AWS Security Blog

Watch the AWS Summit – Santa Clara Keynote in Real Time on July 13

Join us online Wednesday, July 13, at 10:00 A.M. Pacific Time for the AWS Summit – Santa Clara Livestream! This keynote presentation, given by Dr. Matt Wood, AWS General Manager of Product Strategy, will highlight the newest AWS features and services, and select customer stories. Don’t miss this live presentation!

Read More

How to Prevent Uploads of Unencrypted Objects to Amazon S3

There are many use cases to prevent uploads of unencrypted objects to an Amazon S3 bucket, but the underlying objective is to protect the confidentiality and integrity of the objects stored in that bucket. AWS provides several services that help make this process easier, such as AWS Identity and Access Management (IAM) and AWS Key […]

Read More

The Top 20 AWS IAM Documentation Pages so Far This Year

The following 20 pages have been the most viewed AWS Identity and Access Management (IAM) documentation pages so far this year. I have included a brief description with each link to give you a clearer idea of what each page covers. Use this list to see what other people have been viewing and perhaps to […]

Read More

The Most Viewed AWS Security Blog Posts so Far in 2016

The following 10 posts are the most viewed AWS Security Blog posts that we published during the first six months of this year. You can use this list as a guide to catch up on your blog reading or even read a post again that you found particularly useful. How to Set Up DNS Resolution […]

Read More

AWS Earns Department of Defense Impact Level 4 Provisional Authorization

I am pleased to share that, for our AWS GovCloud (US) Region, AWS has received a Defense Information Systems Agency (DISA) Provisional Authorization (PA) at Impact Level 4 (IL4). This will allow Department of Defense (DoD) agencies to use the AWS Cloud for production workloads with export-controlled data, privacy information, and protected health information as well as […]

Read More

AWS re:Invent 2016 Registration Is Now Open

Updated December 2, 2016: We will publish a blog post the week of December 5, 2016, that links to all videos and slide decks from security and compliance sessions at re:Invent 2016. We will link to that blog post from this one.   Register now for the fifth annual AWS re:Invent, the largest gathering of […]

Read More

AWS Achieves FedRAMP High JAB Provisional Authorization

We are pleased to announce that AWS has received a FedRAMP High JAB Provisional Authorization to Operate (P-ATO) from the Joint Authorization Board (JAB) for the AWS GovCloud (US) Region. The new Federal Risk and Authorization Management Program (FedRAMP) High JAB Provisional Authorization is mapped to more than 400 National Institute of Standards and Technology (NIST) security controls. This […]

Read More

Register for and Attend This June 27 Webinar—Getting Started with Amazon Inspector

Update: This webinar is now available as an on-demand video and slide deck. As part of the AWS Webinar Series, AWS will present Getting Started with Amazon Inspector on Monday, June 27. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time. AWS Principal Security Engineer Eric Fitzgerald will show how […]

Read More

AWS IAM Service Last Accessed Data Now Available for South America (Sao Paulo) and Asia Pacific (Seoul) Regions

In December, AWS Identity and Access Management (IAM) released service last accessed data, which helps you identify overly permissive policies attached to an IAM entity (a user, group, or role). Today, we have extended service last accessed data to support two additional regions: South America (Sao Paulo) and Asia Pacific (Seoul). With this release, you […]

Read More

New Twitter Handle Now Live: @AWSSecurityInfo

Today, we launched a new Twitter handle: @AWSSecurityInfo. The purpose of this new handle is to share security bulletins, security whitepapers, compliance news and information, and other AWS security-related and compliance-related information. The scope of this handle is broader than that of @AWSIdentity, which focuses primarily on Security Blog posts. However, feel free to follow both handles! […]

Read More