Category: Security, Identity, & Compliance

To meet compliance like PCI-DSS, SOC2, and HIPAA, a customer typically has to change their architecture and workload, which can take significant time, money, and effort. With Very Good Security (VGS), customers retain full control over their data while offloading information security burdens, transferring the risk of a data breach, and fast-tracking compliance. VGS acts as a secure layer between your company and sensitive data.

With proper DevSecOps implementation, security becomes an integral part of the application delivery pipeline, allowing developers to receive rapid and contextual feedback as they build new features. The new DevSecOps category for the AWS DevOps Competency makes it easy for customers to find validated AWS Partners with DevSecOps products. These partners can help customers build secure applications by integrating security controls and policies into their application delivery pipelines.

With the support of AWS SaaS Factory, GA Telesis launched the FraudBlock SaaS solution, a fraud protect API service for companies to protect their organizations from BEC/EAC scams and help securely perform B2B transactions. The SaaS Factory team spoke with Darryl Maraj, Head of Technology at DIG and CTO at Blockrails, to learn more about Blockrails, the value its new FraudBlock solution brings to customers, and the key lessons learned building a SaaS solution on AWS.

Working with AWS, IronNet delivers threat detection and mitigation at scale across networks that are on premises, in the cloud, or both. IronNet collects logs and traffic data to identify indicators of attack or abnormal behavior in order to stop advanced cyberattacks. At its foundation, the IronNet solution consists of one or more sensors to feed network data and logs to IronDefense—the backend collection and analysis point for detection.

Migrating to the cloud has allowed many organizations to reduce costs, innovate faster, and deliver business results more effectively. Managing, securing, and having visibility across endpoints, networks, and workloads is not an easy feat and requires a unified defense-in-depth approach. Learn how CrowdStrike’s leading endpoint protection, workload protection, and threat intelligence directly integrate with AWS services to build an effective defense-in-depth solution to stay ahead of threats.

Proper certificate management helps organizations secure their data, authenticate users, and identify devices on their networks. Using Secardeo’s certEP (Certificate Enrollment Proxy) enables customers running Active Directory on AWS (and on premises) to take advantage of the scalable and fully managed nature of AWS Certificate Manager Private Certificate Authority, without sacrificing security or requiring extensive experience managing keys and certificates with hardware security modules.

Customers using cloud resources on AWS can safeguard sensitive IT systems and data by complying with the industry-recognized CIS AWS Foundations Benchmark, among other best practices defined by AWS security experts. This post explains how to get visibility of your cloud security posture when building secure multi-account, multi-region AWS deployments. Kyndryl is an IT infrastructure services provider that designs, builds, manages, and modernizes the information systems the world depends on every day.

The notion of shared responsibility has become very popular in the public cloud, and rightly so. This post focuses on helping organizations achieve their part of shared responsibility—security in the cloud. We start by introducing three areas of responsibility—configuration, access, and data—and then illustrate how tools from AWS Security Competency Partner Zscaler can address security and compliance issues in each of these areas.

It can be difficult to gain security insights into your cloud infrastructure, especially as architectures grow to encompass multiple availability zones, regions, and clouds. Aviatrix Systems is uniquely positioned to provide deep insights into network traffic that can augment AWS-native security capabilities. In this post, we detail new capabilities that were recently added to the Aviatrix Secure Network Platform—ThreatIQ and ThreatGuard.

In today’s highly complex and dynamic application ecosystem, in addition to a growing virtual workforce, it’s imperative for organizations to have an automated system in place to handle security and compliance. Learn how AWS Security Competency Partner SailPoint has integrated with Amazon EventBridge to solve various use cases for their customers. This platform, SailPoint IdentityNow, provides the benefits of combining SailPoint identity security with Amazon EventBridge to automate security and compliance.