AWS Security Blog

The importance of encryption and how AWS can help

Encryption is a critical component of a defense-in-depth strategy, which is a security approach with a series of defensive mechanisms designed so that if one security mechanism fails, there’s at least one more still operating. As more organizations look to operate faster and at scale, they need ways to meet critical compliance requirements and improve […]

Read More

Tighten S3 permissions for your IAM users and roles using access history of S3 actions

Customers tell us that when their teams and projects are just getting started, administrators may grant broad access to inspire innovation and agility. Over time administrators need to restrict access to only the permissions required and achieve least privilege. Some customers have told us they need information to help them determine the permissions an application […]

Read More

AWS achieves its first PCI 3DS attestation

We are pleased to announce that Amazon Web Services (AWS) has achieved its first PCI 3-D Secure (3DS) certification. Financial institutions and payment providers are implementing EMV 3-D Secure services to support application-based authentication, integration with digital wallets, and browser-based e-commerce transactions. Although AWS doesn’t perform 3DS functions directly, the AWS PCI 3DS attestation of […]

Read More

How to perform automated incident response in a multi-account environment

How quickly you respond to security incidents is key to minimizing their impacts. Automating incident response helps you scale your capabilities, rapidly reduce the scope of compromised resources, and reduce repetitive work by security teams. But when you use automation, you also must manage exceptions to standard response procedures. In this post, I provide a […]

Read More

AWS Shield Threat Landscape report is now available

AWS Shield is a managed threat protection service that safeguards applications running on AWS against exploitation of application vulnerabilities, bad bots, and Distributed Denial of Service (DDoS) attacks. The AWS Shield Threat Landscape Report (TLR) provides you with a summary of threats detected by AWS Shield. This report is curated by the AWS Threat Research […]

Read More

How to create SAML providers with AWS CloudFormation

As organizations grow, they often experience an inflection point where it becomes impractical to manually manage separate user accounts in disparate systems. Managing multiple AWS accounts is no exception. Many large organizations have dozens or even hundreds of AWS accounts spread across multiple business units. AWS provides many solutions that can orchestrate a person’s identity […]

Read More

AWS Artifact service launches new user interface

AWS Artifact service introduces a new user interface (UI) that provides a more intuitive experience in searching and saving AWS compliance reports, and accepting agreements. The new UI includes AWS Artifact home page equipped with information and videos on how to use the AWS Artifact service for your compliance needs. Additionally, the Reports and Agreements […]

Read More

Spring 2020 SOC 2 Type I Privacy report now available

We continue to be customer focused in addressing privacy requirements, enabling you to be confident in how your content is protected while using Amazon Web Services. Our latest SOC2 Type 1 Privacy report is now available to demonstrate our privacy compliance commitments to you. Our spring 2020 SOC 2 Type I Privacy report provides you […]

Read More

Spring 2020 SOC reports now available with 122 services in scope

At AWS, our customers’ security is of the highest importance and we continue to provide transparency into our security posture. We’re proud to deliver the System and Organizational Controls (SOC) 1, 2, and 3 reports to our AWS customers. The SOC program continues to enable our global customer base to maintain confidence in our secured […]

Read More

AWS achieves Spain’s ENS High certification across 105 services

AWS achieved Spain’s Esquema Nacional de Seguridad (ENS) High certification across 105 services in all AWS Regions. To successfully achieve the ENS High certification, BDO España conducted an independent audit and attested that AWS meets confidentiality, integrity, and availability standards. This provides assurance to Spain’s public sector organizations wanting to build secure applications and services […]

Read More