AWS Security Blog
Category: Security
Podcast: We developed Amazon GuardDuty to meet scaling demands, now it could assist with compliance considerations such as GDPR
It isn’t simple to meet the scaling requirements of AWS when creating a threat detection monitoring service. Our service teams have to maintain the ability to deliver at a rapid pace. That led to the question what can be done to make a security service as frictionless as possible to business demands? Core parts of […]
Take a Digital Tour of an AWS Data Center to See How AWS Secures Data Centers Around The World
AWS has launched a digital tour of an AWS data center, providing you with a first-ever look at how AWS secures data centers around the world. The videos, pictures, and information in this tour show you how security is intrinsic to the design of our data centers, our global controls, and the AWS culture. As […]
Now Available: New Digital Training to Help You Learn About AWS Cloud Security
Cloud security with scalability and innovation: at AWS, this is our top priority. To help you securely architect cloud solutions, AWS Training and Certification recently added new free digital training about security, including a new course about Amazon GuardDuty, a new managed threat-detection service. These introductory courses, built by AWS experts, are suitable for users and decision makers […]
How to Audit Your AWS Resources for Security Compliance by Using Custom AWS Config Rules
AWS Config Rules enables you to implement security policies as code for your organization and evaluate configuration changes to AWS resources against these policies. You can use Config rules to audit your use of AWS resources for compliance with external compliance frameworks such as CIS AWS Foundations Benchmark and with your internal security policies related […]
Automated Reasoning and Amazon s2n
In June 2015, AWS Chief Information Security Officer Stephen Schmidt introduced AWS’s new Open Source implementation of the SSL/TLS network encryption protocols, Amazon s2n. s2n is a library that has been designed to be small and fast, with the goal of providing you with network encryption that is more easily understood and fully auditable. In […]
Frequently Asked Questions About HIPAA Compliance in the AWS Cloud
Today, we continue a series of AWS cloud compliance FAQs by focusing on the Health Insurance Portability and Accountability Act (HIPAA) and protected health information (PHI). AWS’s Healthcare and Life Science customers are doing important things for their customers in the AWS cloud, and we are excited to work with our partners to help tackle […]
AWS Secures DoD Provisional Authorization
I’m very excited to share that AWS has received a DISA Provisional Authorization under the DoD Cloud Security Model’s impact levels 1-2 for all four of AWS’s Infrastructure Regions in the U.S., including AWS GovCloud (US). With this distinction, AWS has shown it can meet the DoD’s stringent security and compliance requirements; and as a […]
Amazon EC2 Resource-Level Permissions for RunInstances
Yesterday the EC2 team announced fine grained controls for managing RunInstances. This release enables you to set fine-grained controls over the AMIs, Snapshots, Subnets, and other resources that can be used when creating instances and the types of instances and volumes that users can create when using the RunInstances API. This is a major milestone […]
New Whitepaper: AWS Cloud Security Best Practices
November 3, 2020: This blog is out of date. Please refer to this post for updated info: Introducing the AWS Best Practices for Security, Identity, & Compliance Webpage and Customer Polling Feature We have just published an updated version of our AWS Security Best Practices whitepaper. You wanted us to provide a holistic and familiar […]
Announcing New IAM Policy Simulator
Check out the new IAM policy simulator, a tool that enables you to test the effects of IAM access control policies before committing them into production, making it easier to verify and troubleshoot permissions. Learn more at the AWS Blog. – Kai