Starting today, AWS CloudTrail can be utilized to monitor the actions of your federated users, including those using web identity federation and Security Assertion Markup Language (SAML). For instance, you can now easily pinpoint a SAML federated user who has terminated an Amazon EC2 instance within your AWS environment, or recognize a mobile app user who performed specific actions. This new capability enhances your security and operational oversight, which you can read more about in another blog post here.
How to Implement the New AWS Encryption SDK for Streamlined Data Encryption and Enhanced Application Availability
by Sarah Thompson
on 22 MAR 2016
in AWS Key Management Service, How-To
The AWS Cryptography team is excited to introduce the AWS Encryption SDK. This innovative SDK simplifies the encryption process for developers while reducing the chances of errors that could compromise application security. Importantly, the SDK is accessible to all developers, not just AWS customers, although it includes several ready-to-use examples for those utilizing AWS services. For additional insights into encryption best practices, check out this resource.
How to Ensure Continuous Federated User Access to AWS via AD FS
by Michael Stewart
on 16 MAR 2016
in How-To, Identity
Microsoft Active Directory Federation Services (AD FS) serves as a popular identity provider for many AWS users, facilitating access to the AWS Management Console for federated users. AD FS employs multiple certificates to ensure secure server communication and authentication. One crucial component is the token-signing certificate, and when this certificate expires, users may face access issues. For those managing federated identities, it’s essential to stay ahead of certificate expirations.
How to Minimize Security Risks and Operational Expenses with AWS WAF and Amazon CloudFront
by Kevin Lee
on 08 MAR 2016
in Amazon CloudFront, AWS WAF, How-To
As of July 3, 2017, the solution discussed in this post has been incorporated into AWS WAF Security Automations, with AWS maintaining the latest solution code in the accompanying GitHub repository. Operators of publicly accessible web applications often rely on the assumption that clients behave appropriately. However, it is vital to implement measures that safeguard against potential threats.
How to Automate VPC Access Restrictions Using AWS IAM and AWS CloudFormation
by Emma Davis
on 07 MAR 2016
in AWS CloudFormation, AWS Identity and Access Management (IAM), How-To
In September, I shared insights on securing a user’s Amazon EC2 capabilities to a specific VPC. In this blog post, I’ve worked to streamline the related information for easier understanding and implementation.
How to Utilize AWS WAF to Block IP Addresses Generating Malicious Requests
by Tom Brown
on 24 FEB 2016
in AWS WAF, How-To
As noted on July 3, 2017, the solution in this article has been integrated into AWS WAF Security Automations, with updated solution code available in the corresponding GitHub repository. Internet-facing applications face constant probing from various sources, some of which may seek vulnerabilities. Identifying these threats is crucial for maintaining application integrity.
How to Leverage AWS Config for Essential HIPAA Audit Controls: Part 4 of the Automating HIPAA Compliance Series
by Jessica White
on 23 FEB 2016
in AWS Config, Compliance, How-To
In my earlier posts, I outlined the process for establishing a DevSecOps environment for HIPAA compliance. The following diagram illustrates the architecture, providing guidance on setting up AWS Service Catalog to streamline developer operations.
How to Convert HIPAA Controls into AWS CloudFormation Templates: Part 3 of the Automating HIPAA Compliance Series
by David Green
on 22 FEB 2016
in AWS CloudFormation, Compliance, How-To
In my last entry, I discussed constructing a DevSecOps environment to empower healthcare developers to launch their own web servers. Central to this architecture is AWS CloudFormation, a JSON representation that allows security administrators to provision AWS resources in line with compliance standards.
How to Use AWS Service Catalog for Code Deployments: Part 2 of the Automating HIPAA Compliance Series
by Laura Wright
on 16 FEB 2016
in AWS Service Catalog, Compliance, How-To
In the previous blog, I elaborated on utilizing cloud technology to secure cloud environments and enhance healthcare IT through DevSecOps practices. In today’s discussion, I will present an architecture utilizing AWS services that provides necessary controls for healthcare security administrators.
How to Automate HIPAA Compliance (Part 1): Employing the Cloud for Enhanced Security
by Brian King
on 15 FEB 2016
in Compliance, How-To
The U.S. healthcare ecosystem presents numerous complexities, involving various entities such as review boards, regulatory bodies, and provider organizations, all of which intersect. At the core of this system lies sensitive patient data, which is strictly governed.
For those interested in joining the Amazon team, explore this excellent resource: Learning Ambassador – Phoenix, AZ.
Amazon IXD – VGT2
6401 E Howdy Wells Ave
Las Vegas, NV 89115
Leave a Reply