Security, Identity and Compliance on AWS

Secure your workloads and applications in the cloud
Data protection
Identity & access management
Infrastructure protection
AWS provides services that help you protect your data, accounts, and workloads from unauthorized access. AWS data protection services provide encryption and key management and threat detection that continuously monitors and protects your accounts and workloads.
AWS Identity services help you manage authentication, authorization, and governance in the AWS Cloud. These services enable you to securely manage and audit access to your AWS accounts and infrastructure anywhere along your AWS Cloud journey.
AWS protects web applications by filtering traffic based on rules that you create. For example, you can filter web requests based on IP addresses, HTTP headers, HTTP body, or URI strings, which allows you to block common attack patterns, such as SQL injection or cross-site scripting.
Threat detection and continuous monitoring
Compliance and data privacy
AWS identifies threats by continuously monitoring the network activity and account behavior within your cloud environment.
AWS gives you a comprehensive view of your compliance status and continuously monitors your environment using automated compliance checks based on the AWS best practices and industry standards your organization follows.
Data protection
AWS provides services that help you protect your data, accounts, and workloads from unauthorized access. AWS data protection services provide encryption and key management and threat detection that continuously monitors and protects your accounts and workloads.
Threat detection and continuous monitoring
AWS identifies threats by continuously monitoring the network activity and account behavior within your cloud environment.
Identity & access management
AWS Identity services help you manage authentication, authorization, and governance in the AWS Cloud. These services enable you to securely manage and audit access to your AWS accounts and infrastructure anywhere along your AWS Cloud journey.
Compliance and data privacy
AWS gives you a comprehensive view of your compliance status and continuously monitors your environment using automated compliance checks based on the AWS best practices and industry standards your organization follows.
Infrastructure protection
AWS protects web applications by filtering traffic based on rules that you create. For example, you can filter web requests based on IP addresses, HTTP headers, HTTP body, or URI strings, which allows you to block common attack patterns, such as SQL injection or cross-site scripting.

AWS Security, Identity & Compliance services

Category
Use cases
AWS service
Identity management for your apps

Amazon Cognito

Identify management for your apps.

Managed Microsoft Active Directory

AWS Directory Service

Host and manage active directory.

Manage user access and encryption keys

AWS Identity & Access Management (IAM)

Manage user access and encryption keys.

Simple, secure service to share AWS resources

AWS Resource Access Manager

Simple, secure service to share AWS resources.

Rotate, manage and retrieve secrets

AWS Secrets Manager

Rotate, manage, and retrieve secrets.

Cloud single-sign-on (SSO) service

AWS Single Sign-On

Cloud single sign-on (SSO) service.

Detective controls
Managed threat detection service

Amazon GuardDuty

Managed threat detection service.

Unified security and compliance center

AWS Security Hub

Unified security and compliance center.

Infrastructure protection
DDoS protection

AWS Shield

DDoS protection.

Filter malicious web traffic

AWS Web Application Firewall (WAF)

Filter malicious web traffic.

Central management of firewall rules

AWS Firewall Manager

Central manangement of firewall rules.

Analyze application security

Amazon Inspector

Analyze application security.

Data protection
Key storage and management

AWS Key Management Service (KMS)

Managed creation and control of encryption keys.

Hardware based key storage for regulatory compliance

AWS CloudHSM

Hardware-based key storage for regulatory compliance.

Provision, manage, and deploy public and private SSL/TLS certificates

AWS Certificate Manager

Provision, manage, and deploy SSL/TLS certificates.

Discover, classify and protect your data

Amazon Macie

Discover, classify, and protect your data.

Compliance
No cost, self-service portal for on-demand access to AWS’ compliance reports

AWS Artifact

On-demand access to AWS' compliance reports.

AWS Security, Identity & Compliance services

Category Use cases AWS service
Identity & access management Manage user access and encryption keys   AWS Identity & Access Management (IAM)
Cloud single-sign-on (SSO) service
AWS Single Sign-On
Managed Microsoft Active Directory
AWS Directory Service
Identity management for your apps Amazon Cognito
Rotate, manage and retrieve secrets
AWS Secrets Manager
Simple, secure service to share AWS resources AWS Resource Access Manager
Detective controls
Unified security and compliance center AWS Security Hub
Managed threat detection service Amazon GuardDuty
Infrastructure protection DDoS protection AWS Shield
Filter malicious web traffic AWS Web Application Firewall (WAF)
Central management of firewall rules AWS Firewall Manager
Analyze application security Amazon Inspector
Data protection Key storage and management
AWS Key Management Service (KMS)
Hardware based key storage for regulatory compliance
AWS CloudHSM
Provision, manage, and deploy public and private SSL/TLS certificates AWS Certificate Manager
Discover, classify and protect your data Amazon Macie
Securing workloads on AWS
To make it easier for your to secure your workloads on AWS, we also provide the world’s most secure cloud platform.

Customers

Snap logo

"We love it when we are able to simply provide extra security without any inconvenience."

- Roger Zou on Amazon GuardDuty
Snap Inc.

Thermo Fisher Scientific logo
Gett
robinhood logo
Delaware North logo
Department of Defense logo
Here logo
British Gas logo
Canary logo
University of Maryland logo
Crop Trust logo
Soundcloud logo
Contact an AWS Business Representative
Have Questions? Connect with an AWS Business Representative
Exploring security roles?
Apply today »
Want AWS Security updates?
Follow us on Twitter »