Tag Archives: Security, Identity, & Compliance

Amazon GuardDuty EC2 Runtime Monitoring is now generally available

Posted on by

Amazon GuardDuty is a machine learning (ML)-based security monitoring and intelligent threat detection service that analyzes and processes various AWS data sources, continuously monitors your AWS accounts and workloads for malicious activity, and delivers detailed security findings for visibility and Continue reading Amazon GuardDuty EC2 Runtime Monitoring is now generally available

DNS over HTTPS is now available in Amazon Route 53 Resolver

Posted on by

Starting today, Amazon Route 53 Resolver supports using the DNS over HTTPS (DoH) protocol for both inbound and outbound Resolver endpoints. As the name suggests, DoH supports HTTP or HTTP/2 over TLS to encrypt the data exchanged for Domain Name Continue reading DNS over HTTPS is now available in Amazon Route 53 Resolver

Amazon EKS Pod Identity simplifies IAM permissions for applications on Amazon EKS clusters

Posted on by

Starting today, you can use Amazon EKS Pod Identity to simplify your applications that access AWS services. This enhancement provides you with a seamless and easy to configure experience that lets you define required IAM permissions for your applications in Continue reading Amazon EKS Pod Identity simplifies IAM permissions for applications on Amazon EKS clusters

New – AWS Audit Manager now supports first third-party GRC integration

Posted on by

Auditing is a continuous and ongoing process, and every audit includes the collection of evidence. The evidence gathered helps confirm the state of resources and it’s used to demonstrate that the customer’s policies, procedures, and activities (controls), are in place, Continue reading New – AWS Audit Manager now supports first third-party GRC integration

AWS Weekly Roundup—Reserve GPU capacity for short ML workloads, Finch is GA, and more—November 6, 2023

Posted on by

The year is coming to an end, and there are only 50 days until Christmas and 21 days to AWS re:Invent! If you are in Las Vegas, come and say hi to me. I will be around the Serverlesspresso booth most Continue reading AWS Weekly Roundup—Reserve GPU capacity for short ML workloads, Finch is GA, and more—November 6, 2023

Rotate Your SSL/TLS Certificates Now – Amazon RDS and Amazon Aurora Expire in 2024

Posted on by

Don’t be surprised if you have seen the Certificate Update in the Amazon Relational Database Service (Amazon RDS) console. If you use or plan to use Secure Sockets Layer (SSL) or Transport Layer Security (TLS) with certificate verification to connect Continue reading Rotate Your SSL/TLS Certificates Now – Amazon RDS and Amazon Aurora Expire in 2024

Manage roles and entitlements with PBAC using Amazon Verified Permissions

Posted on by

Traditionally, customers have used role-based access control (RBAC) to manage entitlements within their applications. The application controls what users can do, based on the roles they are assigned. But, the drive for least privilege has led to an exponential growth Continue reading Manage roles and entitlements with PBAC using Amazon Verified Permissions

Architecting for Resilience in the cloud for critical railway systems

Posted on by

Introduction With the successful use of cloud computing in the IT space (analytics, simulation and workflow management), companies in highly regulated industries, such as railways, increasingly look at also migrating their OT systems (control systems, real-time monitoring, and transaction management) Continue reading Architecting for Resilience in the cloud for critical railway systems

Policy-based access control in application development with Amazon Verified Permissions

Posted on by

Today, accelerating application development while shifting security and assurance left in the development lifecycle is essential. One of the most critical components of application security is access control. While traditional access control mechanisms such as role-based access control (RBAC) and Continue reading Policy-based access control in application development with Amazon Verified Permissions

New – Amazon S3 Dual-Layer Server-Side Encryption with Keys Stored in AWS Key Management Service (DSSE-KMS)

Posted on by

Today, we are launching Amazon S3 dual-layer server-side encryption with keys stored in AWS Key Management Service (DSSE-KMS), a new encryption option in Amazon S3 that applies two layers of encryption to objects when they are uploaded to an Amazon Continue reading New – Amazon S3 Dual-Layer Server-Side Encryption with Keys Stored in AWS Key Management Service (DSSE-KMS)

Simplify How You Manage Authorization in Your Applications with Amazon Verified Permissions – Now Generally Available

Posted on by

When developing a new application or integrating an existing one into a new environment, user authentication and authorization require significant effort to be correctly implemented. In the past, you would have built your own authentication system, but today you can Continue reading Simplify How You Manage Authorization in Your Applications with Amazon Verified Permissions – Now Generally Available

New – Move Payment Processing to the Cloud with AWS Payment Cryptography

Posted on by

Cryptography is everywhere in our daily lives. If you’re reading this blog, you’re using HTTPS, an extension of HTTP that uses encryption to secure communications. On AWS, multiple services and capabilities help you manage keys and encryption, such as: ShareTweetPostPin Continue reading New – Move Payment Processing to the Cloud with AWS Payment Cryptography

New – Simplify the Investigation of AWS Security Findings with Amazon Detective

Posted on by

With Amazon Detective, you can analyze and visualize security data to investigate potential security issues. Detective collects and analyzes events that describe IP traffic, AWS management operations, and malicious or unauthorized activity from AWS CloudTrail logs, Amazon Virtual Private Cloud Continue reading New – Simplify the Investigation of AWS Security Findings with Amazon Detective