AWS Security Blog

One of the most important things you can do as a customer to ensure the security of your resources is to maintain careful control over who has access to them. This is especially true if any of your AWS users have programmatic access. Programmatic access allows you to invoke actions on your AWS resources either […]

At AWS, the security, privacy, and protection of customer data always comes first, which is why I am pleased to share the news that AWS has achieved “Hébergeur de Données de Santé” (HDS) certification. With HDS certification, customers and partners who host French Personal Health Information (PHI) are now able to use AWS services to […]

Amazon Elasticsearch Service (Amazon ES) is a fully managed service to search, analyze, and visualize data in real-time. The service offers integration with Kibana, an open-source data visualization and exploration tool that lets you perform log and time-series analytics and application monitoring. Many enterprise customers who want to use these capabilities find it challenging to […]

In my previous post, I showed you how you can increase the durability of your applications and prepare for disaster recovery by using AWS Secrets Manager to replicate your secrets across AWS regions. This is just one of many security best practices you can implement in your AWS environment. Another would be removing the need […]

You can now more quickly view and update all your security credentials from one place using the “My Security Credentials” page in the AWS Management Console. When you grant your developers programmatic access or AWS Management Console access, they receive credentials, such as a password or access keys, to access AWS resources. For example, creating […]

I’m proud to announce an updated resource that is designed to provide guidance to help your organization align to the National Institute of Standards and Technology (NIST) Cybersecurity Framework Version 1.1, which was released in 2018. The updated guide, NIST Cybersecurity Framework (CSF): Aligning to the NIST CSF in the AWS Cloud, is designed to […]

The Australian Cyber Security Centre (ACSC) has awarded PROTECTED certification to AWS for 42 of our cloud services. This is the highest data security certification available in Australia for cloud service providers, and AWS offers the most PROTECTED services of any public cloud service provider. You will find AWS on the ACSC’s Certified Cloud Services […]

Code signing is the process of digitally signing executables and scripts to confirm the software author and to demonstrate that the code has not been altered or corrupted since it was signed. Packaged software uses branding and trusted sales outlets to assure users of its integrity, but these guarantees are not available when code is […]

Logging account activity within your AWS infrastructure is paramount to your security posture and could even be required by compliance standards such as PCI-DSS (Payment Card Industry Security Standard). Organizations often analyze these logs to adapt to changes and respond quickly to security events. For example, if users are reporting that their resources are unable […]

You can use federation to centrally manage access to multiple AWS accounts using credentials from your corporate directory. Federation is the practice of establishing trust between a system acting as an identity provider and other systems, often called service providers, that accept authentication tokens from that identity provider. Amazon Web Services (AWS) supports open federation […]