AWS Security Blog

2023 H2 IRAP report is now available on AWS Artifact for Australian customers

Amazon Web Services (AWS) is excited to announce that a new Information Security Registered Assessors Program (IRAP) report (2023 H2) is now available through AWS Artifact. An independent Australian Signals Directorate (ASD) certified IRAP assessor completed the IRAP assessment of AWS in December 2023. The new IRAP report includes an additional seven AWS services that are now assessed at the […]

AWS recognized as an Overall Leader in 2024 KuppingerCole Leadership Compass for Policy Based Access Management

Amazon Web Services (AWS) was recognized by KuppingerCole Analysts AG as an Overall Leader in the firm’s Leadership Compass report for Policy Based Access Management. The Leadership Compass report reveals Amazon Verified Permissions as an Overall Leader (as shown in Figure 1), a Product Leader for functional strength, and an Innovation Leader for open source […]

Enable multi-admin support to manage security policies at scale with AWS Firewall Manager

The management of security services across organizations has evolved over the years, and can vary depending on the size of your organization, the type of industry, the number of services to be administered, and compliance regulations and legislation. When compliance standards require you to set up scoped administrative control of event monitoring and auditing, we […]

How to use Regional AWS STS endpoints

This blog post provides recommendations that you can use to help improve resiliency in the unlikely event of disrupted availability of the global (now legacy) AWS Security Token Service (AWS STS) endpoint. Although the global (legacy) AWS STS endpoint https://sts.amazonaws.com is highly available, it’s hosted in a single AWS Region—US East (N. Virginia)—and like other […]

AIPCA SOC logo

Winter 2023 SOC 1 report now available for the first time

We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce the first ever Winter 2023 AWS System and Organization Controls (SOC) 1 report. The new Winter SOC report demonstrates our continuous commitment to adhere to the heightened expectations for cloud service providers. The report covers […]

Amazon VPC Lattice logo

Modern web application authentication and authorization with Amazon VPC Lattice

When building API-based web applications in the cloud, there are two main types of communication flow in which identity is an integral consideration: User-to-Service communication: Authenticate and authorize users to communicate with application services and APIs Service-to-Service communication: Authenticate and authorize application services to talk to each other To design an authentication and authorization solution for these […]

AWS HITRUST Shared Responsibility Matrix for HITRUST CSF v11.2 now available

The latest version of the AWS HITRUST Shared Responsibility Matrix (SRM)—SRM version 1.4.2—is now available. To request a copy, choose SRM version 1.4.2 from the HITRUST website. SRM version 1.4.2 adds support for the HITRUST Common Security Framework (CSF) v11.2 assessments in addition to continued support for previous versions of HITRUST CSF assessments v9.1–v11.2. As […]

AWS Logo

AWS Customer Compliance Guides now publicly available

The AWS Global Security & Compliance Acceleration (GSCA) Program has released AWS Customer Compliance Guides (CCGs) on the AWS Compliance Resources page to help customers, AWS Partners, and assessors quickly understand how industry-leading compliance frameworks map to AWS service documentation and security best practices. CCGs offer security guidance mapped to 16 different compliance frameworks for more than […]

Amazon Macie

Detect Stripe keys in S3 buckets with Amazon Macie

Many customers building applications on Amazon Web Services (AWS) use Stripe global payment services to help get their product out faster and grow revenue, especially in the internet economy. It’s critical for customers to securely and properly handle the credentials used to authenticate with Stripe services. Much like your AWS API keys, which enable access […]

Free sign security coat of arms illustration

How to automate rule management for AWS Network Firewall

AWS Network Firewall is a stateful managed network firewall and intrusion detection and prevention service designed for the Amazon Virtual Private Cloud (Amazon VPC). This post concentrates on automating rule updates in a central Network Firewall by using distributed firewall configurations. If you’re new to Network Firewall or seeking a technical background on rule management, […]