AWS Security

AWS Security Blog The latest AWS security, identity, and compliance launches, announcements, and how-to posts.

  • Spring 2025 PCI 3DS compliance package available now
    by Will Black on August 14, 2025 at 8:52 pm

    Amazon Web Services (AWS) is pleased to announce the successful completion of our annual audit to renew our Payment Card Industry Three Domain Secure (PCI 3DS) certification. As part of this renewal, we have expanded the scope to include three additional AWS services and three additional AWS Regions: Newly added AWS services: Amazon Verified Permissions

  • 177 AWS services achieve HITRUST certification
    by Mark Weech on August 13, 2025 at 5:26 pm

    Amazon Web Services (AWS) is excited to announce that 177 AWS services have achieved HITRUST certification for the 2025 assessment cycle, including the following five services which were certified for the first time: Amazon Verified Permissions AWS B2B Data Interchange AWS Payment Cryptography AWS Resource Explorer AWS Security Incident Response The full list of AWS

  • Malware analysis on AWS: Setting up a secure environment
    by Gilad Sharabi on August 11, 2025 at 7:10 pm

    Security teams often need to analyze potentially malicious files, binaries, or behaviors in a tightly controlled environment. While this has traditionally been done in on-premises sandboxes, the flexibility and scalability of AWS make it an attractive alternative for running such workloads. However, conducting malware analysis in the cloud brings a unique set of challenges—not only

  • Amazon EC2 defenses against L1TF Reloaded
    by Ali Saidi on August 11, 2025 at 5:16 pm

    The guest data of AWS customers running on the AWS Nitro System and Nitro Hypervisor is not at risk from a new attack dubbed “L1TF Reloaded.” No additional action is required by AWS customers; however, AWS continues to recommend that customers isolate their workloads using instance, enclave, or function boundaries as described in AWS public

  • Implementing Defense-in-Depth Security for AWS CodeBuild Pipelines
    by Daniel Begimher on July 31, 2025 at 9:24 pm

    Recent security research has highlighted the importance of CI/CD pipeline configurations, as documented in AWS Security Bulletin AWS-2025-016. This post pulls together existing guidance and recommendations into one guide. Continuous integration and continuous deployment (CI/CD) practices help development teams deliver software efficiently and reliably. AWS CodeBuild provides managed build services that integrate with source code

  • Secure file sharing solutions in AWS: A security and cost analysis guide: Part 2
    by Swapnil Singh on July 31, 2025 at 5:25 pm

    As introduced in Part 1 of this series, implementing secure file sharing solutions in AWS requires a comprehensive understanding of your organization’s needs and constraints. Before selecting a specific solution, organizations must evaluate five fundamental areas: access patterns and scale, technical requirements, security and compliance, operational requirements, and business constraints. These areas cover everything from

  • Secure file sharing solutions in AWS: A security and cost analysis guide, Part 1
    by Swapnil Singh on July 31, 2025 at 5:23 pm

    Securely share sensitive data with time-limited, nonce-enhanced presigned URLs that prevent replay attacks, minimizing exposure risks through granular access controls and rigorous monitoring.

  • How to migrate your Amazon EC2 Oracle Transparent Data Encryption database encryption keystore to AWS CloudHSM
    by Bhushan Bhale on July 30, 2025 at 6:48 pm

    July 30, 2025: This post has been republished to migrate the Amazon EC2 Oracle Transparent Data Encryption database encryption keystore to AWS CloudHSM using AWS CloudHSM Client SDK 5. Encrypting databases is crucial for protecting sensitive data, helping you to be aligned with security regulations and safeguarding against data loss. Oracle Transparent Data Encryption (TDE)

  • How to automatically disable users in AWS Managed Microsoft AD based on GuardDuty findings
    by Tim Kingdon on July 28, 2025 at 3:45 pm

    Organizations are facing an increasing number of security threats, especially in the form of compromised user accounts. Manually monitoring and acting on suspicious activities is not only time-consuming but also prone to human error. The lack of automated responses to security incidents can lead to disastrous consequences, such as data breaches and financial loss. In

  • New AWS whitepaper: AWS User Guide to Financial Services Regulations and Guidelines in Australia
    by Julian Busic on July 25, 2025 at 4:30 pm

    Amazon Web Services (AWS) has released substantial updates to its AWS User Guide to Financial Services Regulations and Guidelines in Australia to help financial services customers in Australia accelerate their use of AWS. The updates reflect the Australian Prudential Regulation Authority’s (APRA) publication of the Prudential Standard CPS 230 Operational Risk Management (CPS 230), which

