Security Learning

Why AWS?

Security in the cloud is similar to security in your on-premises data centers — only without the costs of maintaining facilities and hardware. In the cloud, you don’t have to manage physical servers or storage devices. Instead, you use software-based security tools to monitor and protect the flow of information into and of out of your cloud resources. For this reason, cloud security is a Shared Responsibility between the customer and AWS, where customers are responsible for “security in the cloud” and AWS is responsible for “security of the cloud.”

The AWS cloud allows you to scale and innovate while maintaining a secure environment. As an AWS customer, you will benefit from data centers and network architecture designed to meet the requirements of the most security-sensitive organizations. AWS infrastructure is custom-built for the cloud and is monitored 24x7 to help protect the confidentiality, integrity, and availability of our customers’ data. Browse this page to learn more about key topics, areas of research, and training opportunities for cloud security on AWS.

Use Cases

Security Documentations

Security is a key component of your decision to use the cloud. This documentation can help your organization get in-depth information about both the built-in and the configurable security of AWS services. This information goes beyond “how-to” and can help developers — as well as Security, Risk Management, Compliance, and Product teams — assess a service prior to use, determine how to use a service securely, and get updated information as new features are released. To learn more about how customers use security documentation, read the AWS Security blog post.

Training

Organizations need individuals with deep security knowledge to help protect their business. AWS training courses enable you to build the skillset you need to meet your security and compliance objectives. With a variety of content and training materials curated by experts at AWS, you can stay up-to-date with evolving best practices and security trends in the industry — whether you’re new to the cloud or “all-in” on AWS.

Learn more about Training

Cloud Audit Academy

Cloud Audit Academy (CAA) is an AWS Security Auditing Learning Path designed for those that are in auditing, risk, and compliance roles and are involved in assessing regulated workloads in the cloud. The CAA curriculum dives into cloud-specific audit considerations and AWS best practices for security auditing aligned to global industry security and compliance frameworks.

Learn more about CAA
AWS Cloud Audit Academy

Other Suggested Training

Learning icon

Whitepapers, Technical Guides, and Reference Materials

AWS security specialists leverage their first-hand experience to craft technical content that helps expand your knowledge of cloud security. These whitepapers, guides, and reference materials cover best practices for leading trends in the industry, including incident response, compliance in the cloud, and privacy considerations. Peruse the technical content library below to find guidance on how to securely build your future on AWS. You can also visit the AWS Architecture Center to see more best practices for security, identity, and compliance.

Clear all filters
Content Type
46-54 (124)
Showing results: 46-54
Total results: 124
  • Date

  • Whitepaper

    Security Overview of Amazon API Gateway

    This whitepaper presents a deep dive into Amazon API Gateway and integrated Amazon Web Services (AWS) services through a security lens. It provides a well-rounded picture of the service for new adopters, and a deeper understanding of Amazon API Gateway for current users.

    HTML | PDF

    Security, Identity, & Compliance

    November 2022

  • Whitepaper

    Updated

    Device Manufacturing and Provisioning with X.509 Certificates in AWS IoT Core

    This whitepaper focuses on onboarding Internet of Things (IoT) devices in AWS IoT Core using unique identities. It covers the different options, challenges, and considerations for manufacturing and provisioning unique X.509 certificates and private keys into devices for certificate-based mutual authentication.

    HTML | PDF

    Internet of Things | Security, Identity, & Compliance | Manufacturing

    November 2022

  • This Is My Architecture

    TallyPrime on AWS: Providing Virtual Office to End Users Using NICE DCV

    Application TallyPrime is hosted in a virtualized environment and exposed using a remote display protocol (NICE DCV). The virtualized environment is accessed over https in browser or through a client. Tally, a windows thick client is installed in a container (Ubuntu 20) with wine to support the native capabilities of application as offered in Windows environment. TallyPrime on AWS is & will be catering 1000's of users ensuring security & scalability at its core, while keeping its power of simplicity for end users.

    Check out more resources for architecting in the #AWS​​​ cloud:

    2022-11-01

  • Whitepaper

    Updated

    SWIFT Customer Security Controls Framework (v2022) on AWS

    The objective of this guide is to provide SWIFT customers with sufficient information and best practices to implement the CSCF security controls when implementing their SWIFT Client Connectivity Stack on AWS.

    HTML | PDF

    Security, Identity, & Compliance | Financial Services

    October 2022

  • This Is My Architecture

    MATTR: Building Digital Trust at Scale

    MATTR's technology platform provides digital credentialing and decentralized identity building blocks to unlock scale in the use of trust information. The tech stack is built on open standards, designed for internet scale, and leverages elastic availability in the cloud. In this episode, Martin takes us through their high availability architecture that securely scales to support thousands of customers using EKS and AutoScaling. The architecture also highlights security services like WAF, Shield Advanced and infrastructure as code solution to enable automation.

    Check out more resources for architecting in the #AWS​​​ cloud:

    2022-10-04

  • Whitepaper

    Updated

    Best Practices for Designing Amazon API Gateway Private APIs and Private Integration

    This whitepaper introduces best practices for deploying private APIs and private integrations in API Gateway, and discusses security, usability, and architecture. This whitepaper is aimed at developers who use API Gateway, or are considering using it in the future.

    HTML | PDF

    Application Integration | Networking & Content Delivery | Security, Identity, & Compliance

    September 2022

  • This Is My Architecture

    Pinterest: Scalable Access Control with STS Token Vending

    In this video, Keith from Pinterest talks about their scalable access control solution for clusters of EC2 instances that need access to data in Amazon S3. You'll learn how they built a token vending service using AWS Secure Token Service (STS) that allows them to bridge their internal concept of users and authentication to managed policies and AWS Identity and Access Management (IAM). This elegant solution provides layered, fine-grained access control and reduces the number of clusters that they need to spin-up.

    Check out more resources for architecting in the #AWS​​​ cloud:

    2022-08-09

  • Whitepaper

    Data Classification

    Insights and best practices for classification schemes that organizations can use when they move data to the AWS Cloud.

    HTML | PDF

    Security, Identity, & Compliance | General Public Services

    August 2022

  • Reference Architecture Diagram

    New

    Securing Custom Origins with AWS WAF

    This architecture shows how to protect any endpoint against common web vulnerabilities with AWS WAF by leveraging custom origins and custom secret headers in Amazon CloudFront.

    PDF

    Security, Identity, & Compliance

    July 2022
1
45678
14
Contact an AWS Business Representative
Have Questions? Connect with AWS Support
Exploring security roles?
Apply today »
Want AWS Security updates?
Follow us on Twitter »