AWS services and resources, which means they also need a mechanism to help ensure least privilege is granted. In other […]

Read More

Top 11 posts in 2018

We covered a lot of ground in 2018: from GDPR to re:Inforce and numerous feature announcements, AWS GuardDuty deep-dives to SOC reports, automated reasoning explanations, and a series of interviews with AWS thought leaders. We’ve got big plans for 2019, but there’s room for more: please let us know what you want to read about […]

Read More

New SOC 2 Report Available: Privacy

Maintaining your trust is an ongoing commitment of ours, and your voice drives our growing portfolio of compliance reports, attestations, and certifications. As a result of your feedback and deep interest in privacy and data security, we are happy to announce the publication of our new SOC 2 Type I Privacy report. Keeping you informed […]

Read More
Eric Docktor

AWS Security Profile (and re:Invent 2018 wrap-up): Eric Docktor, VP of AWS Cryptography

We sat down with Eric Docktor to learn more about his 19-year career at Amazon, what’s new with cryptography, and to get his take on this year’s re:Invent conference. (Need a re:Invent recap? Check out this post by AWS CISO Steve Schmidt.) How long have you been at AWS, and what do you do in […]

Read More

New podcast: VP of Security answers your compliance and data privacy questions

Does AWS comply with X program? How about GDPR? What about after Brexit? And what happens with machine learning data? In the latest AWS Security & Compliance Podcast, we sit down with VP of Security Chad Woolf, who answers your compliance and data privacy questions. Including one of the most frequently asked questions from customers […]

Read More
IPSec diagram

Creating an opportunistic IPSec mesh between EC2 instances

IPSec (IP Security) is a protocol for in-transit data protection between hosts. Configuration of site-to-site IPSec between multiple hosts can be an error-prone and intensive task. If you need to protect N EC2 instances, then you need a full mesh of N*(N-1)IPSec tunnels. You must manually propagate every IP change to all instances, configure credentials […]

Read More

AWS re:Invent Security Recap: Launches, Enhancements, and Takeaways

For more from Steve, follow him on Twitter Customers continue to tell me that our AWS re:Invent conference is a winner. It’s a place where they can learn, meet their peers, and rediscover the art of the possible. Of course, there is always an air of anticipation around what new AWS service releases will be […]

Read More

Automate analyzing your permissions using IAM access advisor APIs

As an administrator that grants access to AWS, you might want to enable your developers to get started with AWS quickly by granting them broad access. However, as your developers gain experience and your applications stabilize, you want to limit permissions to only what they need. To do this, access advisor will determine the permissions […]

Read More