AWS Security Blog
Category: Security, Identity, & Compliance
New PCI DSS report now available, 31 services added to scope
September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. In just the last 6 months, we’ve increased the number of Payment Card Industry Data Security Standard (PCI DSS) certified services by 50%. We were evaluated by third-party auditors from Coalfire and the latest report is now available on AWS […]
Scaling a governance, risk, and compliance program for the cloud, emerging technologies, and innovation
April 25, 2023: We’ve updated this blog post to include more security learning resources. Governance, risk, and compliance (GRC) programs are sometimes looked upon as the bureaucracy getting in the way of exciting cybersecurity work. But a good GRC program establishes the foundation for meeting security and compliance objectives. It is the proactive approach to […]
Are KMS custom key stores right for you?
October 29, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. You can use the AWS Key Management Service (KMS) custom key store feature to gain […]
Announcing the First AWS Security Conference: AWS re:Inforce 2019
Update: re:Inforce 2019 tickets are now available for purchase. You can learn more about the event here, and re:Inforce registration is now officially open! On the eve of re:Invent 2018, I’m pleased to announce that AWS is launching our first conference dedicated to cloud security: AWS re:Inforce. The event will offer a deep dive into the […]
AWS Security Profiles: Quint Van Deman, Principal Business Development Manager
In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]
AWS Security Profiles: Henrik Johansson, Principal, Office of the CISO
In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]
AWS Security Profiles: Sam Koppes, Senior Product Manager
In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]
AWS Security Profiles: Alana Lan, Software Development Engineer; Shane Xu, Technical Program Manager
In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]
AWS Security Profiles: Matt Bretan, Principal Manager, AWS Professional Services
In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]
How federal agencies can leverage AWS to extend CDM programs and CIO Metric Reporting
Continuous Diagnostics and Mitigation (CDM), a U.S. Department of Homeland Security cybersecurity program, is gaining new visibility as part of the federal government’s overall focus on securing its information and networks. How an agency performs against CDM will soon be regularly reported in the updated Federal Information Technology Acquisition Reform Act (FITARA) scorecard. That’s in […]