Category: Security, Identity, & Compliance

Update: This webinar is now available as an on-demand video and slide deck. As part of the AWS Webinar Series, AWS will present Introduction to Three AWS Security Services on Thursday, November 10. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time. AWS Solutions Architect Pierre Liddle shows how AWS Identity and […]

Multi-factor authentication (MFA) provides an additional layer of security for sensitive API calls, such as terminating Amazon EC2 instances or deleting important objects stored in an Amazon S3 bucket. In some cases, you may want to require users to authenticate with an MFA code before performing specific API requests, and by using AWS Identity and […]

Web and application users and organizations have expressed a growing desire to conduct most of their HTTP communication securely by using HTTPS. At its 2016 Worldwide Developers Conference, Apple announced that starting in January 2017, apps submitted to its App Store will be required to support App Transport Security (ATS). ATS requires all connections to […]

Update: This webinar is now available as an on-demand video and slide deck. As part of the AWS Webinar Series, AWS will present Automating Compliance Defense in the Cloud on Tuesday, September 27. This webinar will start at 9:00 A.M. and end at 10:00 A.M. Pacific Time. AWS Cloud Compliance Strategist Jodi Scrofani will share best practices […]

Update: This webinar is now available as an on-demand video and slide deck. As part of the AWS Webinar Series, AWS will present Addressing Amazon Inspector Assessment Findings on Wednesday, September 28. This webinar will start at 9:00 A.M. and end at 10:00 A.M. Pacific Time. AWS Principal Security Engineer Eric Fitzgerald will review Amazon Inspector security […]

In June 2015, AWS Chief Information Security Officer Stephen Schmidt introduced AWS’s new Open Source implementation of the SSL/TLS network encryption protocols, Amazon s2n. s2n is a library that has been designed to be small and fast, with the goal of providing you with network encryption that is more easily understood and fully auditable. In […]

In December, AWS Identity and Access Management (IAM) released service last accessed data, which helps you identify overly permissive policies attached to an IAM entity (a user, group, or role). Today, we have extended service last accessed data to support the recently launched Asia Pacific (Mumbai) Region. With this release, you can now view the […]

In case you missed any AWS Security Blog posts from June, July, and August, they are summarized and linked to below. The posts are shown in reverse chronological order (most recent first), and the subject matter ranges from a tagging limit increase to recording SSH sessions established through a bastion host. August August 16: Updated […]

Note: On December 28, 2017, we updated the table and downloadable documents in this blog post. Tagging AWS resources simplifies the way you organize and discover resources, allocate costs, and control resource access across services. Many of you have told us that as the number of applications, teams, and projects running on AWS increases, you […]

Today, we are happy to announce the launch of the new import key feature that enables you to import keys from your own key management infrastructure (KMI) into AWS Key Management Service (KMS). After you have exported keys from your existing systems and imported them into KMS, you can use them in all KMS-integrated AWS […]