AWS Security Blog
Category: Security, Identity, & Compliance
Provable security podcast: automated reasoning’s past, present, and future with Moshe Vardi
AWS just released the first podcast of a new miniseries called Provable Security: Conversations on Next Gen Security. We published a podcast on provable security last fall, and, due to high customer interest, we decided to bring you a regular peek into this AWS initiative. This series will explore the unique intersection between academia and […]
AWS Security releases IoT security whitepaper
We’ve published a whitepaper, Securing Internet of Things (IoT) with AWS, to help you understand and address data security as it relates to your IoT devices and the data generated by them. The whitepaper is intended for a broad audience who is interested in learning about AWS IoT security capabilities at a service-specific level and […]
New whitepaper: Achieving Operational Resilience in the Financial Sector and Beyond
AWS has released a new whitepaper, Amazon Web Services’ Approach to Operational Resilience in the Financial Sector and Beyond, in which we discuss how AWS and customers build for resiliency on the AWS cloud. We’re constantly amazed at the applications our customers build using AWS services — including what our financial services customers have built, […]
Enabling serverless security analytics using AWS WAF full logs, Amazon Athena, and Amazon QuickSight
September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Traditionally, analyzing data logs required you to extract, transform, and load your data before using a number of data warehouse and business intelligence tools to derive business intelligence from that data—on top of maintaining the servers that ran behind these […]
How to use service control policies to set permission guardrails across accounts in your AWS Organization
AWS Organizations provides central governance and management for multiple accounts. Central security administrators use service control policies (SCPs) with AWS Organizations to establish controls that all IAM principals (users and roles) adhere to. Now, you can use SCPs to set permission guardrails with the fine-grained control supported in the AWS Identity and Access Management (IAM) […]
AWS Security Profiles: Nathan Case, Senior Security Specialist, Solutions Architect
Leading up to the AWS Santa Clara Summit, we’re sharing our conversation with Nathan Case, who will be presenting at the event, so you can learn more about him and some of the interesting work that he’s doing. How long have you been at AWS, and what do you do in your current role? I’ve […]
Setting permissions to enable accounts for upcoming AWS Regions
Update on April 9, 2019: We added some text to clarify that the session token size is going to increase. The AWS Cloud spans 61 Availability Zones within 20 geographic regions around the world, and has announced plans to expand to 12 more Availability Zones and four more Regions: Hong Kong, Bahrain, Cape Town, and […]
How to rotate Amazon DocumentDB and Amazon Redshift credentials in AWS Secrets Manager
November 1, 2021: AWS KMS is replacing the term customer master key (CMK) with AWS KMS key and KMS key. The concept has not changed. To prevent breaking changes, AWS KMS is keeping some variations of this term. More info. Using temporary credentials is an AWS Identity and Access Management (IAM) best practice. Even Dilbert […]
Registration for AWS re:Inforce 2019 now open!
In late November, I announced AWS re:Inforce, a standalone conference where we will deep dive into the latest approaches to security, identity, and risk management utilizing AWS services, features, and tools. Now, after months of planning, the time has arrived to open registration! Ticket sales begin on March 12th at 10:00am PDT, and you can […]
How to visualize Amazon GuardDuty findings: serverless edition
September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. July 20, 2020:This post has been updated to reflect the new Amazon GuardDuty support for exporting findings to an S3 bucket. July 12, 2019: Due to a feature name change, we’ve updated some examples throughout the post. Note: This blog […]