Provable Security

Security Assurance, Backed by Mathematical Proof

We are committed to helping you achieve the highest levels of security in the cloud. We’ve developed automated reasoning tools that use mathematical logic to answer critical questions about your infrastructure to detect misconfigurations that could potentially expose your data. We call this provable security because it provides higher assurance in the security of the cloud and in the cloud.

What is automated reasoning? (2:56)

How it works

We apply automated reasoning in key service areas such as storage, networking, virtualization, identity, and cryptography. You can see automated reasoning at work in Amazon CodeGuru, Amazon Simple Storage Service (Amazon S3), AWS Identity and Access Management (IAM), Amazon VPC Network Access Analyzer, Amazon VPC Reachability Analyzer, and Amazon Verified Permissions.
  • Amazon CodeGuru
  • Amazon CodeGuru Reviewer uses automated reasoning and machine learning to identify critical issues, security vulnerabilities, and hard-to-find bugs during application development. It also provides recommendations to improve code quality.

  • Amazon S3 Block Public Access
  • S3 Block Public Access uses automated reasoning to provide controls across an entire AWS account or at the individual Amazon S3 bucket level to help ensure that objects never have public access, now or in the future.

  • IAM Access Analyzer
  • AWS Identity and Access Management (IAM) Access Analyzer uses automated reasoning to analyze all public and cross-account access paths to your resources and provides comprehensive analysis of those paths.

  • Amazon VPC Network Access Analyzer
  • Network Access Analyzer uses automated reasoning to identify reachable paths and validate security invariants in your AWS network.

  • Amazon VPC Reachability Analyzer
  • Reachability Analyzer uses automated reasoning to identify feasible paths, and explain infeasible paths, in your AWS network.

  • Amazon Verified Permissions
  • Amazon Verified Permissions uses automated reasoning to define fine-grained permissions for application users.

Research and insights

A billion SMT queries a day

In this Computer-Aided Verification (CAV) Conference keynote, Neha Rungta, the director of applied science for AWS Identity, explains how AWS is making the power of automated reasoning available to all its customers.

Interested in internships with the AWS Automated Reasoning Group?

Want to solve some of the most challenging cloud security problems?

Explore more of AWS