Showing only posts tagged Security, Identity, & Compliance. Show all posts.

A sneak peek at the application security sessions for re:Inforce 2023

Source

A full conference pass is $1,099. Register today with the code secure150off to receive a limited time $150 discount, while supplies last. AWS re:Inforce is a security learning conference where you can gain skills and confidence in cloud security, compliance, identity, and privacy. As a re:Inforce …

Scaling security and compliance

Source

At Amazon Web Services (AWS), we move fast and continually iterate to meet the evolving needs of our customers. We design services that can help our customers meet even the most stringent security and compliance requirements. Additionally, our service teams work closely with our AWS Security Guardians program to …

AWS Security Profile – Cryptography Edition: Panos Kampanakis, Principal Security Engineer

Source

In the AWS Security Profile — Cryptography Edition series, we interview Amazon Web Services (AWS) thought leaders who help keep our customers safe and secure. This interview features Panos Kampanakis, Principal Security Engineer, AWS Cryptography. Panos shares thoughts on data protection, cloud security, post-quantum cryptography, and more. What do you …

AWS Security Profile: Ryan Dsouza, Principal Solutions Architect

Source

In the AWS Security Profile series, I interview some of the humans who work in Amazon Web Services Security and help keep our customers safe and secure. This interview is with Ryan Dsouza, Principal Solutions Architect for industrial internet of things (IIoT) security. How long have you been at …

Scale your authorization needs for Secrets Manager using ABAC with IAM Identity Center

Source

With AWS Secrets Manager, you can securely store, manage, retrieve, and rotate the secrets required for your applications and services running on AWS. A secret can be a password, API key, OAuth token, or other type of credential used for authentication purposes. You can control access to secrets in …

Investigate security events by using AWS CloudTrail Lake advanced queries

Source

This blog post shows you how to use AWS CloudTrail Lake capabilities to investigate CloudTrail activity across AWS Organizations in response to a security incident scenario. We will walk you through two security-related scenarios while we investigate CloudTrail activity. The method described in this post will help you with …

AWS Security Profile: Matt Luttrell, Principal Solutions Architect for AWS Identity

Source

In the AWS Security Profile series, I interview some of the humans who work in Amazon Web Services Security and help keep our customers safe and secure. In this profile, I interviewed Matt Luttrell, Principal Solutions Architect for AWS Identity. How long have you been at AWS and what …

New Global AWS Data Processing Addendum

Source

Navigating data protection laws around the world is no simple task. Today, I’m pleased to announce that AWS is expanding the scope of the AWS Data Processing Addendum (Global AWS DPA) so that it applies globally whenever customers use AWS services to process personal data, regardless of which …

Reduce triage time for security investigations with Amazon Detective visualizations and export data

Source

To respond to emerging threats, you will often need to sort through large datasets rapidly to prioritize security findings. Amazon Detective recently released two new features to help you do this. New visualizations in Detective show the connections between entities related to multiple Amazon GuardDuty findings, and a new …

TLS inspection configuration for encrypted traffic and AWS Network Firewall

Source

AWS Network Firewall is a managed service that provides a convenient way to deploy essential network protections for your virtual private clouds (VPCs). In this blog, we are going to cover how to leverage the TLS inspection configuration with AWS Network Firewall and perform Deep Packet Inspection for encrypted …

Logging strategies for security incident response

Source

Effective security incident response depends on adequate logging, as described in the AWS Security Incident Response Guide. If you have the proper logs and the ability to query them, you can respond more rapidly and effectively to security events. If a security event occurs, you can use various log …

Simplify web app authentication: A guide to AD FS federation with Amazon Cognito user pools

Source

August 13, 2018: Date this post was first published, on the Front-End Web and Mobile Blog. We updated the CloudFormation template, provided additional clarification on implementation steps, and revised to account for the new Amazon Cognito UI. User authentication and authorization can be challenging when you’re building web …

Gain insights and knowledge at AWS re:Inforce 2023

Source

I’d like to personally invite you to attend the Amazon Web Services (AWS) security conference, AWS re:Inforce 2023, in Anaheim, CA on June 13–14, 2023. You’ll have access to interactive educational content to address your security, compliance, privacy, and identity management needs. Join security experts …

