AWS Security Blog
Recap to security, identity, and compliance sessions at AWS re:Invent 2022
AWS re:Invent returned to Las Vegas, NV, in November 2022. The conference featured over 2,200 sessions and hands-on labs and more than 51,000 attendees over 5 days. If you weren’t able to join us in person, or just want to revisit some of the security, identity, and compliance announcements and on-demand sessions, this blog post […]
How to query and visualize Macie sensitive data discovery results with Athena and QuickSight
February 21, 2023: We’ve updated the CREATE TABLE DDL to add the new originType field introduced as part of the Automated Sensitive Data Discovery feature of Macie. Amazon Macie is a fully managed data security service that uses machine learning and pattern matching to help you discover and protect sensitive data in Amazon Simple Storage Service (Amazon S3). With […]
Updated whitepaper available: AWS Security Incident Response Guide
The AWS Security Incident Response Guide focuses on the fundamentals of responding to security incidents within a customer’s Amazon Web Services (AWS) Cloud environment. You can use the guide to help build and iterate on your AWS security incident response program. Recently, we updated the AWS Security Incident Response Guide to more clearly explain what […]
2022 PiTuKri ISAE 3000 Type II attestation report available with 154 services in scope
Amazon Web Services (AWS) is pleased to announce the second issuance of the Criteria to Assess the Information Security of Cloud Services (PiTuKri) International Standard on Assurance Engagements (ISAE) 3000 Type II attestation report. The scope of the report covers a total of 154 services and 24 global AWS Regions. The Finnish Transport and Communications […]
2022 FINMA ISAE 3000 Type II attestation report now available with 154 services in scope
Amazon Web Services (AWS) is pleased to announce the third issuance of the Swiss Financial Market Supervisory Authority (FINMA) International Standard on Assurance Engagements (ISAE) 3000 Type II attestation report. The scope of the report covers a total of 154 services and 24 global AWS Regions. The latest FINMA ISAE 3000 Type II report covers […]
AWS CIRT announces the release of five publicly available workshops
Greetings from the AWS Customer Incident Response Team (CIRT)! AWS CIRT is dedicated to supporting customers during active security events on the customer side of the AWS Shared Responsibility Model. Over the past year, AWS CIRT has responded to hundreds of such security events, including the unauthorized use of AWS Identity and Access Management (IAM) […]
Introducing the Security Design of the AWS Nitro System whitepaper
AWS recently released a whitepaper on the Security Design of the AWS Nitro System. The Nitro System is a combination of purpose-built server designs, data processors, system management components, and specialized firmware that serves as the underlying virtualization technology that powers all Amazon Elastic Compute Cloud (Amazon EC2) instances launched since early 2018. With the […]
Prepare for consolidated controls view and consolidated control findings in AWS Security Hub
March 29, 2023: The post had been updated to notify customers that the Automated Security Response on AWS v2.0.0 now supports consolidated control findings. Currently, AWS Security Hub identifies controls and generates control findings in the context of security standards. Security Hub is aiming to release two new features in the first quarter of 2023 […]
Authority to operate (ATO) on AWS Program now available for customers in Spain
Meeting stringent security and compliance requirements in regulated or public sector environments can be challenging and time consuming, even for organizations with strong technical competencies. To help customers navigate the different requirements and processes, we launched the ATO on AWS Program in June 2019 for US customers. The program involves a community of expert AWS […]
How to use Amazon Verified Permissions for authorization
Applications with multiple users and shared data require permissions management. The permissions describe what each user of an application is permitted to do. Permissions are defined as allow or deny decisions for resources in the application. To manage permissions, developers often combine attribute-based access control (ABAC) and role-based access control (RBAC) models with custom code […]