AWS Security Blog
Tag: Amazon Elasticsearch Service
Masking field values with Amazon Elasticsearch Service
Amazon Elasticsearch Service (Amazon ES) is a fully managed service that you can use to deploy, secure, and run Elasticsearch cost-effectively at scale. The service provides support for open-source Elasticsearch APIs, managed Kibana, and integration with Logstash and other AWS services. Amazon ES provides a deep security model that spans many layers of interaction and […]
Read MoreHow to visualize multi-account Amazon Inspector findings with Amazon Elasticsearch Service
Amazon Inspector helps to improve the security and compliance of your applications that are deployed on Amazon Web Services (AWS). It automatically assesses Amazon Elastic Compute Cloud (Amazon EC2) instances and applications on those instances. From that assessment, it generates findings related to exposure, potential vulnerabilities, and deviations from best practices. You can use the […]
Read MoreGet started with fine-grained access control in Amazon Elasticsearch Service
Amazon Elasticsearch Service (Amazon ES) provides fine-grained access control, powered by the Open Distro for Elasticsearch security plugin. The security plugin adds Kibana authentication and access control at the cluster, index, document, and field levels that can help you secure your data. You now have many different ways to configure your Amazon ES domain to […]
Read MoreAlerting, monitoring, and reporting for PCI-DSS awareness with Amazon Elasticsearch Service and AWS Lambda
Logging account activity within your AWS infrastructure is paramount to your security posture and could even be required by compliance standards such as PCI-DSS (Payment Card Industry Security Standard). Organizations often analyze these logs to adapt to changes and respond quickly to security events. For example, if users are reporting that their resources are unable […]
Read MoreHow to analyze AWS WAF logs using Amazon Elasticsearch Service
Log analysis is essential for understanding the effectiveness of any security solution. It can be valuable for day-to-day troubleshooting and also for your long-term understanding of how your security environment is performing. AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise […]
Read MoreThe Most Viewed AWS Security Blog Posts in 2017
The following 10 posts were the most viewed AWS Security Blog posts that we published during 2017. You can use this list as a guide to catch up on your AWS Security Blog reading or read a post again that you found particularly useful. Coming Soon: Improvements to How You Sign In to Your AWS […]
Read MoreHow to Visualize and Refine Your Network’s Security by Adding Security Group IDs to Your VPC Flow Logs
August 31, 2020: The directions in this blog post for how to create an Amazon ES cluster have been updated. February 28, 2019: The features and services described in this post have changed since the post was published and the procedures described might be out of date and no longer accurate. If we update this […]
Read MoreHow to Monitor Host-Based Intrusion Detection System Alerts on Amazon EC2 Instances
To help you secure your AWS resources, we recommend that you adopt a layered approach that includes the use of preventative and detective controls. For example, incorporating host-based controls for your Amazon EC2 instances can restrict access and provide appropriate levels of visibility into system behaviors and access patterns. These controls often include a host-based […]
Read MoreThe Most Viewed AWS Security Blog Posts in 2016
The following 10 posts were the most viewed AWS Security Blog posts that we published during 2016. You can use this list as a guide to catch up on your blog reading or even read a post again that you found particularly useful. How to Set Up DNS Resolution Between On-Premises Networks and AWS Using […]
Read MoreHow to Control Access to Your Amazon Elasticsearch Service Domain
With the recent release of Amazon Elasticsearch Service (Amazon ES), you now can build applications without setting up and maintaining your own search cluster on Amazon EC2. One of the key benefits of using Amazon ES is that you can leverage AWS Identity and Access Management (IAM) to grant or deny access to your search […]
Read More