AWS Security Blog

Amazon Security Lake is now generally available

Amazon Security Lake is now generally available

Today we are thrilled to announce the general availability of Amazon Security Lake, first announced in a preview release at 2022 re:Invent. Security Lake centralizes security data from Amazon Web Services (AWS) environments, software as a service (SaaS) providers, on-premises, and cloud sources into a purpose-built data lake that is stored in your AWS account. […]

Exclude cipher suites at the API gateway using a Network Load Balancer security policy

Exclude cipher suites at the API gateway using a Network Load Balancer security policy

In this blog post, we will show you how to use Amazon Elastic Load Balancing (ELB)—specifically a Network Load Balancer—to apply a more granular control on the cipher suites that are used between clients and servers when establishing an SSL/TLS connection with Amazon API Gateway. The solution uses virtual private cloud (VPC) endpoints (powered by […]

Faster AWS cloud connections with TLS 1.3

Faster AWS cloud connections with TLS 1.3

June 10, 2024: This blog post is updated to announce that TLS 1.3 is available on our AWS service API endpoints across each of our AWS Regions. January 12, 2024: Over 80% of AWS service API endpoints now support TLS 1.3, along with TLS 1.2. The remaining services are in progress on adding TLS 1.3 […]

RSA Conference 2023

Stronger together: Highlights from RSA Conference 2023

RSA Conference 2023 brought thousands of cybersecurity professionals to the Moscone Center in San Francisco, California from April 24 through 27. The keynote lineup was eclectic, with more than 30 presentations across two stages featuring speakers ranging from renowned theoretical physicist and futurist Dr. Michio Kaku to Grammy-winning musician Chris Stapleton. Topics aligned with this […]

Your guide to the threat detection and incident response track at re:Inforce 2023

Your guide to the threat detection and incident response track at re:Inforce 2023

A full conference pass is $1,099. Register today with the code secure150off to receive a limited time $150 discount, while supplies last. AWS re:Inforce is back, and we can’t wait to welcome security builders to Anaheim, CA, on June 13 and 14. AWS re:Inforce is a security learning conference where you can gain skills and confidence […]

AICPA-SOC logo

Spring 2023 SOC reports now available with 158 services in scope

At Amazon Web Services (AWS), we’re committed to providing our customers with continued assurance over the security, availability, confidentiality, and privacy of the AWS control environment. We’re proud to deliver the Spring 2023 System and Organization Controls (SOC) 1, 2 and 3 reports, which cover October 1, 2022, to March 31, 2023, to support your […]

Cyber Essentials Plus logo

AWS completes the 2023 Cyber Essentials Plus certification and NHS Data Security and Protection Toolkit assessment

Amazon Web Services (AWS) is pleased to announce the successful completion of the United Kingdom Cyber Essentials Plus certification and the National Health Service Data Security and Protection Toolkit (NHS DSPT) assessment. The Cyber Essentials Plus certificate and NHS DSPT assessment are valid for one year until March 28, 2024, and June 30, 2024, respectively. […]

AWS Clean Room

Share and query encrypted data in AWS Clean Rooms

In this post, we’d like to introduce you to the cryptographic computing feature of AWS Clean Rooms. With AWS Clean Rooms, customers can run collaborative data-query sessions on sensitive data sets that live in different AWS accounts, and can do so without having to share, aggregate, or replicate the data. When customers also use the […]

A walk through AWS Verified Access policies

A walk through AWS Verified Access policies

AWS Verified Access helps improve your organization’s security posture by using security trust providers to grant access to applications. This service grants access to applications only when the user’s identity and the user’s device meet configured security requirements. In this blog post, we will provide an overview of trust providers and policies, then walk through […]

Detect threats to your data stored in RDS databases by using GuardDuty

With Amazon Relational Database Service (Amazon RDS), you can set up, operate, and scale a relational database in the AWS Cloud. Amazon RDS provides cost-efficient, resizable capacity for an industry-standard relational database and manages common database administration tasks. If you use Amazon RDS for your workloads, you can now use Amazon GuardDuty RDS Protection to […]