AWS Security Blog

How to Help Prepare for DDoS Attacks by Reducing Your Attack Surface

Distributed denial of service (DDoS) attacks are sometimes used by malicious actors in an attempt to flood a network, system, or application with more traffic, connections, or requests than it can handle. Not surprisingly, customers often ask us how we can help them protect their applications against these types of attacks. To help you optimize […]

Read More

New Australian IRAP FAQ and Hub Page

Positive news for our Australian customers: we recently launched a compliance hub and FAQ page for Australian government customers and their assessors for the Information Security Registered Assessors Program (IRAP) on implementing the Australian Signals Directorate’s (ASD) Information Security Manual (ISM). The new hub and FAQ address many of the questions that Australian government customers […]

Read More

Organize Your Permissions by Using Separate Managed Policies

This year we released managed policies to enable you to create a set of stand-alone policies that you can attach to multiple IAM entities (users, groups, and roles) in your AWS account. Since that release, we have heard from many of you that you’d prefer to mix and match policies instead of just using one universal […]

Read More

Don’t Miss AWS re:Invent—Sign Up for the Livestream Broadcasts

September 16 update: The full schedule is now included below. Even though AWS re:Invent 2015 is sold out, you can still get the latest announcements and product information by viewing our Livestream Broadcasts of the keynotes and select technical breakout sessions. Sign up for the Livestream Broadcasts now.

Read More

How to Manage Identities in Simple AD Directories

As I said in yesterday’s blog post, How to Migrate Your Microsoft Active Directory Users to Simple AD, AWS Directory Service allows you to create a standalone, highly available AWS-managed directory called Simple AD in a matter of minutes. With Simple AD, you can centrally manage user accounts and group memberships for Amazon EC2 instances […]

Read More

How to Migrate Your Microsoft Active Directory Users to Simple AD

AWS Directory Service allows you to create a standalone, highly available AWS-managed directory called Simple AD in a matter of minutes. With Simple AD, you can centrally manage user accounts and group memberships for Amazon EC2 instances joined to a domain. It also allows you to use a single set of credentials to log in […]

Read More

Register for and Attend This August 20 Webinar–Best Practices for DDoS Resiliency

As part of the AWS Webinar Series, AWS will present Best Practices for DDoS Resiliency on Thursday, August 20. This webinar will start at 10:30 A.M. and end at 11:30 A.M. Pacific Time (UTC-7). AWS Security Solutions Architect Jonathan Desrocher will outline how to use AWS services like Elastic Load Balancing (ELB), Auto Scaling, Amazon CloudFront, […]

Read More

New Whitepaper: CJIS Compliance on AWS

AWS is an attractive environment for regulated data, including Criminal Justice Information (CJI) subject to the Criminal Justice Information Services (CJIS) Security Policy. AWS customers have used the AWS cloud for a wide range of sensitive federal and state government workloads, including CJI data. Law enforcement customers and partners who manage CJI are taking advantage […]

Read More

How to Implement a General Solution for Federated API/CLI Access Using SAML 2.0

Note: Active Directory Federation Services (AD FS) 3.0 uses form-based authentication by default. If you are using AD FS 3.0 in this configuration, use the solution presented in this post. In my earlier post, How to Implement Federated API and CLI Access Using SAML 2.0 and AD FS, I walked through how to implement federated API […]

Read More

2015 AWS PCI Compliance Package Now Available

We’re happy to announce the availability (upon request) of the 2015 AWS PCI Compliance Package, an assessment completed against the newly released PCI Data Security Standard (PCI DSS) Version 3.1. The PCI DSS is a globally accepted security standard that customers use to support a wide range of sensitive workloads, including the processing and storage […]

Read More