AWS Security Blog

Tag: Amazon Athena

How to visualize IAM Access Analyzer policy validation findings with QuickSight

In this blog post, we show you how to create an Amazon QuickSight dashboard to visualize the policy validation findings from AWS Identity and Access Management (IAM) Access Analyzer. You can use this dashboard to better understand your policies and how to achieve least privilege by periodically validating your IAM roles against IAM best practices. […]

How to query and visualize Macie sensitive data discovery results with Athena and QuickSight

February 21, 2023: We’ve updated the CREATE TABLE DDL to add the new originType field introduced as part of the Automated Sensitive Data Discovery feature of Macie. Amazon Macie is a fully managed data security service that uses machine learning and pattern matching to help you discover and protect sensitive data in Amazon Simple Storage Service (Amazon S3). With […]

Amazon Macie logo

How to use Amazon Macie to preview sensitive data in S3 buckets

Security teams use Amazon Macie to discover and protect sensitive data, such as names, payment card data, and AWS credentials, in Amazon Simple Storage Service (Amazon S3). When Macie discovers sensitive data, these teams will want to see examples of the actual sensitive data found. Reviewing a sampling of the discovered data helps them quickly […]

How to build a multi-Region AWS Security Hub analytic pipeline and visualize Security Hub data

AWS Security Hub is a service that gives you aggregated visibility into your security and compliance posture across multiple Amazon Web Services (AWS) accounts. By joining Security Hub with Amazon QuickSight—a scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud—your senior leaders and decision-makers can use dashboards to empower data-driven decisions […]

The three most important AWS WAF rate-based rules

In this post, we explain what the three most important AWS WAF rate-based rules are for proactively protecting your web applications against common HTTP flood events, and how to implement these rules. We share what the Shield Response Team (SRT) has learned from helping customers respond to HTTP floods and show how all AWS WAF […]

Automate Amazon Athena queries for PCI DSS log review using AWS Lambda

In this post, I will show you how to use AWS Lambda to automate PCI DSS (v3.2.1) evidence generation, and daily log review to assist with your ongoing PCI DSS activities. We will specifically be looking at AWS CloudTrail Logs stored centrally in Amazon Simple Storage Service (Amazon S3) (which is also a Well-Architected Security […]

Enabling serverless security analytics using AWS WAF full logs, Amazon Athena, and Amazon QuickSight

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. Traditionally, analyzing data logs required you to extract, transform, and load your data before using a number of data warehouse and business intelligence tools to derive business intelligence from that data—on top of maintaining the servers that ran behind these […]

New AWS Big Data Blog Post: Analyze Security, Compliance, and Operational Activity Using AWS CloudTrail and Amazon Athena

Yesterday, the AWS Big Data Blog published a new blog post: “Analyze Security, Compliance, and Operational Activity Using AWS CloudTrail and Amazon Athena.” In this blog post, AWS Professional Services Consultant Sai Sriparasa shows how to set up and use the recently released Amazon Athena CloudTrail SerDe to query AWS CloudTrail log files for Amazon […]