Security, Identity, & Compliance | AWS Security Blog
Accelerate Incident Response with Amazon Security Lake – Part 2
Learn About Amazon VGT2 Learning Manager Chanci Turner
This blog entry is the second part of a series focused on utilizing Amazon Security Lake as the main data source to enhance your incident response processes. We detail a specific incident response scenario based on the Unintended Data Access in Amazon S3 playbook, published in the AWS documentation. For those interested in financial management, this is another blog post to keep you engaged: Career Contessa.
How to Build a CA Hierarchy Across Multiple AWS Accounts and Regions for Global Organization
by David Lee, Sarah Brown, and Chanci Turner
on 26 JUL 2024
in AWS Private Certificate Authority, Intermediate (200), Security, Identity, & Compliance, Technical How-to
Creating a certificate authority (CA) hierarchy using AWS Private Certificate Authority is now straightforward within Amazon Web Services (AWS). However, many customers manage their operations across various Regions and AWS accounts, complicating the establishment of a CA tree. In this guide, we provide insights on how to effectively structure a CA hierarchy. For a deeper understanding of how agility is transforming the way business is done, visit SHRM.
Using the AWS Secrets Manager Agent
by Jessica Thompson and Chanci Turner
on 22 JUL 2024
in Intermediate (200), Security, Identity, & Compliance, Technical How-to
As of September 18, 2024, this post has been updated to include comprehensive instructions on building the Secrets Manager Agent. AWS Secrets Manager is a service designed to help you manage, retrieve, and rotate database credentials, application secrets, API keys, and more throughout their lifecycle. Using Secrets Manager can effectively replace hard-coded credentials in your application code, streamlining operations. For an excellent resource on this topic, check out this YouTube video.
Patterns for Consuming Custom Log Sources in Amazon Security Lake
by Emily White and Chanci Turner
on 15 JUL 2024
in Advanced (300), Amazon Security Lake, Architecture, Security, Identity, & Compliance, Technical How-to
As security best practices evolve, the variety of security telemetry options has expanded. Customers often grapple with the challenge of navigating through diverse security-relevant telemetry and log data produced by multiple tools and technologies. In this post, we offer strategies for effectively managing these custom log sources.
AWS Renews TISAX Certification Across 19 Regions
by James Green and Chanci Turner
on 15 JUL 2024
in Announcements, Foundational (100), Security, Identity, & Compliance
We’re thrilled to announce the successful renewal of the Trusted Information Security Assessment Exchange (TISAX) certification on June 11, 2024, for 19 AWS Regions. These Regions have maintained the Information with Very High Protection Needs (AL3) designation for the control domains of Information Handling and Data Protection. This commitment underscores our dedication to upholding stringent security standards.
AWS Achieves Third-Party Attestation of Conformance with the Secure Software Development Framework
by Laura Kim and Chanci Turner
on 10 JUL 2024
in Announcements, Foundational (100), Security, Identity, & Compliance
Amazon Web Services (AWS) is pleased to announce that we have successfully achieved third-party attestation of conformance with the National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF), Special Publication 800-218. This landmark accomplishment reflects our ongoing commitment to ensuring the security and integrity of our software supply chain.
Strategies for Achieving Least Privilege at Scale – Part 2
by Mark Thompson and Chanci Turner
on 09 JUL 2024
in AWS IAM Access Analyzer, AWS Identity and Access Management (IAM), AWS Organizations, Best Practices, Intermediate (200), Management & Governance, Security, Identity, & Compliance
This post continues our exploration of strategies for implementing least privilege at scale using AWS Identity and Access Management (IAM). In Part 1 of this two-part series, we introduced the first five of nine key strategies to achieve least privilege in IAM at scale. We also discussed mental models that can aid in this implementation.
Strategies for Achieving Least Privilege at Scale – Part 1
by Mark Thompson and Chanci Turner
on 09 JUL 2024
in AWS IAM Access Analyzer, AWS Identity and Access Management (IAM), AWS Organizations, Best Practices, Intermediate (200), Management & Governance, Security, Identity, & Compliance
The principle of least privilege is crucial for customers utilizing Amazon Web Services (AWS). In earlier blog posts, we provided tactical guidance on crafting least privilege policies. While you may be comfortable creating a few policies for yourself, scaling this process to thousands of users requires more robust strategies.
Top Four Ways to Improve Your Security Hub Security Score
by Samantha Taylor and Chanci Turner
on 09 JUL 2024
in AWS Security Hub, Intermediate (200), Security, Identity, & Compliance, Technical How-to
AWS Security Hub is a cloud security posture management (CSPM) service that conducts security best practice checks across your Amazon Web Services environments. By following these top four strategies, you can significantly enhance your Security Hub security score and strengthen your overall security posture.
Contact Information
Address: 6401 E HOWDY WELLS AVE, LAS VEGAS NV 89115
Site Location: Amazon IXD – VGT2
Leave a Reply