The National Intelligence Center of Spain and AWS collaborate to promote public sector cybersecurity

Source

Spanish version » The National Intelligence Center and National Cryptological Center (CNI-CCN)—attached to the Spanish Ministry of Defense—and Amazon Web Services (AWS) have signed a strategic collaboration agreement to jointly promote cybersecurity and innovation in the public sector through AWS Cloud technology. Under the umbrella of this alliance …

How to use Amazon GuardDuty and AWS WAF v2 to automatically block suspicious hosts

Source

In this post, we’ll share an automation pattern that you can use to automatically detect and block suspicious hosts that are attempting to access your Amazon Web Services (AWS) resources. The automation will rely on Amazon GuardDuty to generate findings about the suspicious hosts, and then you can …

Automate the deployment of an NGINX web service using Amazon ECS with TLS offload in CloudHSM

Source

Customers who require private keys for their TLS certificates to be stored in FIPS 140-2 Level 3 certified hardware security modules (HSMs) can use AWS CloudHSM to store their keys for websites hosted in the cloud. In this blog post, we will show you how to automate the deployment …

Use backups to recover from security incidents

Source

Greetings from the AWS Customer Incident Response Team (CIRT)! AWS CIRT is dedicated to supporting customers during active security events on the customer side of the AWS Shared Responsibility Model. Over the past three years, AWS CIRT has supported customers with security events in their AWS accounts. These include …

Simplify management of Network Firewall rule groups with VPC managed prefix lists

Source

In this blog post, we will show you how to use managed prefix lists to simplify management of your AWS Network Firewall rules and policies across your Amazon Virtual Private Cloud (Amazon VPC) in the same AWS Region. AWS Network Firewall is a stateful, managed, network firewall and intrusion …

How to use Amazon Macie to reduce the cost of discovering sensitive data

Source

Amazon Macie is a fully managed data security service that uses machine learning and pattern matching to discover and help protect your sensitive data, such as personally identifiable information (PII), payment card data, and Amazon Web Services (AWS) credentials. Analyzing large volumes of data for the presence of sensitive …

New AWS Security Blog homepage

Source

We’ve launched a new AWS Security Blog homepage! While we currently have no plans to deprecate our existing list-view homepage, we have recently launched a new, security-centered homepage to provide readers with more blog info and easy access to the rest of AWS Security. Please bookmark the new …

How to use Google Workspace as an external identity provider for AWS IAM Identity Center

Source

March 8, 2023: We updated the post to reflect some name changes (G Suite is now Google Workspace; AWS Single Sign-On is now AWS IAM Identity Center) and associated changes to the user interface and workflow when setting up Google Workspace as an external identity provider for IAM Identity …

Establishing a data perimeter on AWS: Allow only trusted resources from my organization

Source

Companies that store and process data on Amazon Web Services (AWS) want to prevent transfers of that data to or from locations outside of their company’s control. This is to support security strategies, such as data loss prevention, or to comply with the terms and conditions set forth …

2022 H2 IRAP report is now available on AWS Artifact for Australian customers

Source

Amazon Web Services (AWS) is excited to announce that a new Information Security Registered Assessors Program (IRAP) report (2022 H2) is now available through AWS Artifact. An independent Australian Signals Directorate (ASD) certified IRAP assessor completed the IRAP assessment of AWS in December 2022. The new IRAP report includes …

How to use policies to restrict where EC2 instance credentials can be used from

Source

Today AWS launched two new global condition context keys that make it simpler for you to write policies in which Amazon Elastic Compute Cloud (Amazon EC2) instance credentials work only when used on the instance to which they are issued. These new condition keys are available today in all …

How to set up least privilege access to your encrypted Amazon SQS queue

Source

Amazon Simple Queue Service (Amazon SQS) is a fully-managed message queueing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. Amazon SQS provides authentication mechanisms so that you can control who has access to the queue. It also provides encryption in transit with HTTP …

« newer articles | page 15 | older articles »