AWS Security Blog

Category: Security, Identity, & Compliance

How to BYOK (bring your own key) to AWS KMS for less than $15.00 a year using AWS CloudHSM

August 31, 2021:AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. Note: BYOK is helpful for certain use cases, but I recommend that you familiarize yourself with […]

How to migrate your EC2 Oracle Transparent Data Encryption (TDE) database encryption wallet to CloudHSM

In this post, I’ll show you how to migrate an encryption wallet for an Oracle database installed on Amazon EC2 from using an outside HSM to using AWS CloudHSM. Transparent Data Encryption (TDE) for Oracle is a common use case for Hardware Security Module (HSM) devices like AWS CloudHSM. Oracle TDE uses what is called […]

AWS Security Profiles: Paul Hawkins, Security Solutions Architect

Leading up to AWS Summit Sydney, we’re sharing our conversation with Paul Hawkins, who helped put together the summit’s “Secure” track, so you can learn more about him and some of the interesting work that he’s doing. What does a day in the life of an AWS Security Solutions Architect look like? That’s an interesting […]

AWS Organizations now available in the AWS GovCloud (US) Regions for central governance and management of AWS accounts

AWS Organizations is now available in the AWS GovCloud (US) Regions, enabling you to centrally govern and manage your AWS GovCloud (US) accounts. AWS Organizations helps you to centrally manage billing; control access, compliance, and security; and share resources across your AWS accounts. Using AWS Organizations, you can: Define organization-wide permission guardrails to establish controls […]

Trimming AWS WAF logs with Amazon Kinesis Firehose transformations

In an earlier post, Enabling serverless security analytics using AWS WAF full logs, Amazon Athena, and Amazon QuickSight, published on March 28, 2019, the authors showed you how to stream WAF logs with Amazon Kinesis Firehose for visualization using QuickSight. This approach used no filtering of the logs so that you could visualize the full […]

AWS Security Profiles: CJ Moses, Deputy CISO and VP of Security Engineering

We recently sat down with CJ Moses, Deputy, Chief Information Security Officer (CISO), to learn about his day-to-day as a cybersecurity executive. He also shared more about his passion for racecar driving and why AWS is partnering with the SRO GT World Challenge America series this year. How long have you been with AWS, and […]

AWS Security Profiles: Olivier Klein, Head of Emerging Technologies in the APAC region

Leading up to AWS Summit Singapore, we’re sharing our conversation with keynote speaker Olivier Klein about his work with emerging technology and about the overlap between “emerging technology” and “cloud security.” You’re the “Head of Emerging Technologies in the APAC region” on your team at AWS. What kind of work do you do? I continuously […]

Provable security podcast: automated reasoning’s past, present, and future with Moshe Vardi

AWS just released the first podcast of a new miniseries called Provable Security: Conversations on Next Gen Security. We published a podcast on provable security last fall, and, due to high customer interest, we decided to bring you a regular peek into this AWS initiative. This series will explore the unique intersection between academia and […]

AWS Security releases IoT security whitepaper

We’ve published a whitepaper, Securing Internet of Things (IoT) with AWS, to help you understand and address data security as it relates to your IoT devices and the data generated by them. The whitepaper is intended for a broad audience who is interested in learning about AWS IoT security capabilities at a service-specific level and […]

New whitepaper: Achieving Operational Resilience in the Financial Sector and Beyond

AWS has released a new whitepaper, Amazon Web Services’ Approach to Operational Resilience in the Financial Sector and Beyond, in which we discuss how AWS and customers build for resiliency on the AWS cloud. We’re constantly amazed at the applications our customers build using AWS services — including what our financial services customers have built, […]