Security in the cloud is similar to security in your on-premises data centers — only without the costs of maintaining facilities and hardware. In the cloud, you don’t have to manage physical servers or storage devices. Instead, you use software-based security tools to monitor and protect the flow of information into and of out of your cloud resources. For this reason, cloud security is a Shared Responsibility between the customer and AWS, where customers are responsible for “security in the cloud” and AWS is responsible for “security of the cloud.”
The AWS cloud allows you to scale and innovate while maintaining a secure environment. As an AWS customer, you will benefit from data centers and network architecture designed to meet the requirements of the most security-sensitive organizations. AWS infrastructure is custom-built for the cloud and is monitored 24x7 to help protect the confidentiality, integrity, and availability of our customers’ data.
Browse this page to learn more about key topics, areas of research, and training opportunities for cloud security on AWS.
Whitepapers, Technical Guides, and Reference Materials
AWS security specialists leverage their first-hand experience to craft technical content that helps expand your knowledge of cloud security. These whitepapers, guides, and reference materials cover best practices for leading trends in the industry, including incident response, compliance in the cloud, and privacy considerations. Peruse the technical content library below to find guidance on how to securely build your future on AWS.
Security is a key component of your decision to use the cloud. This documentation can help your organization get in-depth information about both the built-in and the configurable security of AWS services. This information goes beyond “how-to” and can help developers — as well as Security, Risk Management, Compliance, and Product teams — assess a service prior to use, determine how to use a service securely, and get updated information as new features are released.
Provable Security: Research and Insights
AWS uses automated reasoning technology — the application of mathematical logic to assess cloud security — to help detect misconfigurations and answer critical questions about your infrastructure. Known as provable security, AWS leverages leading insight and applications from AWS security experts to help you achieve the highest possible level of security assurance in the cloud.
What is AWS Zelkova?
AWS re:Inforce 2019: Automate Compliance Verification on AWS Using Provable Security
AWS re:Inforce 2019: The Evolution of Automated Reasoning Technology at AWS
AWS re:Inforce 2019: An AWS Approach to Higher Standards of Assurance w/ Provable Security
Organizations need individuals with deep security knowledge to help protect their business. AWS training courses enable you to build the skillset you need to meet your security and compliance objectives. With a variety of content and training materials curated by experts at AWS, you can stay up-to-date with evolving best practices and security trends in the industry — whether you’re new to the cloud or “all-in” on AWS.
Cloud Audit Academy
Cloud Audit Academy (CAA) is an AWS Security Auditing Learning Path designed for those that are in auditing, risk, and compliance roles and are involved in assessing regulated workloads in the cloud. The CAA curriculum dives into cloud-specific audit considerations and AWS best practices for security auditing aligned to global industry security and compliance frameworks.
Other Suggested Training
AWS Security Control Domains
Data Privacy is about an individual's right to control their data. This video will show you how to use some of AWS tools and services to help protect your data.
Governance is the process that ensures effective and compliant workflow without giving up flexibility to achieve its goals. This video shows you how to use AWS tools and services to help accomplish this.
As the benefits of cloud computing drive increased adoption, Vulnerability Management is more important than ever. This video helps you identify, track and remediate security issues within the cloud environment.
Device Management involves installing and updating operating systems and application patches, managing user accounts, and maintaining up-to-date security on all end-user devices. This video shows you how to remain flexible, while maintaining security, in a world where remote employees and personal device integration is the norm.
Risk Management is a methodology for identifying, managing, and mitigating risks with information, assets, and operations. This video helps you understand how to identify, monitor, and mitigate potential risks to your cloud environment.
Proper network management is all about building a secure, isolated, distributed, and highly resilient network construct that works for you – no matter your workload requirements. This video helps you learn how to do that with AWS tools and services.
Identity management and access control is a discipline that enables the right individuals to access the right resources at the right time and for the right reasons. With AWS identity services, you can manage your workforce and customer identities as well as their access to AWS services and resources.
Incident Response is an organized approach to addressing and managing the threat or violation of security policies and standard practices. A quick response limits damage and reduces recovery time and costs. In the cloud, you need a systematic and organized approach for incident response.
Configuration Management is a process for ensuring consistency in your operational environment. Your governance and compliance set-up will drive the reliability of your cloud implementation, reducing the chance of unpredictable error.
Business Continuity is your ability to maintain essential operations during a disruptive event and then restore normal operations within a reasonable time frame. This video helps you understand how to enable faster disaster recovery of critical IT systems without incurring the infrastructure expense of a second physical site.
Security and compliance requirements affect all businesses no matter where they are located. With millions of AWS customers around the world, it is important that security professionals have access to the best practices and guidance needed to help improve their security posture. This is why AWS offers key security and compliance content that is localized in over 20 languages to better support users in their preferred language.