Showing only posts tagged Amazon EC2. Show all posts.

Get the full benefits of IMDSv2 and disable IMDSv1 across your AWS infrastructure

Source

The Amazon Elastic Compute Cloud (Amazon EC2) Instance Metadata Service (IMDS) helps customers build secure and scalable applications. IMDS solves a security challenge for cloud users by providing access to temporary and frequently-rotated credentials, and by removing the need to hardcode or distribute sensitive credentials to instances manually or …

How to scan EC2 AMIs using Amazon Inspector

Source

Amazon Inspector is an automated vulnerability management service that continually scans Amazon Web Services (AWS) workloads for software vulnerabilities and unintended network exposure. Amazon Inspector supports vulnerability reporting and deep inspection of Amazon Elastic Compute Cloud (Amazon EC2) instances, container images stored in Amazon Elastic Container Registry (Amazon ECR …

AWS CIRT announces the release of five publicly available workshops

Source

Greetings from the AWS Customer Incident Response Team (CIRT)! AWS CIRT is dedicated to supporting customers during active security events on the customer side of the AWS Shared Responsibility Model. Over the past year, AWS CIRT has responded to hundreds of such security events, including the unauthorized use of …

Introducing the Security Design of the AWS Nitro System whitepaper

Source

AWS recently released a whitepaper on the Security Design of the AWS Nitro System. The Nitro System is a combination of purpose-built server designs, data processors, system management components, and specialized firmware that serves as the underlying virtualization technology that powers all Amazon Elastic Compute Cloud (Amazon EC2) instances …

How to enable secure seamless single sign-on to Amazon EC2 Windows instances with AWS SSO

Source

Today, we’re launching new functionality that simplifies the experience to securely access your AWS compute instances running Microsoft Windows. We took on this update to respond to customer feedback around creating a more streamlined experience for administrators and users to more securely access their EC2 Windows instances. The …

Forensic investigation environment strategies in the AWS Cloud

Source

When a deviation from your secure baseline occurs, it’s crucial to respond and resolve the issue quickly and follow up with a forensic investigation and root cause analysis. Having a preconfigured infrastructure and a practiced plan for using it when there’s a deviation from your baseline will …

Securely extend and access on-premises Active Directory domain controllers in AWS

Source

If you have an on-premises Windows Server Active Directory infrastructure, it’s important to plan carefully how to extend it into Amazon Web Services (AWS) when you’re migrating or implementing cloud-based applications. In this scenario, existing applications require Active Directory for authentication and identity management. When you migrate …

Use IAM Access Analyzer to generate IAM policies based on access activity found in your organization trail

Source

In April 2021, AWS Identity and Access Management (IAM) Access Analyzer added policy generation to help you create fine-grained policies based on AWS CloudTrail activity stored within your account. Now, we’re extending policy generation to enable you to generate policies based on access activity stored in a designated …

Apply the principle of separation of duties to shell access to your EC2 instances

Source

In this blog post, we will show you how you can use AWS Systems Manager Change Manager to control access to Amazon Elastic Compute Cloud (Amazon EC2) instance interactive shell sessions, to enforce separation of duties. Separation of duties is a design principle where more than one person’s …

Confidential computing: an AWS perspective

Source

Customers around the globe—from governments and highly regulated industries to small businesses and start-ups—trust Amazon Web Services (AWS) with their most sensitive data and applications. At AWS, keeping our customers’ workloads secure and confidential, while helping them meet their privacy and data sovereignty requirements, is our highest …

Use EC2 Instance Connect to provide secure SSH access to EC2 instances with private IP addresses

Source

In this post, I show you how to use Amazon EC2 Instance Connect to use Secure Shell (SSH) to securely access your Amazon Elastic Compute Cloud (Amazon EC2) instances running on private subnets within an Amazon Virtual Private Cloud (Amazon VPC). EC2 Instance Connect provides a simple and secure …

How to confirm your automated Amazon EBS snapshots are still created after the TLS 1.2 uplift on AWS FIPS endpoints

Source

We are happy to announce that all AWS Federal Information Processing Standard (FIPS) endpoints have been updated to only accept a minimum of Transport Layer Security (TLS) 1.2 connections. This ensures that our customers who run regulated workloads can meet FedRAMP compliance requirements that mandate a minimum of …

Review last accessed information to identify unused EC2, IAM, and Lambda permissions and tighten access for your IAM roles

Source

AWS Identity and Access Management (IAM) helps customers analyze access and achieve least privilege. When you are working on new permissions for your team, you can use IAM Access Analyzer policy generation to create a policy based on your access activity and set fine-grained permissions. To analyze and refine …

IAM Access Analyzer makes it easier to implement least privilege permissions by generating IAM policies based on access activity

Source

In 2019, AWS Identity and Access Management (IAM) Access Analyzer was launched to help you remove unintended public and cross account access by analyzing your existing permissions. In March 2021, IAM Access Analyzer added policy validation to help you set secure and functional permissions during policy authoring. Now, IAM …

How you can use Amazon GuardDuty to detect suspicious activity within your AWS account

Source

Amazon GuardDuty is an automated threat detection service that continuously monitors for suspicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3. In this post, I’ll share how you can use GuardDuty with its newly enhanced highly-customized machine learning model to …

Automate Amazon EC2 instance isolation by using tags

Source

Containment is a crucial part of an overall Incident Response Strategy, as this practice allows time for responders to perform forensics, eradication and recovery during an Incident. There are many different approaches to containment. In this post, we will be focusing on isolation—the ability to keep multiple targets …

Secure and automated domain membership management for EC2 instances with no internet access

Source

In this blog post, I show you how to deploy an automated solution that helps you fully automate the Active Directory join and unjoin process for Amazon Elastic Compute Cloud (Amazon EC2) instances that don’t have internet access. Managing Active Directory domain membership for EC2 instances in Amazon …