AWS Security Blog The latest AWS security, identity, and compliance launches, announcements, and how-to posts.
- ICYMI: June 2026 @AWS Securityby Rodolfo Brenes on July 15, 2026 at 12:37 am
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts, new service capabilities, code samples, and workshops. AWS Security Blog posts This month’s AWS Security Blog posts covered identity and access management, threat intelligence, network security, AI-powered security tooling, and multi-account
- Security Hub adds AI workload protection and multicloud support for Microsoft Azureby Michael Fuller on July 14, 2026 at 7:16 pm
Security Hub is our foundation for full-stack enterprise security across clouds. It centralizes your security operations and turns raw signals into prioritized insights, so your team spends its time managing real risk instead of stitching tools together. Today that foundation grows in two directions our customers asked for most. We are adding purpose-built protection for
- Authenticate legitimate AI agent traffic with AWS WAF Bot Controlby Harith Gaddamanugu on July 14, 2026 at 3:18 pm
As AI agents and automated tools increasingly access web applications, distinguishing legitimate bot traffic from malicious attempts has become a critical security challenge. Traditional approaches such as IP-based filtering and reverse DNS lookups fail in multi-tenant systems (such as Amazon Bedrock AgentCore) where thousands of distinct workloads share the same IP space. Attackers can easily
- New compliance guidance available: HITRUST i1 on AWSby Abdul Javid on July 13, 2026 at 1:19 pm
We are pleased to announce the publication of a new AWS compliance implementation guidance: HITRUST i1 Compliance on AWS: Customer Implementation Guidance with an Illustrative Healthcare Platform. Healthcare organizations seeking HITRUST i1 certification increasingly rely on Amazon Web Services (AWS) as their cloud foundation. The HITRUST i1 assessment covers 182 curated controls at the Implemented
- AWS designated as a critical third party to the UK financial sectorby Michael Jefferson on July 10, 2026 at 4:15 pm
Amazon Web Services EMEA Sarl (AWS) has been designated as a critical third party (CTP) to the UK financial sector by HM Treasury. The CTP regime came into force on January 1, 2025, and establishes a framework through which the Bank of England, PRA, and FCA (collectively the UK regulators) can set requirements on and
- Introducing OAuth Support for AWS MCP Serverby Vaibhav Chowla on July 9, 2026 at 11:43 pm
You can now connect your agents to the AWS MCP Server using the same credentials and sign-in methods that you already use for connecting to the AWS Management Console or AWS Command Line Interface (AWS CLI) through a familiar browser-based experience powered by industry-standard OAuth. This new sign-in path supports AWS Identity and Access Management
- Designing for the inevitable: System prompt leakage and mitigations in generative AI applicationsby Manideep Konakandla on July 8, 2026 at 6:58 pm
System prompts form the foundation of generative AI applications. A system prompt is a collection of instructions and operational context provided to a large language model (LLM) that shapes how the model behaves and interacts with users and tools. System prompts often contain proprietary information, including role definitions, behavioral guidelines, tool descriptions and usage instructions,
- The CISO’s guide to post-quantum mandates and migrationsby Rushir Patel on July 8, 2026 at 3:00 pm
Over a dozen major economies have now published post-quantum cryptography (PQC) adoption guidance. As a CISO, you’re probably well into your migration plan and know the most difficult part has little to do with changing algorithms. The real leadership challenge is driving coordinated change across a large, complex organization where asymmetric cryptography is embedded in
- Enforce zero data retention on Amazon Bedrock with Bedrock Projects and service control policiesby Rob Higareda on July 7, 2026 at 6:18 pm
With the introduction of models that require data sharing with third-party providers—such as Claude Fable 5—organizations need a way to centrally enforce data retention policies. Amazon Bedrock gives you control over whether your prompts and model outputs are retained after an inference request completes. You might need a way to enforce your retention settings across
- Enforce least-privilege authorization in multi-agent AI chains using Cedarby Dhananjay Karanjkar on July 6, 2026 at 4:52 pm
If you’re building multi-agent AI systems, you need to prevent authorization scope from silently expanding as agents delegate tasks through multi-hop chains. Without proper controls, an agent can potentially act beyond what the originating user authorized, even when role-based access control (RBAC) policies are in place. The OWASP Top 10 for Agentic Applications classifies this
