Tag: NIST

January 25, 2023: AWS KMS, ACM, Secrets Manager TLS endpoints have been updated to only support NIST’s Round 3 picked KEM, Kyber. s2n-tls and s2n-quic have also been updated to only support Kyber. BIKE or other KEMs may still be added as the standardization proceeds. August 3, 2022: This post has been updated to include […]

We are happy to announce that all AWS Federal Information Processing Standard (FIPS) endpoints have been updated to only accept a minimum of Transport Layer Security (TLS) 1.2 connections. This ensures that our customers who run regulated workloads can meet FedRAMP compliance requirements that mandate a minimum of TLS 1.2 encryption for data in transit. Attempts […]

Your approach to security governance, risk management, and compliance can be an enabler to digital transformation and business agility. As more organizations progress in their digital transformation journey—empowered by cloud computing—security organizations and processes cannot simply participate, they must lead in that transformation. Today, many customers establish a security foundation using technology-agnostic risk management frameworks—such […]

November 10, 2022: This project was successfully completed in March 2021. TLS 1.2 is now the minimum version supported for all connections to AWS FIPS service endpoints. Note we will be implementing the same policy for non-FIPS endpoints by June 2023. If you also use these endpoints see https://aws.amazon.com/blogs/security/tls-1-2-required-for-aws-endpoints/ for details. To help you meet […]

March 18, 2021: This post was originally published in February 2021. Since then, the number of services that require a TLS minimum of 1.2 has grown from over 40 to over 70. We’ve updated this post accordingly. In a March 2020 blog post, we told you about work Amazon Web Services (AWS) was undertaking to […]

January 25, 2023: AWS KMS, ACM, Secrets Manager TLS endpoints have been updated to only support NIST’s Round 3 picked KEM, Kyber. s2n-tls and s2n-quic have also been updated to only support Kyber. BIKE or other KEMs may still be added as the standardization proceeds. AWS Key Management Service (AWS KMS) now supports three new […]

This post will help you make privacy-conscious cloud migration decisions by mapping the National Institute of Standards and Technology (NIST) Privacy Framework: A Tool for Improving Privacy Through Enterprise Risk Management (NIST Privacy Framework) to the AWS Cloud Adoption Framework (AWS CAF). AWS Professional Services created the AWS CAF to help organizations successfully migrate to […]

January 25, 2023: AWS KMS, ACM, Secrets Manager TLS endpoints have been updated to only support NIST’s Round 3 picked KEM, Kyber. s2n-tls and s2n-quic have also been updated to only support Kyber. BIKE or other KEMs may still be added as the standardization proceeds. AWS Cryptography has completed benchmarks of Round 2 Versions of […]

I’m proud to announce an updated resource that is designed to provide guidance to help your organization align to the National Institute of Standards and Technology (NIST) Cybersecurity Framework Version 1.1, which was released in 2018. The updated guide, NIST Cybersecurity Framework (CSF): Aligning to the NIST CSF in the AWS Cloud, is designed to […]

Note from September 18, 2017: In this blog post, “AWS CloudHSM” refers to the product that’s now known as AWS CloudHSM Classic. As I explained in my previous Security Blog post, a hardware security module (HSM) is a hardware device designed with the security of your data and cryptographic key material in mind. It is […]