AWS Security Blog

Category: Security

Amazon Spheres and author info

AWS Security Profiles: Don “Beetle” Bailey, Senior Principal Security Engineer; Brian Wagner, FSI Compliance Specialist

In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]

Read More

New Podcast: Preview the security track at re:Invent, learn what’s new and maximize your time

There are about 60 security-focused sessions and talks at re:Invent this year. That’s in addition to more than 2,000 other sessions, activities, chalk talks, and demos planned throughout the week. We want to help you get the most out the event and maximize your time. That’s why we’re previewing the security track and highlighting what’s […]

Read More

Setting the Record Straight on Bloomberg BusinessWeek’s Erroneous Article

Today, Bloomberg BusinessWeek published a story claiming that AWS was aware of modified hardware or malicious chips in SuperMicro motherboards in Elemental Media’s hardware at the time Amazon acquired Elemental in 2015, and that Amazon was aware of modified hardware or chips in AWS’s China Region. As we shared with Bloomberg BusinessWeek multiple times over […]

Read More

Daniel Schwartz-Narbonne shares how automated reasoning is helping achieve the provable security of AWS boot code

I recently sat down with Daniel Schwartz-Narbonne, a software development engineer in the Automated Reasoning Group (ARG) at AWS, to learn more about the groundbreaking work his team is doing in cloud security. The team uses automated reasoning, a technology based on mathematical logic, to prove that key components of the cloud are operating as […]

Read More

Podcast: We developed Amazon GuardDuty to meet scaling demands, now it could assist with compliance considerations such as GDPR

It isn’t simple to meet the scaling requirements of AWS when creating a threat detection monitoring service. Our service teams have to maintain the ability to deliver at a rapid pace. That led to the question what can be done to make a security service as frictionless as possible to business demands? Core parts of […]

Read More

Now Available: New Digital Training to Help You Learn About AWS Cloud Security

Cloud security with scalability and innovation: at AWS, this is our top priority. To help you securely architect cloud solutions, AWS Training and Certification recently added new free digital training about security, including a new course about Amazon GuardDuty, a new managed threat-detection service. These introductory courses, built by AWS experts, are suitable for users and decision makers […]

Read More

How to Audit Your AWS Resources for Security Compliance by Using Custom AWS Config Rules

AWS Config Rules enables you to implement security policies as code for your organization and evaluate configuration changes to AWS resources against these policies. You can use Config rules to audit your use of AWS resources for compliance with external compliance frameworks such as CIS AWS Foundations Benchmark and with your internal security policies related […]

Read More

Automated Reasoning and Amazon s2n

In June 2015, AWS Chief Information Security Officer Stephen Schmidt introduced AWS’s new Open Source implementation of the SSL/TLS network encryption protocols, Amazon s2n. s2n is a library that has been designed to be small and fast, with the goal of providing you with network encryption that is more easily understood and fully auditable. In […]

Read More

Frequently Asked Questions About HIPAA Compliance in the AWS Cloud

Today, we continue a series of AWS cloud compliance FAQs by focusing on the Health Insurance Portability and Accountability Act (HIPAA) and protected health information (PHI). AWS’s Healthcare and Life Science customers are doing important things for their customers in the AWS cloud, and we are excited to work with our partners to help tackle […]

Read More