AWS Security Blog

Category: Security, Identity, & Compliance

AWS Updated Its ISO Certifications and Now Has 67 Services Under ISO Compliance

AWS has updated its certifications against ISO 9001, ISO 27001, ISO 27017, and ISO 27018 standards, bringing the total to 67 services now under ISO compliance. We added the following 29 services this cycle: • Amazon Aurora • Amazon S3 Transfer Acceleration • AWS Lambda@Edge • Amazon Cloud Directory • Amazon SageMaker • AWS Managed […]

How to Set Up Continuous Golden AMI Vulnerability Assessments with Amazon Inspector

As companies mature in their cloud journey, they implement layered security capabilities and practices in their cloud architectures. One such practice is to continually assess golden Amazon Machine Images (AMIs) for security vulnerabilities. AMIs provide the information required to launch an Amazon EC2 instance, which is a virtual server in the AWS Cloud. A golden […]

AWS Organizations Now Supports Self-Service Removal of Accounts from an Organization

August 24, 2020: We’ve updated this post to reflect changes to the requirements for removing an account from an organization. Today, AWS Organizations made it easier for you to remove AWS accounts from an organization. You can remove accounts from an organization without requiring assistance from AWS Support, and the accounts you remove can operate […]

Videos and Slide Decks from the AWS re:Invent 2017 Security, Compliance, & Identity Track

Whether you want to review a Security, Compliance, & Identity track session you attended at AWS re:Invent 2017, or you want to experience a session for the first time, videos and slide decks from the Security, Compliance, & Identity track are now available. Introductory SID201: IAM for Enterprises: How Vanguard Strikes the Balance Between Agility, Governance, […]

Now Available: New Digital Training to Help You Learn About AWS Cloud Security

Cloud security with scalability and innovation: at AWS, this is our top priority. To help you securely architect cloud solutions, AWS Training and Certification recently added new free digital training about security, including a new course about Amazon GuardDuty, a new managed threat-detection service. These introductory courses, built by AWS experts, are suitable for users and decision makers […]

A New AWS Government, Education, and Nonprofits Blog Post: “AWS Achieves Full Empanelment for the Delivery of Cloud Services by India’s Ministry of Electronics and Information Technology”

AWS recently announced that Amazon Internet Services Private Limited (AISPL), an Indian subsidiary of the Amazon Group that undertakes the resale and marketing of AWS Cloud services in India, has achieved full Cloud Service Provider (CSP) empanelment and successfully completed the Standardization Testing and Quality Certification (STQC) audit from the Indian Ministry of Electronics and […]

Introducing the New GDPR Center and “Navigating GDPR Compliance on AWS” Whitepaper

At AWS re:Invent 2017, the AWS Compliance team participated in excellent engagements with AWS customers about the General Data Protection Regulation (GDPR), including discussions that generated helpful input. Today, I am announcing resulting enhancements to our recently launched GDPR Center and the release of a new whitepaper, Navigating GDPR Compliance on AWS. The resources available […]

How to Manage Amazon GuardDuty Security Findings Across Multiple Accounts

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Introduced at AWS re:Invent 2017, Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads. In an AWS Blog post, Jeff Barr shows you how to […]

Attend This Free December 14 Online Tech Talk: “Centralized AWS IAM Governance Using AWS CloudFormation StackSets and AWS Organizations”

As part of the AWS Online Tech Talks series, AWS will present Centralized AWS IAM Governance Using AWS CloudFormation StackSets and AWS Organizations on Thursday, December 14. This tech talk will start at 9:00 A.M. Pacific Time and end at 9:40 A.M. Pacific Time. With the introduction of AWS Organizations and AWS CloudFormation StackSets, you can create and manage […]