Category: Security, Identity, & Compliance

AWS CloudHSM enables you to generate and use your own encryption keys on AWS. The standard service for managing keys for signing would usually be AWS KMS, but due to legacy requirements from the customer side the team at BJSS needed to support both SHA256 and SHA1. Learn how BJSS successfully signed some data with a key from AWS CloudHSM using Python, and walk through the setup of an AWS CloudHSM cluster for testing using a sample application.

Ransomware hardly needs an introduction for those who work in cybersecurity, maintain web properties, or work in corporate IT. In this post by the director of application security solutions at Barracuda Networks, learn about the role application security plays in preventing the spread of ransomware and explore several examples of how you can use Barracuda’s CloudGen WAF to further protect your application running on AWS. Barracuda is an AWS Security Competency Partner.

AWS is enabling a new era of data and analytics, fueled by the cloud, advanced data management, and data science tools. Explore how organizations can leverage automation and modern access control models to scale cloud adoption, accelerate time to access data, and decrease risk. With Immuta, organizations can finally unlock the full value of their data while improving productivity, reducing time to data, maintaining strong security, and enabling new data sharing use cases.

AWS Single Sign-On (AWS SSO) is where you create or connect your workforce identities in AWS once and manage access centrally across your AWS Organization. Learn about the new integration with CyberArk Workforce Identity to provide simplified access management and provisioning to AWS. With this integration, you can have a single point of truth for all enterprise identities and enforce consistent management of users, groups, permissions, and access policies while reducing redundancies and errors.

This post describes a solution created by IBM during the migration of a big data and analytics platform for one of the top 10 banks worldwide. The primary drivers were cost efficiency, business agility, and performance. The “pet to cattle” concept was applied to this solution to transform the legacy high availability disaster recovery solution to a more robust and cost-effective cattle-based solution through the use of AWS-native services.

Customer onboarding remains a challenging and time-consuming process for most banks. Both digital and traditional processes are often overly complex, resulting in lower conversion rates and higher cost of acquisition. To overcome these challenges, numerous financial institutions have started customer onboarding online. In this post, walk through the use case of one of the largest financial institutes of Europe for whom Infostretch provided a substantial breakthrough to onboard the customers digitally.

Security is the highest priority for AWS, which works closely with industry-leading partners such as CloudHealth by VMware to build security solutions for customers like CloudHealth Secure State (CHSS). Learn how you can set up CHSS projects, suppress rules and alerts, find misconfigurations through CHSS Explore, and set up remediation jobs all built on CloudHealth’s unified security monitoring approach for AWS.

As multi-tenant SaaS providers look to leverage machine learning services, they must consider how they’ll protect the data that flows in and out of these services from different tenants. Learn how tenant isolation of machine learning services can be achieved using AWS IAM, and how the integration between IAM, Amazon SageMaker, and many other AWS services provide developers with a rich set of mechanisms that can be applied to realize tenant isolation goals.

This post will show you how to send Amazon Inspector‘s Common Vulnerabilities and Exposures (CVE) findings to the ServiceNow Security Operations (SecOps) module. At the time of this write-up, there is no native adaptor from AWS to the ServiceNow SecOps module and, as such, requires a custom integration. Learn how to use ServiceNow’s native RESTful API to create a custom interface that an AWS Lambda function will leverage to send the CVE findings as they reach AWS Security Hub.

Digital Cloud Services (DCS) is a fully managed AWS landing zone-as-a-service from Atos, and the DCS solution offers a managed landing zone platform with enterprise-grade security. It provides customers with the ideal environment to start or continue their business transformation, at pace and scale in a self-service manner. With DCS, customers are safe in the knowledge the underlying platform is built to CIS benchmarks and AWS Well-Architected Framework standards.