AWS Security Blog

An unexpected discovery: Automated reasoning often makes systems more efficient and easier to maintain

During a recent visit to the Defense Advanced Research Projects Agency (DARPA), I mentioned a trend that piqued their interest: Over the last 10 years of applying automated reasoning at Amazon Web Services (AWS), we’ve found that formally verified code is often more performant than the unverified code it replaces. The reason is that the […]

Main Image

Strengthening security in the era of generative AI: Must-attend sessions at re:Invent 2024

Secure generative AI insights await at AWS re:Invent 2024; gain practical strategies to harness AI’s power while safeguarding data and compliance from leading experts through immersive sessions tailored for security professionals and AI/ML builders.

How AWS uses active defense to help protect customers from security threats

AWS is deeply committed to earning and maintaining the trust of customers who rely on us to run their workloads. Security has always been our top priority, which includes designing our own services with security in mind at the outset, and taking proactive measures to mitigate potential threats so that customers can focus on their […]

Improve security incident response times by using AWS Service Catalog to decentralize security notifications

Many organizations continuously receive security-related findings that highlight resources that aren’t configured according to the organization’s security policies. The findings can come from threat detection services like Amazon GuardDuty, or from cloud security posture management (CSPM) services like AWS Security Hub, or other sources. An important question to ask is: How, and how soon, are […]

AIPCA SOC logo

Summer 2024 SOC 1 report now available in Japanese, Korean, and Spanish

Japanese | Korean | Spanish At Amazon Web Services (AWS), we continue to listen to our customers, regulators, and stakeholders to understand their needs regarding audit, assurance, certification, and attestation programs. We are pleased to announce that the AWS System and Organization Controls (SOC) 1 report is now available in Japanese, Korean, and Spanish. This […]

Customer compliance and security during the post-quantum cryptographic migration

Amazon Web Services (AWS) prioritizes the security, privacy, and performance of its services. AWS is responsible for the security of the cloud and the services it offers, and customers own the security of the hosts, applications, and services they deploy in the cloud. AWS has also been introducing quantum-resistant key exchange in common transport protocols used […]

AI AuthZ

Enhancing data privacy with layered authorization for Amazon Bedrock Agents

Customers are finding several advantages to using generative AI within their applications. However, using generative AI adds new considerations when reviewing the threat model of an application, whether you’re using it to improve the customer experience for operational efficiency, to generate more tailored or specific results, or for other reasons. Generative AI models are inherently […]

Amazon Macie

How to perform a proof of concept for automated discovery using Amazon Macie

Amazon Web Services (AWS) customers of various sizes across different industries are pursuing initiatives to better classify and protect the data they store in Amazon Simple Storage Service (Amazon S3). Amazon Macie helps customers identify, discover, monitor, and protect sensitive data stored in Amazon S3. However, it’s important that customers evaluate and test the capabilities […]

Main Image

Keep your firewall rules up-to-date with Network Firewall features

AWS Network Firewall is a managed firewall service that makes it simple to deploy essential network protections for your virtual private clouds (VPCs) on AWS. Network Firewall automatically scales with your traffic, and you can define firewall rules that provide fine-grained control over network traffic. When you work with security products in a production environment, you […]

How to implement relationship-based access control with Amazon Verified Permissions and Amazon Neptune

How to implement relationship-based access control with Amazon Verified Permissions and Amazon Neptune

Externalized authorization for custom applications is a security approach where access control decisions are managed outside of the application logic. Instead of embedding authorization rules within the application’s code, these rules are defined as policies, which are evaluated by a separate system to make an authorization decision. This separation enhances an application’s security posture by […]