AWS Security Blog
Category: Security, Identity, & Compliance
AWS Security Profile: Byron Cook, Director of the AWS Automated Reasoning Group
Byron Cook leads the AWS Automated Reasoning Group, which automates proof search in mathematical logic and builds tools that provide AWS customers with provable security. Byron has pushed boundaries in this field, delivered real-world applications in the cloud, and fostered a sense of community amongst its practitioners. In recognition of Byron’s contributions to cloud security […]
How to migrate symmetric exportable keys from AWS CloudHSM Classic to AWS CloudHSM
In August 2017, we announced the “new” AWS CloudHSM service, which had a lot of improvements over AWS CloudHSM Classic (for clarity in this post I will refer to the services as New CloudHSM and CloudHSM Classic). These advantages in security, scalability, usability, and economy, included FIPS 140-2 Level 3 certification, fully managed high availability […]
Tips for building a cloud security operating model in the financial services industry
My team helps financial services customers understand how AWS services operate so that you can incorporate AWS into your existing processes and security operations centers (SOCs). As soon as you create your first AWS account for your organization, you’re live in the cloud. So, from day one, you should be equipped with certain information: you […]
How to use AWS Secrets Manager to securely store and rotate SSH key pairs
August 31, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. October 4, 2019: We’ve updated the estimated solution cost for accuracy. AWS Secrets Manager provides […]
AWS and the European Banking Authority Guidelines on Outsourcing
Financial institutions across the globe use AWS to transform the way they do business. It’s exciting to watch our customers in the financial services industry innovate on AWS in unique ways, across all geos and use cases. Regulations continue to evolve in this space, and we’re working hard to help customers proactively respond to new […]
64 AWS services achieve HITRUST certification
We’re excited to announce that 64 AWS services are now certified for the Health Information Trust Alliance (HITRUST) Common Security Framework (CSF). The full list of AWS services that were audited by a third party auditor and certified under HITRUST CSF is available on our Services in Scope by Compliance Program page. You can view […]
Nine AWS Security Hub best practices
July 21, 2020: The advice about enabling Security Hub in every region where you have authorized activity was updated. AWS Security Hub is a security and compliance service that became generally available on June 25, 2019. It provides you with extensive visibility into your security and compliance status across multiple AWS accounts, in a single […]
How to deploy CloudHSM to securely share your keys with your SaaS provider
August 31, 2021:AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. August 6, 2019: We’ve made an update to clarify use cases for VPC peering. If your […]
AWS achieves OSPAR outsourcing standard for Singapore financial industry
August 22, 2019: We’ve updated the number of services for which AWS has received an OSPAR attestation. AWS has achieved the Outsourced Service Provider Audit Report (OSPAR) attestation for 64 services in the Asia Pacific (Singapore) Region. The OSPAR assessment is performed by an independent third party auditor. AWS’s OSPAR demonstrates that AWS has a […]
Introducing the “Preparing for the California Consumer Privacy Act” whitepaper
AWS has published a whitepaper, Preparing for the California Consumer Protection Act, to provide guidance on designing and updating your cloud architecture to follow the requirements of the California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020. The whitepaper is intended for engineers and solution builders, but it also serves as […]