AWS Security Blog
Tag: Cloud security
How to develop an Amazon Security Lake POC
You can use Amazon Security Lake to simplify log data collection and retention for Amazon Web Services (AWS) and non-AWS data sources. To make sure that you get the most out of your implementation requires proper planning. In this post, we will show you how to plan and implement a proof of concept (POC) for […]
How to use the BatchGetSecretValue API to improve your client-side applications with AWS Secrets Manager
AWS Secrets Manager is a service that helps you manage, retrieve, and rotate database credentials, application credentials, OAuth tokens, API keys, and other secrets throughout their lifecycles. You can use Secrets Manager to help remove hard-coded credentials in application source code. Storing the credentials in Secrets Manager helps avoid unintended or inadvertent access by anyone […]
2023 Canadian Centre for Cyber Security Assessment Summary report available with 20 additional services
At Amazon Web Services (AWS), we are committed to providing continued assurance to our customers through assessments, certifications, and attestations that support the adoption of current and new AWS services and features. We are pleased to announce the availability of the 2023 Canadian Centre for Cyber Security (CCCS) assessment summary report for AWS. With this assessment, a […]
Aggregating, searching, and visualizing log data from distributed sources with Amazon Athena and Amazon QuickSight
Part 1 of a 3-part series Part 2 – How to visualize Amazon Security Lake findings with Amazon QuickSight Part 3 – How to share security telemetry per Organizational Unit using Amazon Security Lake and AWS Lake Formation Customers using Amazon Web Services (AWS) can use a range of native and third-party tools to build […]
Now available: Building a scalable vulnerability management program on AWS
Vulnerability findings in a cloud environment can come from a variety of tools and scans depending on the underlying technology you’re using. Without processes in place to handle these findings, they can begin to mount, often leading to thousands to tens of thousands of findings in a short amount of time. We’re excited to announce […]
Announcing the AWS Blueprint for Ransomware Defense
In this post, Amazon Web Services (AWS) introduces the AWS Blueprint for Ransomware Defense, a new resource that both enterprise and public sector organizations can use to implement preventative measures to protect data from ransomware events. The AWS Blueprint for Ransomware Defense provides a mapping of AWS services and features as they align to aspects […]
Stronger together: Highlights from RSA Conference 2023
RSA Conference 2023 brought thousands of cybersecurity professionals to the Moscone Center in San Francisco, California from April 24 through 27. The keynote lineup was eclectic, with more than 30 presentations across two stages featuring speakers ranging from renowned theoretical physicist and futurist Dr. Michio Kaku to Grammy-winning musician Chris Stapleton. Topics aligned with this […]
Scale your authorization needs for Secrets Manager using ABAC with IAM Identity Center
With AWS Secrets Manager, you can securely store, manage, retrieve, and rotate the secrets required for your applications and services running on AWS. A secret can be a password, API key, OAuth token, or other type of credential used for authentication purposes. You can control access to secrets in Secrets Manager by using AWS Identity […]
Logging strategies for security incident response
Effective security incident response depends on adequate logging, as described in the AWS Security Incident Response Guide. If you have the proper logs and the ability to query them, you can respond more rapidly and effectively to security events. If a security event occurs, you can use various log sources to validate what occurred and […]
AWS Melbourne Region has achieved HCF Strategic Certification
Amazon Web Services (AWS) is delighted to confirm that our new AWS Melbourne Region has achieved Strategic Certification for the Australian Government’s Hosting Certification Framework (HCF). We know that maintaining security and resiliency to keep critical data and infrastructure safe is a top priority for the Australian Government and all our customers in Australia. The […]