Build and operate games with security in mind, ensuring players have fun, safe experiences.
Welcome to Building Games on AWS, a collection of YouTube series where we show you how to use AWS for games. In this series we’ll go over Security considerations for hosting game workloads on AWS.
Keep your game and your players' data safe and secure
Get to know the tenets and underlying purpose of AWS’s approach to security, including the controls in the AWS environment and some of the products and features that AWS makes available to customers to meet your security objectives in this AWS Introduction to Security whitepaper.
Custom-built security solutions
AWS for Games: Account Take Over Attempts
Every player starts with an identity, and protecting your gamers’ accounts and identities are a part of AWS’ top priority. That is one of the many reasons why we have created our AWS WAF Fraud Control Account Takeover Prevention (ATP). ATP helps to reduce fraud and prevent what we call account takeovers. An account takeover is when an unauthorized user gains control of another gamer’s account. We recognize the hard work our gamers and developers put in, especially in esports. Therefore, we combat this issue in two ways: investigation of responses coming in, and analyzation of responses going out. When a gamer logs into your game, we will look to see if those credentials are stolen from the dark web, as well as looking at previous login information to determine anomalies and alert you of suspicious activity. On the response side, we look at how your game reacts to login attempts, and if someone is attempting brute force password combinations or other attack types we can put in measures to stop that. Security is our top priority, and we welcome our gamers and game developers alike to improve their security through AWS.
See what some of our game development friends and customers have to say about the AWS Security solutions.
"In the gaming industry, the security and wellness of SaaS solutions are critical. A security breach, in many cases, can mean game over for us. AWS solutions give us control over the most sensitive points of our infrastructure. We extensively use AWS WAF to weed out dangerous vulnerabilities-scanning traffic from our servers and regularly reviewing Guard Duty insights to identify and fix potential problems early."
Piotr Korzuszek, CTO and Software Developer - PatchKit
It's dangerous to go alone...take this. Learn from the experience of others who have taken this journey and want to see our industry become stronger and more secure while delivering the best experiences for our customers.
Dynamically react to suspicious users by utilizing AWS WAF Security Automations.
Application-specific attacks or cheating attempts often don’t come out of the blue. When bad actors prepare to compromise an application, they leave traces: Unsuccessful login attempts, increased error code rates, exceeded API limits, just to name a few. Malicious bots often tend to crawl everything they can access, even endpoints a real user would never or just rarely use.
This is where AWS WAF Security Automations comes into the game: You can deploy the solution with one click to your existing HTTP APIs and configure it to detect unusual behavior in your application. It even allows you to create a honeypot that can be used to detect crawlers and bots. The solution deploys an AWS WAF Web ACL, which can be directly attached to Amazon CloudFront, Application Load Balancers (ALB), Amazon API Gateway and AWS AppSync.
As the Solution is well documented, you can easily extract meaningful data from its components to use throughout your workload. For example, you can query Amazon Athena for a list of suspicious IPs within the last hour. This data allows you to build a custom inspect list that can be used in your matchmaking to keep these potentially malicious players away from your game, or maybe just send them to a dedicated game server, isolated from the friendly player base.
Protect your game against unintended data exposure
Build a strong security culture, make it important, and include everyone in your game studio. See how you can protect your games against Data Breaches.
Protect your game server's instance credentials using Amazon GuardDuty
Protect your game, AWS accounts, workloads, and data stored in Amazon Simple Storage Service (Amazon S3) by continuously monitoring for malicious activity and unauthorized behavior with Amazon GuardDuty.
How to defend games against DDoS attacks
This blog discusses the architecture decisions you can make to best utilize AWS’s DDoS prevention.& mitigation capabilities
Using Amazon Cognito to authenticate players for a game backend service
Amazon Cognito is a quick and easy player authentication and identity management service for your games.
