AWS Security Blog
Tag: Best Practices
Introducing the AWS Best Practices for Security, Identity, & Compliance Webpage and Customer Polling Feature
The AWS Security team has made it easier for you to find information and guidance on best practices for your cloud architecture. We’re pleased to share the Best Practices for Security, Identity, & Compliance webpage of the new AWS Architecture Center. Here you’ll find top recommendations for security design principles, workshops, and educational materials, and […]
Over 150 AWS services now have a security chapter
We’re happy to share an update on the service documentation initiative that we first told you about on the AWS Security Blog in June, 2019. We’re excited to announce that over 150 services now have dedicated security chapters available in the AWS security documentation. In case you aren’t familiar with the security chapters, they were […]
Updates to the security pillar of the AWS Well-Architected Framework
We have updated the security pillar of the AWS Well-Architected Framework, based on customer feedback and new best practices. In this post, I’ll take you through the highlights of the updates to the security information in the Security Pillar whitepaper and the AWS Well-Architected Tool, and explain the new best practices and guidance. AWS developed […]
AWS Foundational Security Best Practices standard now available in Security Hub
AWS Security Hub offers a new security standard, AWS Foundational Security Best Practices This week AWS Security Hub launched a new security standard called AWS Foundational Security Best Practices. This standard implements security controls that detect when your AWS accounts and deployed resources do not align with the security best practices defined by AWS security […]
Top 10 security items to improve in your AWS account
August 10, 2022: This blog post has been updated to reflect the new name of AWS Single Sign-On (SSO) – AWS IAM Identity Center. Read more about the name change here. If you’re looking to improve your cloud security, a good place to start is to follow the top 10 most important cloud security tips […]
How to get started with security response automation on AWS
December 2, 2019: We’ve updated this post to include some additional information about Security Hub. At AWS, we encourage you to use automation to help quickly detect and respond to security events within your AWS environments. In addition to increasing the speed of detection and response, automation also helps you scale your security operations as […]
Nine AWS Security Hub best practices
July 21, 2020: The advice about enabling Security Hub in every region where you have authorized activity was updated. AWS Security Hub is a security and compliance service that became generally available on June 25, 2019. It provides you with extensive visibility into your security and compliance status across multiple AWS accounts, in a single […]
How AWS Meets a Physical Separation Requirement with a Logical Separation Approach
We have a new resource available to help you meet a requirement for physically-separated infrastructure using logical separation in the AWS cloud. Our latest guide, Logical Separation: An Evaluation of the U.S. Department of Defense Cloud Security Requirements for Sensitive Workloads outlines how AWS meets the U.S. Department of Defense’s (DoD) stringent physical separation requirement by […]
The Top 10 Most Downloaded AWS Security and Compliance Documents in 2017
July 24, 2020: The number 9 item in this list, the Auditing Security Checklist, has been replaced by a Cloud Audit Academy course. The following list includes the ten most downloaded AWS security and compliance documents in 2017. Using this list, you can learn about what other AWS customers found most interesting about security and […]
Announcing the New AWS Customer Compliance Center
AWS has the longest running, most effective, and most customer-obsessed compliance program in the cloud market. We have always centered our program around customers, obtaining the certifications needed to provide our customers with the proper level of validated transparency in order to enable them to certify their own AWS workloads [download .pdf of AWS certifications]. […]