AWS Security Blog

Tag: Devops

Use AWS Firewall Manager and VPC security groups to protect your applications hosted on EC2 instances

You can use AWS Firewall Manager to centrally configure and manage Amazon Virtual Private Cloud (Amazon VPC) security groups across all your AWS accounts. This post will take you through the step-by-step instructions to apply common security group rules, audit your security groups, and detect unused and redundant rules in your security groups across your […]

Read More
Figure 1 - The AWS Cloud Adoption Framework Security Perspective

How to manage security governance using DevOps methodologies

I’ve conducted more security audits and reviews than I can comfortably count, and I’ve found that these reviews can be surprisingly open to interpretation (as much as they try not to be). Many companies use spreadsheets to explain and limit business risks, with an annual review to confirm the continued suitability of their controls. However, […]

Read More

Using AWS Firewall Manager and WAF to protect your web applications with master rules and application-specific rules

Jeff Barr’s blog post introducing AWS Firewall Manager describes how you can centrally manage a set of web application firewall rules to protect all the applications in an AWS Organization. This blog post will take you through the specific steps to implement firewall rules using both AWS Web Application Firewall (AWS WAF) and AWS Firewall […]

Read More