2023-02-11 03:08   Updated ebook: Protecting your AWS environment from ransomware    #AWS Security Blog #安全文章 Amazon Web Services is excited to announce that we’ve updated the AWS ebook, Protecting your AWS environment from ransomware. The new ebook includes the top 10 best practices for ransomware protection and covers new services and features that have been released since the original published date in A

2023-02-10 04:32   Improve security of Amazon RDS master database credentials using AWS Secrets Manager    #AWS Security Blog #安全文章 Amazon Relational Database Service (Amazon RDS) makes it simpler to set up, operate, and scale a relational database in the AWS Cloud. AWS Secrets Manager helps you manage, retrieve, and rotate database credentials, API keys, and other secrets. Amazon RDS now offer

2023-02-07 02:07   The anatomy of ransomware event targeting data residing in Amazon S3    #AWS Security Blog #安全文章 Ransomware events have significantly increased over the past several years and captured worldwide attention. Traditional ransomware events affect mostly infrastructure resources like servers, databases, and connected file systems. However, there are also non-traditional events that you may not be as

2023-02-01 04:12   Define a custom session duration and terminate active sessions in IAM Identity Center    #AWS Security Blog #安全文章 Managing access to accounts and applications requires a balance between delivering simple, convenient access and managing the risks associated with active user sessions. Based on your organization’s needs, you might want to make it simple for end users to sign in and to operate long enough to get th

2023-02-01 02:33   How to set up ongoing replication from your third-party secrets manager to AWS Secrets Manager    #AWS Security Blog #安全文章 Secrets managers are a great tool to securely store your secrets and provide access to secret material to a set of individuals, applications, or systems that you trust. Across your environments, you might have multiple secrets managers hosted on different providers, which can increase the complexity

2023-01-31 04:14   Reduce risk by implementing HttpOnly cookie authentication in Amazon API Gateway    #AWS Security Blog #安全文章 Some web applications need to protect their authentication tokens or session IDs from cross-site scripting (XSS). It’s an Open Web Application Security Project (OWASP) best practice for session management to store secrets in the browsers’ cookie store with the HttpOnly attribute enabled. When cookie

2023-01-31 02:47   AWS achieves ISO 20000-1:2018 certification for 109 services    #AWS Security Blog #安全文章 We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that AWS Regions and AWS Edge locations are now certified by the International Organization for Standardization (ISO) 20000-1:2018 standard. This certification demonstrates our continuo

2023-01-27 02:13   Visualize AWS WAF logs with an Amazon CloudWatch dashboard    #AWS Security Blog #安全文章 AWS WAF is a web application firewall service that helps you protect your applications from common exploits that could affect your application’s availability and your security posture. One of the most useful ways to detect and respond to malicious web activity is to collect and analyze AWS WAF logs.

2023-01-26 05:59   How to run AWS CloudHSM workloads in container environments    #AWS Security Blog #安全文章 January 25, 2023: We updated this post to reflect the fact that CloudHSM SDK3 does not support serverless environments and we strongly recommend deploying SDK5. AWS CloudHSM provides hardware security modules (HSMs) in the AWS Cloud. With CloudHSM, you can generate and use your own encryption keys i

2023-01-26 05:11   United Arab Emirates IAR compliance assessment report is now available with 58 services in scope    #AWS Security Blog #安全文章 Amazon Web Services (AWS) is pleased to announce the publication of our compliance assessment report on the Information Assurance Regulation (IAR) established by the Telecommunications and Digital Government Regulatory Authority (TDRA) of the United Arab Emirates. The report covers the AWS Middle Ea

2023-01-26 01:34   How to improve security incident investigations using Amazon Detective finding groups    #AWS Security Blog #安全文章 Uncovering the root cause of an Amazon GuardDuty finding can be a complex task, requiring security operations center (SOC) analysts to collect a variety of logs, correlate information across logs, and determine the full scope of affected resources. Sometimes you need to do this type of in-depth anal

2023-01-25 08:31   Deploy a dashboard for AWS WAF with minimal effort    #AWS Security Blog #安全文章 January 24, 2023: This post was republished to update the code, architecture, and narrative. September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. In this post, we’ll show you how to deploy a solution in your Amazon Web Services (AWS) account tha

2023-01-24 02:22   AWS CloudHSM is now PCI PIN certified    #AWS Security Blog #安全文章 Amazon Web Services (AWS) is pleased to announce that AWS CloudHSM is certified for Payment Card Industry Personal Identification Number (PCI PIN) version 3.1. With CloudHSM, you can manage and access your keys on FIPS 140-2 Level 3 certified hardware, protected with customer-owned, single-tena

2023-01-20 04:31   Use AWS WAF CAPTCHA to protect your application against common bot traffic    #AWS Security Blog #安全文章 In this blog post, you’ll learn how you can use a Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA) with other AWS WAF controls as part of a layered approach to provide comprehensive protection against bot traffic. We’ll describe a workflow that tracks the number o

2023-01-20 00:30   Fall 2022 SOC reports now available in Spanish    #AWS Security Blog #安全文章 Spanish version >> We continue to listen to our customers, regulators, and stakeholders to understand their needs regarding audit, assurance, certification, and attestation programs at Amazon Web Services (AWS). We are pleased to announce that Fall 2022 System and Organization Controls (SOC) 1