Skip to main content

AWS Solutions Library

Guidance for Application Security on AWS

Enhance application security and catch security vulnerabilities through integrated security automation

Overview

This Guidance shows how to build a strong application security capability on AWS. Application security helps you address application-level threats, like unauthorized access and privilege escalation. By using the AWS security services in this Guidance, you can log application security, protect and manage your resources, and detect anomalous behavior in client interactions with your application.

How to deploy

This architecture diagram shows how to integrate AWS security services to protect and manage your cloud resources and log application security as you build a reliable, secure, and scalable cloud environment.

Download the architecture diagram

Additional Considerations

Application Security describes the security measures used at the application level to protect data or code within the app from being stolen or hijacked. It includes security concerns during application development and design, but it also includes methods and procedures to safeguard apps after they are launched. Application security should be applied at all stages of development, including design, development, and deployment.

Application Security not only emphasizes preventing vulnerabilities and threats in software applications but also stresses the importance of constant monitoring and updating to address new challenges and threats as they emerge. Regular security assessments, including code reviews, penetration testing, and the use of automated security tools, play a crucial role in identifying and mitigating potential security issues before they can be exploited.

Disclaimer

The sample code; software libraries; command line tools; proofs of concept; templates; or other related technology (including any of the foregoing that are provided by our personnel) is provided to you as AWS Content under the AWS Customer Agreement, or the relevant written agreement between you and AWS (whichever applies). You should not use this AWS Content in your production accounts, or on production or other critical data. You are responsible for testing, securing, and optimizing the AWS Content, such as sample code, as appropriate for production grade use based on your specific quality control practices and standards. Deploying AWS Content may incur AWS charges for creating or using AWS chargeable resources, such as running Amazon EC2 instances or using Amazon S3 storage.