AWS Security Blog

Introducing the AWS Security Champion Knowledge Path and digital badge

Today, Amazon Web Service (AWS) introduces the Security Champion Knowledge Path on AWS Skill Builder, featuring training and a digital badge. The Security Champion Knowledge path is a comprehensive educational framework designed to empower developers and software engineers with essential AWS cloud security knowledge and best practices. The structured learning path enables development teams to […]

AWS completes Police-Assured Secure Facilities (PASF) audit in Europe (London) AWS Region

We’re excited to announce that our Europe (London) AWS Region has renewed its accreditation for United Kingdom (UK) Police-Assured Secure Facilities (PASF) for Official-Sensitive data. Since 2017, the Amazon Web Services (AWS) Europe (London) Region has been accredited under the PASF program. This demonstrates our continuous commitment to adhere to the heightened expectations of customers […]

Building identity-first security: A guide to the Identity and Access Management track at AWS re:Inforce 2025

Join us at AWS re:Inforce 2025 from June 16 to 18 as we dive deep into identity and access management, where we’ll explore how organizations are securing identities at scale. As the traditional security perimeter continues to dissolve in our hybrid and multi-cloud world, this year’s sessions showcase how AWS customers are building comprehensive identity-centric […]

Building secure foundations: A guide to network and infrastructure security at AWS re:Inforce 2025

A full conference pass is $1,099. Register today with the code flashsale150 to receive a limited time $150 discount, while supplies last. Securing cloud infrastructure has never been more critical as organizations continue to expand their digital footprint and embrace modern architectures. At AWS re:Inforce 2025, the Network and Infrastructure Security track brings together security […]

2025 ISO and CSA STAR certificates now available with three new Regions

Amazon Web Services (AWS) successfully completed an onboarding audit with no findings for ISO 9001:2015, 27001:2022, 27017:2015, 27018:2019, 27701:2019, 20000-1:2018, and 22301:2019, and Cloud Security Alliance (CSA) STAR Cloud Controls Matrix (CCM) v4.0. EY CertifyPoint auditors conducted the audit and reissued the certificates on May 26, 2025. The objective of the audit was to assess […]

How to use on-demand rotation for AWS KMS imported keys

Today, we’re announcing support for on-demand rotation of symmetric encryption AWS Key Management Service (AWS KMS) keys with imported key material (EXTERNAL origin). This new capability enables you to rotate the cryptographic key material of these keys without changing the key identifier (key ID or Amazon Resource Name (ARN)). Rotating keys helps you meet compliance […]

Many voices, one community: Three themes from RSA Conference 2025

RSA Conference (RSAC) 2025 drew 730 speakers, 650 exhibitors, and 44,000 attendees from across the globe to the Moscone Center in San Francisco, California from April 28 through May 1. The keynote lineup was eclectic, with 37 presentations featuring speakers ranging from NBA Hall of Famer Earvin “Magic” Johnson to public and private-sector luminaries such as former […]

Implementing just-in-time privileged access to AWS with Microsoft Entra and AWS IAM Identity Center

Controlling access to your privileged and sensitive resources is critical for all AWS customers. Preventing direct human interaction with services and systems through automation is the primary means of accomplishing this. For those infrequent times when automation is not yet possible or implemented, providing a secure method for temporary elevated access is the next best […]

A deep dive into data protection sessions at AWS re:Inforce 2025

June 4, 2025: We removed a paragraph about advanced seat reservation because this option isn’t available this year. A full conference pass is $1,099. Register today with the code flashsale150 to receive a limited time $150 discount, while supplies last. At Amazon Web Services (AWS), security is our top priority. We’re excited to announce the […]

Application security at re:Inforce 2025

A full conference pass is $1,099. Register today with the code flashsale150 to receive a limited time $150 discount, while supplies last. Join us in Philadelphia on June 16–18, 2025, for AWS re:Inforce, where you can enhance your skills and confidence in cloud security, compliance, identity, and privacy. As an attendee, you will have access to […]