AWS Security Blog

AWS re:Invent Security Recap: Launches, Enhancements, and Takeaways

For more from Steve, follow him on Twitter Customers continue to tell me that our AWS re:Invent conference is a winner. It’s a place where they can learn, meet their peers, and rediscover the art of the possible. Of course, there is always an air of anticipation around what new AWS service releases will be […]

Read More

Automate analyzing your permissions using IAM access advisor APIs

As an administrator that grants access to AWS, you might want to enable your developers to get started with AWS quickly by granting them broad access. However, as your developers gain experience and your applications stabilize, you want to limit permissions to only what they need. To do this, access advisor will determine the permissions […]

Read More

2018 ISO certificates are here, with a 70% increase of in scope services

In just the last year, we’ve increased the number of ISO services in scope by 70%. That makes 114 services in total that have been validated against ISO 9001, 27001, 27017, and 27018. The following services are new to our ISO program: Amazon AppStream 2.0 Amazon Athena Amazon Chime Amazon CloudWatch Events Amazon CloudWatch Amazon […]

Read More

New PCI DSS report now available, 31 services added to scope

In just the last 6 months, we’ve increased the number of Payment Card Industry Data Security Standard (PCI DSS) certified services by 50%. We were evaluated by third-party auditors from Coalfire and the latest report is now available on AWS Artifact. I would like to especially call out the six new services (marked with asterisks) […]

Read More

Scaling a governance, risk, and compliance program for the cloud, emerging technologies, and innovation

Governance, risk, and compliance (GRC) programs are sometimes looked upon as the bureaucracy getting in the way of exciting cybersecurity work. But a good GRC program establishes the foundation for meeting security and compliance objectives. It is the proactive approach to cybersecurity that, if done well, minimizes reactive incident response. Of the three components of […]

Read More

Are KMS custom key stores right for you?

You can use the AWS Key Management Service (KMS) custom key store feature to gain more control over your KMS keys. The KMS custom key store integrates KMS with AWS CloudHSM to help satisfy compliance obligations that would otherwise require the use of on-premises hardware security modules (HSMs) while providing the AWS service integrations of […]

Read More

Announcing the First AWS Security Conference: AWS re:Inforce 2019

On the eve of re:Invent 2018, I’m pleased to announce that AWS is launching our first conference dedicated to cloud security: AWS re:Inforce. The event will offer a deep dive into the latest approaches to security best practices and risk management utilizing AWS services, features, and tools. Security is the top priority at AWS, and […]

Read More
Amazon Spheres and author info

AWS Security Profiles: Quint Van Deman, Principal Business Development Manager

In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]

Read More

AWS Security Profiles: Henrik Johansson, Principal, Office of the CISO

In the weeks leading up to re:Invent, we’ll share conversations we’ve had with people at AWS who will be presenting at the event so you can learn more about them and some of the interesting work that they’re doing. How long have you been at AWS, and what do you do in your current role? […]

Read More