Innovate with key industry partners
Discover purpose-built AWS for Games solutions and services from an extensive network of industry-leading AWS Partners who have demonstrated technical expertise and customer success in building solutions on AWS.
Partner Spotlight: CrowdStrike, Inc.
ONE PLATFORM. EVERY INDUSTRY. SUPERIOR PROTECTION.
CrowdStrike protects the people, processes and technologies that drive modern enterprise. A single agent solution to stop breaches, ransomware, and cyber attacks—powered by world-class security expertise and deep industry experience.
Partner Spotlight: Lacework, Inc.
Lacework: a modern day approach to cloud security for the gaming industry
You're developing games, not playing them. Neither is Lacework. We automate and continuously monitor your compliance and security, from build to runtime, so you can run faster, jump further, and expand your empire. Consolidate tools, optimize your SIEM, secure your containers. Game recognizes game.
Partner Spotlight: Druva
Protect your game with multi-layered data resilience
Keep your data safe and available, anytime and anywhere, with the Druva Data Resiliency Cloud. Automate a foolproof response and recovery process to cyber incidents, ensure data availability with forever incremental backups, and protect data with an air-gapped, globally available architecture.
We stop breaches.
With CrowdStrike, customers benefit from better protection, better performance and immediate time-to-value delivered by the cloud-native Falcon platform.
Protect. Renew. Empower.
The global #1 Games Protection and Anti-Piracy technology helping game publishers and developers to secure PC, console and mobile games.
Multi-layered data resilience
Keep your game and player data secure and compliant with air-gapped, immutable, backups and accelerated ransomware response & recovery.
Protect PAC-MAN and fellow pals
Gamers get malicious attempts at a rate of 14 million per day. Learn how F5
saves PAC-MAN and pals by protecting 4+ billion transactions per week.
Securely Scale Global Games 24x7x365
Automated, self-healing, scaling AWS architectures and designs are Foghorn’s forte. Powerful results achieved for leading global games companies.
Multi-layered data resilience
Automate your cloud security, from build time to runtime, with Lacework, and securely accelerate and expand your empire. Game recognizes game.
Gaming Apps Monitoring Made Simple with Logz.io
Monitoring huge amounts of data to maintain visibility into your environment can mean the difference between winning and game over.
AWS Consulting and Managed Cloud Services
Mission accelerates enterprise cloud transformation by delivering a differentiated suite of agile managed cloud services and consulting.
Secure Cloud File Storage for Game Builds
Nasuni + AWS provides dynamic cloud file storage for sharing large, packaged game builds across studios with built-in backup and ransomware recovery.
Do what you need to do, from anywhere
Parsec gives you access to your hardware in seconds with near-zero latency and unparalleled input accuracy when you plug in a keyboard, mouse, tablet, or gamepad. Video streams look silky smooth, with 60FPS 4K video in vivid color across up to 3 monitors. Forget you’re somewhere else.
Reach compliance with Prisma Cloud
Prisma Cloud simplifies Pokémon’s path to PCI compliance with consistent monitoring and one-click reports.
We redefine what's possible
Slalom’s gaming experts have helped AAAs, streamers, and single-game studios harness the full power of AWS to improve gameplay, security, and optimize.
High-performance remote game development
Get secure, flexible, high-performance, low-latency remote game development on the cloud with the same user experience as if you were in the studio.
Building a game has different challenges compared to many applications. Find AWS documentation and game-specific samples, reference architectures, and more to help you build your game in the cloud.
Start your security solutions here
Delivering a safe and secure experience for our customers is critical to the success and growth of our games and businesses, but it's not always easy to figure out how to get started implementing solutions and best practices. We've put together a few key steps in the
process to help you get started.
Once you’ve done all the above, build your CI/CD pipelines and integrate the security tooling with them (static analysis, dependency analysis, pentesting environment, etc) which your control framework requires - after which, you’re ready to upload your golden baseline images (where applicable) and your game code, and start building, testing and deploying your game!