AWS Security Blog

Category: Security, Identity, & Compliance

AWS Logo

AWS completes CCAG 2022 pooled audit by European FSI customers

We are excited to announce that Amazon Web Services (AWS) has completed its annual Collaborative Cloud Audit Group (CCAG) Cloud Community audit with European financial service institutions (FSIs). Security at AWS is the highest priority. As customers embrace the scalability and flexibility of AWS, we are helping them evolve security, identity, and compliance into key […]

DESC Logo

AWS now licensed by DESC to operate as a Tier 1 cloud service provider in the Middle East (UAE) Region

We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that our Middle East (UAE) Region is now certified by the Dubai Electronic Security Centre (DESC) to operate as a Tier 1 cloud service provider (CSP). This alignment with DESC requirements demonstrates our continuous commitment […]

AWS Security Profile: Jana Kay, Cloud Security Strategist

In the AWS Security Profile series, we interview Amazon Web Services (AWS) thought leaders who help keep our customers safe and secure. This interview features Jana Kay, Cloud Security Strategist. Jana shares her unique career journey, insights on the Security and Resiliency of the Cloud Tabletop Exercise (TTX) program, thoughts on the data protection and […]

How to visualize IAM Access Analyzer policy validation findings with QuickSight

In this blog post, we show you how to create an Amazon QuickSight dashboard to visualize the policy validation findings from AWS Identity and Access Management (IAM) Access Analyzer. You can use this dashboard to better understand your policies and how to achieve least privilege by periodically validating your IAM roles against IAM best practices. […]

Updated ebook: Protecting your AWS environment from ransomware

Amazon Web Services is excited to announce that we’ve updated the AWS ebook, Protecting your AWS environment from ransomware. The new ebook includes the top 10 best practices for ransomware protection and covers new services and features that have been released since the original published date in April 2020. We know that customers care about […]

AWS Secrets Manager logo

Improve security of Amazon RDS master database credentials using AWS Secrets Manager

Amazon Relational Database Service (Amazon RDS) makes it simpler to set up, operate, and scale a relational database in the AWS Cloud. AWS Secrets Manager helps you manage, retrieve, and rotate database credentials, API keys, and other secrets. Amazon RDS now offers integration with Secrets Manager to manage master database credentials. You no longer have to manage master database credentials, such as […]

The anatomy of ransomware event targeting data residing in Amazon S3

Ransomware events have significantly increased over the past several years and captured worldwide attention. Traditional ransomware events affect mostly infrastructure resources like servers, databases, and connected file systems. However, there are also non-traditional events that you may not be as familiar with, such as ransomware events that target data stored in Amazon Simple Storage Service […]

AWS IAM Identity Center

Define a custom session duration and terminate active sessions in IAM Identity Center

September 12, 2023: This post has been updated to reflect the increased maximum session duration limit from 7 days to 90 days in IAM Identity Center. Managing access to accounts and applications requires a balance between delivering simple, convenient access and managing the risks associated with active user sessions. Based on your organization’s needs, you […]

How to set up ongoing replication from your third-party secrets manager to AWS Secrets Manager

How to set up ongoing replication from your third-party secrets manager to AWS Secrets Manager

Secrets managers are a great tool to securely store your secrets and provide access to secret material to a set of individuals, applications, or systems that you trust. Across your environments, you might have multiple secrets managers hosted on different providers, which can increase the complexity of maintaining a consistent operating model for your secrets. […]

Reduce risk by implementing HttpOnly cookie authentication in Amazon API Gateway

September 8, 2023: It’s important to know that if you activate user sign-up in your user pool, anyone on the internet can sign up for an account and sign in to your apps. Don’t enable self-registration in your user pool unless you want to open your app to allow users to sign up. Some web […]