AWS Security Blog

Category: Security, Identity, & Compliance

New guidance to help you navigate Australian Prudential Regulation Authority requirements

There have been two noteworthy 2019 updates for Australian Prudential Regulation Authority (APRA) regulated entities such as banks, insurance companies, credit unions, deposit takers, and the superannuation industry. On June 25, APRA released an updated version of the Prudential Practice Guide CPG 234 Information Security, which provides guidance on how to implement the revised Prudential […]

Read More

Fall 2019 SOC reports now available with 116 services in scope

We’re excited to announce the addition of 12 new services in scope under our latest System and Organizational Controls (SOC) audit cycle, for a total of 116 total services in scope. In addition to the new services, AWS has also expanded the list of controls covered within the reports to include more controls over employee […]

Read More

AWS Security Profiles: Avni Rambhia, Senior Product Manager, CloudHSM

In the weeks leading up to re:Invent 2019, we’ll share conversations we’e had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do enjoy most in […]

Read More

How to enable encryption in a browser with the AWS Encryption SDK for JavaScript and Node.js

October 29, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. In this post, we’ll show you how to use the AWS Encryption SDK (“ESDK”) for […]

Read More
Artifact

AWS Artifact is now available in AWS GovCloud (US) Regions

AWS Artifact is now available in the AWS GovCloud (US) Regions, where you’ll now have on-demand access to AWS compliance reports and select online AWS agreements with a single-click in the AWS Management Console. The AWS GovCloud (US) Regions are isolated and designed to host sensitive data and regulated workloads in the cloud, assisting customers […]

Read More
Maritza Mills, Senior Product Manager

AWS Security Profiles: Maritza Mills, Senior Product Manager, Perimeter Protection

In the weeks leading up to re:Invent 2019, we’ll share conversations we’e had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current […]

Read More
s2n logo

Post-quantum TLS now supported in AWS KMS

November 11, 2019: Based on customer feedback, we’ve corrected the name of one of our sources. AWS Key Management Service (AWS KMS) now supports post-quantum hybrid key exchange for the Transport Layer Security (TLS) network encryption protocol that is used when connecting to KMS API endpoints. In this post, I’ll tell you what post-quantum TLS […]

Read More
Las Vegas strip

AWS re:Invent 2019 security guide: sessions, workshops, and chalk talks

With re:Invent 2019 just weeks away, the excitement is building and we’re looking forward to seeing you all soon! If you’re attending re:Invent with the goal of improving your organization’s cloud security operations, here are some highlights from the re:Invent 2019 session catalog. Reserved seating is now open, so get your seats in advance for […]

Read More

Accept an ANDB Addendum for all accounts within your AWS Organization

For customers who use AWS to store or process personal information covered by the Australian Privacy Act 1988, I’m excited to announce that you can now accept a single AWS Australian Notifiable Data Breach Addendum (ANDB Addendum) for all accounts within your AWS Organization. Once accepted, all current and future accounts created or added to […]

Read More

AWS Security Profiles: Greg McConnel, Senior Manager, Security Specialists Team

In the weeks leading up to re:Invent 2019, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current […]

Read More