AWS Security Blog

Tag: Security groups

How to Visualize and Refine Your Network’s Security by Adding Security Group IDs to Your VPC Flow Logs

Note from February 28, 2019: The features and services described in this post have changed since the post was published and the procedures described might be out of date and no longer accurate. If we update this post or create a replacement, we’ll add a notification about it here. Note from July 11, 2017: In […]

Read More

How to Monitor AWS Account Configuration Changes and API Calls to Amazon EC2 Security Groups

You can use AWS security controls to detect and mitigate risks to your AWS resources. The purpose of each security control is defined by its control objective. For example, the control objective of an Amazon VPC security group is to permit only designated traffic to enter or leave a network interface. Let’s say you have […]

Read More

How to Optimize and Visualize Your Security Groups

Note: On May 3, 2017, we published a related blog post also written by Guy Denney, How to Visualize and Refine Your Network’s Security by Adding Security Group IDs to Your VPC Flow Logs. Many organizations start their journey with AWS by experimenting with existing applications. Those experiments may include trying to move an application to […]

Read More

How to Automatically Update Your Security Groups for Amazon CloudFront and AWS WAF by Using AWS Lambda

Update on June 14, 2018: We removed an out-of-date code sample. Update on August 23, 2018: We revised the “Configure your Lambda function’s trigger” procedure. Amazon CloudFront can help you increase the performance of your web applications and significantly lower the latency of delivering content to your customers. Recently announced, AWS WAF (a web application firewall) […]

Read More

How to Help Prepare for DDoS Attacks by Reducing Your Attack Surface

Distributed denial of service (DDoS) attacks are sometimes used by malicious actors in an attempt to flood a network, system, or application with more traffic, connections, or requests than it can handle. Not surprisingly, customers often ask us how we can help them protect their applications against these types of attacks. To help you optimize […]

Read More