AWS Security Blog

Verify Resource-Based Permissions Using the IAM Policy Simulator

Today, AWS Identity and Access Management (IAM) made it easier to help you verify your permissions by adding support for resource-based policies in the IAM policy simulator. This extends the capabilities of the IAM policy simulator console and APIs to help you understand, test, and validate how your resource-based policies and IAM policies work together […]

Read More

How to Configure Security Settings in Amazon WorkDocs

Amazon WorkDocs (formerly Amazon Zocalo) is a fully managed, secure enterprise storage and sharing service that incorporates feedback capabilities to improve user productivity. You can comment on files, send them to others for feedback, and upload new versions without having to resort to emailing multiple versions of files as attachments. WorkDocs includes security features such […]

Read More

Register to Attend an AWS Security Roadshow

Register to attend an AWS Security Roadshow, a free technical event where you can learn how to use AWS services—including those recently launched—to help improve the agility and maturity of your security and compliance programs. AWS Security Roadshow topics will include: AWS Security Overview What’s New Network Security and Access Control Within AWS Protecting Your Data in AWS Putting It […]

Read More

AWS Obtains ISO 27018 Privacy Certification

I am pleased to announce that AWS has successfully completed a new assessment, ISO/IEC 27018:2014, a code of practice regarding the protection of personally identifiable information (PII) in the cloud and our adherence to the commitments we make to our customers with regard to their content. This privacy code of practice is now an integral […]

Read More

AWS Key Management Service Now Supports Deletion of Encryption Keys

Today, AWS launched a new feature that lets you delete your encryption keys managed in AWS Key Management Service (KMS). You can now manage the complete lifecycle of your keys from creation to usage to disablement to deletion. In this blog post, I will explain the changes introduced with this new feature, tell you what […]

Read More

Now Available: Videos and Slide Decks from the re:Invent 2015 Security and Compliance Track

Whether you want to review a Security and Compliance track session you attended at re:Invent 2015, or you want to experience a session for the first time, videos and slide decks from the Security and Compliance track are now available. SEC201: AWS Security State of the Union: How Should We All Think About Security? Video Slide […]

Read More

Customer Update—AWS and EU Safe Harbor

Recently, the European Court of Justice determined that the 15-year-old US-EU Safe Harbor framework is no longer valid for the transfer of personal data from the European Economic Area (EEA) to the US. At AWS, we know customers care deeply about privacy and data security; we optimize our work to get these issues right for […]

Read More

Thursday, October 8: Today’s Security and Compliance Sessions at re:Invent 2015

If you are attending re:Invent 2015 in Las Vegas, you can attend any of the following Security & Compliance track sessions taking place today. Didn’t register before the conference sold out? All sessions are being recorded and will be made available on YouTube after the conference. Also, all slide decks from the sessions will be made available […]

Read More

New Security Services Launched at AWS re:Invent 2015—Amazon Inspector, AWS WAF, and AWS Config Rules

Today at re:Invent, AWS announced two new security services and one new feature to help you improve your security posture and protect applications deployed on AWS. Amazon Inspector is an automated security assessment service that helps minimize the likelihood of introducing security or compliance issues when deploying applications on AWS. Amazon Inspector automatically assesses applications […]

Read More

Today’s Security and Compliance Sessions at re:Invent 2015

If you are attending re:Invent 2015 in Las Vegas, you can attend any of the following Security & Compliance track sessions taking place today. Didn’t register before the conference sold out? All sessions are being recorded and will be made available on YouTube after the conference. Also, all slide decks from the sessions will be made available […]

Read More