AWS Security Blog
Category: Security, Identity, & Compliance
Investigate VPC flow with Amazon Detective
Many Amazon Web Services (AWS) customers need enhanced insight into IP network flow. Traditionally, cost, the complexity of collection, and the time required for analysis has led to incomplete investigations of network flows. Having good telemetry is paramount, and VPC Flow Logs are a very important part of a robust centralized logging architecture. The information […]
Round 2 post-quantum TLS is now supported in AWS KMS
January 30, 2024: The API in this blog post has been changed in newer version of the AWS CRT Client. See this page for more info. January 25, 2023: AWS KMS, ACM, Secrets Manager TLS endpoints have been updated to only support NIST’s Round 3 picked KEM, Kyber. s2n-tls and s2n-quic have also been updated […]
Fall 2020 SOC 2 Type I Privacy report now available
Your privacy considerations are at the core of our compliance work, and at AWS, we are focused on the protection of your content while using Amazon Web Services. Our Fall 2020 SOC 2 Type I Privacy report is now available, demonstrating the privacy compliance commitments we made to you. The Fall 2020 SOC 2 Type […]
Fall 2020 SOC reports now available with 124 services in scope
At AWS, we’re committed to providing our customers with continued assurance over the security, availability and confidentiality of the AWS control environment. We’re proud to deliver the System and Organizational (SOC) 1, 2 and 3 reports to enable our AWS customers to maintain confidence in AWS services. For the Fall 2020 SOC reports, covering 04/01/2020 […]
How to record a video of Amazon AppStream 2.0 streaming sessions
Amazon AppStream 2.0 is a fully managed service that lets you stream applications and desktops to your users. In this post, I’ll show you how to record a video of AppStream 2.0 streaming sessions by using FFmpeg, a popular media framework. There are many use cases for session recording, such as auditing administrative access, troubleshooting […]
Combining encryption and signing with AWS KMS asymmetric keys
August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. In this post, I discuss how to use AWS Key Management Service (KMS) to combine […]
Verified episode 2: A conversation with Emma Smith, Director of Global Cyber Security at Vodafone
Over the past 8 months, it’s become more important for us all to stay in contact with peers around the globe. Today, I’m proud to bring you the second episode of our new video series, Verified: Presented by AWS re:Inforce. Even though we couldn’t be together this year at re:Inforce, our annual security conference, we […]
How to secure your Amazon WorkSpaces for external users
In response to the current shift towards a remote workforce, companies are providing greater access to corporate applications from a range of different devices. Amazon WorkSpaces is a desktop-as-a-service solution that can be used to quickly deploy cloud-based desktops to your external users, including employees, third-party vendors, and consultants. Amazon WorkSpaces desktops are accessible from […]
Integrating CloudEndure Disaster Recovery into your security incident response plan
An incident response plan (also known as procedure) contains the detailed actions an organization takes to prepare for a security incident in its IT environment. It also includes the mechanisms to detect, analyze, contain, eradicate, and recover from a security incident. Every incident response plan should contain a section on recovery, which outlines scenarios ranging […]
AWS Security Profiles: Cassia Martin, Senior Security Solutions Architect
In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting, and get a sneak peek at their work. How long have you been at AWS and what do you do in your current role? I’ve been at Amazon for nearly 4 years, and at AWS […]