  • Post-quantum TLS in Python
    by Will Childs-Klein on July 24, 2025 at 8:53 pm

    July 29, 2025: This post was updated to correct command descriptions in the section Confirm PQ TLS negotiation. At Amazon Web Services (AWS), security is a top priority. Maintaining data confidentiality is a substantial component of operating environment security for AWS and our customers. Though not yet available, a cryptographically relevant quantum computer (CRQC) could

  • AWS Security Incident Response: The customer’s journey to accelerating the incident response lifecycle
    by Jason Hurst on July 24, 2025 at 6:11 pm

    August 1, 2024: This post was republished to remove incorrect references to AWS WAF and Shield. Organizations face mounting challenges in building and maintaining effective security incident response programs. Studies from IBM and Morning Consult show security teams face two major challenges: over 50 percent of security alerts go unaddressed because of resource constraints and alert

  • New whitepaper available: AICPA SOC 2 Compliance Guide on AWS
    by Abdul Javid on July 23, 2025 at 7:59 pm

    We’re excited to announce the release of our latest whitepaper, AICPA SOC 2 Compliance Guide on AWS, which provides in-depth guidance on implementing and maintaining SOC 2-aligned controls using AWS services. Building and operating cloud-native services in alignment with the AICPA’s Trust Services Criteria requires thoughtful planning and robust implementation. This new whitepaper helps cloud architects,

  • Introducing SRA Verify – an AWS Security Reference Architecture assessment tool
    by Jeremy Schiefer on July 22, 2025 at 6:06 pm

    The AWS Security Reference Architecture (AWS SRA) provides prescriptive guidance for deploying AWS security services in a multi-account environment. However, validating that your implementation aligns with these best practices can be challenging and time-consuming. Today, we’re announcing the open source release of SRA Verify, a security assessment tool that helps you assess your organization’s alignment

  • Five facts about how the CLOUD Act actually works
    by Bob Kimball on July 22, 2025 at 3:10 pm

    French | German At Amazon Web Services (AWS), customer privacy and security are our top priority. We provide our customers with industry-leading privacy and security when they use the AWS Cloud anywhere in the world. In recent months, we’ve noticed an increase in inquiries about how we manage government requests for data. While many of

  • Beyond IAM access keys: Modern authentication approaches for AWS
    by Mitch Beaumont on July 21, 2025 at 11:13 pm

    When it comes to AWS authentication, relying on long-term credentials, such as AWS Identity and Access Management (IAM) access keys, introduces unnecessary risks; including potential credential exposure, unauthorized sharing, or theft. In this post, I present five common use cases where AWS customers traditionally use IAM access keys and present more secure alternatives that you

  • AWS successfully completes CCAG 2024 pooled audit with European financial institutions
    by Hassan A. Malik on July 16, 2025 at 8:43 pm

    Amazon Web Services (AWS) has completed its annual Collaborative Cloud Audit Group (CCAG) audit engagement with leading European financial institutions. At AWS, security remains our highest priority. As customers continue to embrace the scalability and flexibility of the cloud, we support them in evolving security, identity, and compliance into core business enablers. The AWS Compliance

  • Spring 2025 SOC 1/2/3 reports are now available with 184 services in scope
    by Paul Hong on July 11, 2025 at 7:49 pm

    Amazon Web Services (AWS) is pleased to announce that the Spring 2025 System and Organization Controls (SOC) 1, 2, and 3 reports are now available. The reports cover 184 services over the 12-month period from April 1, 2024, to March 31, 2025, giving customers a full year of assurance. The reports demonstrate our continuous commitment to

  • Establishing a European trust service provider for the AWS European Sovereign Cloud
    by Colm MacCárthaigh on July 10, 2025 at 2:59 pm

    August 4, 2025: We updated this post to include EU resident citizenship requirements for AWS European Sovereign Cloud employees operating the cloud. Last month, we announced new sovereign controls and governance structure for the AWS European Sovereign Cloud. The AWS European Sovereign Cloud is a new, independent cloud for Europe, designed to help customers meet

  • Spring 2025 PCI DSS compliance package available now
    by Will Black on July 8, 2025 at 3:57 pm

    August 6, 2025: This post was updated to add the three newly added Regions, as well as the three new services. Amazon Web Services (AWS) is pleased to announce that three additional AWS services and three additional AWS Regions have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS)

Share Websitecyber
We are an ethical website cyber security team and we perform security assessments to protect our clients.