- Secure Amazon container workloads using container attribute-based rules in AWS Network Firewallby Amit Gaur on July 1, 2026 at 7:40 pm
Today, you can use AWS Network Firewall to protect traffic flowing to and from containerized applications on Amazon Elastic Kubernetes Service (Amazon EKS) and Amazon Elastic Container Service (Amazon ECS) clusters. If you run AI and machine learning (ML) workloads on Amazon EKS—such as model inference, RAG pipelines, or JupyterHub—your containerized workloads require the same
- How to use the AWS Workload Credentials Provider for cross-account secret retrieval and prefetching secretsby Derik Wang on July 1, 2026 at 3:56 pm
If you manage secrets across multiple AWS accounts or need faster secret access for latency-sensitive applications, this post shows you how to meet those requirements using two new features of the AWS Workload Credentials Provider (provider). You will learn how to configure role chaining for cross-account secret retrieval and prefetching of secrets to reduce cold-start
- What the June 2026 Threat Technique Catalog update means for your AWS environmentby Shannon Brazil on June 29, 2026 at 7:30 pm
The AWS Customer Incident Response Team (AWS CIRT) encounters patterns that repeat across engagements when helping customers respond to security incidents. We’re passionate about making sure that information is accessible so that everyone can improve their security posture and their organization’s resilience to disruption. The primary method we use to share this information is the
- Restrict AWS Management Console access to expected networks with sign-in resource-based policies and RCPsby Swara Gandhi on June 24, 2026 at 8:01 pm
Amazon Web Services (AWS) recently announced support for resource-based policies and resource control policies (RCPs) for AWS Sign-In. By using resource-based policies and RCPs, you can restrict access to the AWS Management Console sign-in and aws login CLI sessions to requests from your expected networks, your on-premises data center networks, and your Amazon Virtual Private
- Prevent data exfiltration: AWS egress controls for cloud workloadsby Meriem SMACHE on June 22, 2026 at 3:53 pm
When securing an Amazon Web Services (AWS) environment, teams naturally prioritize inbound controls, firewalls, WAFs, and access policies, because that’s where the most visible threats originate. Outbound traffic, on the other hand, tends to get less attention. It’s often left open by default to avoid breaking application dependencies and because the risk feels less immediate.
- Accelerate security investigations with Kiro CLIby Sibasankar Behera on June 18, 2026 at 7:24 pm
When a security event occurs in your Amazon Web Services (AWS) environment, rapid response is critical. However security teams often struggle with time-consuming, manual processes that slow down investigations. Analysts must recall complex AWS Command Line Interface (AWS CLI) syntax for multiple services, manually correlate findings across Amazon GuardDuty, AWS CloudTrail, and other security tools,
- Spring 2026 SOC 1 and 2 reports are now available in OSCAL formatby Thomas Fischer on June 18, 2026 at 4:50 pm
Amazon Web Services (AWS) is excited to release the Spring 2026 System and Organization Controls (SOC) 1 and 2 reports in machine-readable OSCAL format alongside the PDF version of the reports. The reports cover 188 services over the 12-month period from April 1, 2025 to March 31, 2026, giving customers a full year of assurance.
- Introducing AWS Continuum: Security at machine speedby Chet Kapoor on June 17, 2026 at 3:34 pm
What we believe We’ve been thinking deeply about enterprise security. The operating model that served us for the past decade (collect telemetry, store it, query it, build dashboards to watch it) is no longer keeping pace. We need to shift to the new world: telemetry, context, reasoning, and actions. An approach that produces outcomes. The
- Threat tactic spotlight: Subdomain takeoverby Matt Gurr on June 16, 2026 at 5:53 pm
In this blog post you’ll learn how to detect and prevent subdomain takeover – a tactic where threat actors exploit dangling DNS records to redirect traffic to attacker-controlled resources. We’ll explain the issue, how the situation arises, and how you can use various AWS features and services to help mitigate the impact of this tactic.
- ICYMI: May 2026 @AWS Securityby Rodolfo Brenes on June 8, 2026 at 9:00 pm
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts, new service capabilities, code samples, and workshops. AWS Security Blog posts This month’s AWS Security Blog posts covered AI security, network protection, identity management, compliance frameworks, and supply chain security. Read






















