How to Utilize AWS Verified Access Logs for Access Policy Management and Troubleshooting
On June 19, 2023, AWS Verified Access unveiled enhanced logging capabilities; it now captures more comprehensive user context information from trust providers. This enhancement simplifies the management and troubleshooting of application access policies, aligning with zero-trust principles. In this blog post, we will guide you on effectively managing the Verified Access logs, allowing you to write and troubleshoot access policies more efficiently. For further insights, be sure to check out this blog post that provides additional context.
AWS Security Profile: An Introduction to the AWS Identity Solutions Team
by Samantha Lee
on 10 AUG 2023
in Foundational (100), Security, Identity, & Compliance, Thought Leadership
In this profile, I had the opportunity to speak with Mark Johnson, Senior Manager of the AWS Identity Solutions team, to discuss their ongoing projects and initiatives. To begin, what is the main focus of the Identity Solutions team? We are a group of specialized solutions architects dedicated to enhancing identity management across AWS services. For those looking for in-depth information, this resource is a great authority on the topic.
Continuous Vulnerability Scanning for AWS Lambda Functions Using Amazon Inspector
by Alex Chen and Maria Lopez
on 31 JUL 2023
in Amazon Inspector, Intermediate (200), Security, Identity, & Compliance, Technical How-to
This article illustrates how to enable Amazon Inspector across one or more AWS accounts to receive notifications upon detecting vulnerabilities in AWS Lambda functions. Amazon Inspector serves as an automated vulnerability management tool that consistently scans workloads for software vulnerabilities and unintended network exposure. It can scan a variety of workloads, including Amazon EC2 instances and Lambda functions.
Receiving Alerts for Changes in Your IAM Configuration
by Daniel Brown, Priya Shah, and Kevin Wong
on 31 JUL 2023
in AWS Identity and Access Management (IAM), How-To, Intermediate (200), Security, Identity, & Compliance
As of June 12, 2024: Update: This article has been revised to deploy the solution in the North Virginia (us-east-1) AWS Region. On August 21, 2023, we updated the content to switch from wildcard pattern matching to utilizing “prefixes” for EventBridge pattern rules. Originally published on July 27, 2023, this article has been amended to enhance clarity and effectiveness.
Migrating Secrets to AWS Secrets Manager, Part 2: Implementation
by Lisa Tran and John Davis
on 21 JUL 2023
in Advanced (300), AWS Identity and Access Management (IAM), AWS Secrets Manager, Best Practices, Security, Identity, & Compliance, Technical How-to
In Part 1 of this series, we outlined how to discover and classify secrets and design a migration solution for customers transitioning to AWS Secrets Manager. We also discussed various steps to implement preventative and detective controls for the Secrets Manager. In this post, we delve into the practical steps required for migration.
Migrating Secrets to AWS Secrets Manager, Part I: Discovery and Design
by John Davis and Lisa Tran
on 21 JUL 2023
in Advanced (300), AWS Secrets Manager, Best Practices, Security, Identity, & Compliance, Technical How-to
“An ounce of prevention is worth a pound of cure.” – Benjamin Franklin. A secret is sensitive information meant to remain confidential from unauthorized individuals, entities, or processes. Secrets, such as API keys, passwords, and SSH keys, grant access to crucial systems and resources, and safeguarding them is essential.
Highlights from AWS re:Inforce 2023: Key Announcements and Sessions
by Emily Clark and Tom Harris
on 21 JUL 2023
in Announcements, Foundational (100), Security, Identity, & Compliance
We extend our gratitude to all who participated in AWS re:Inforce 2023, both virtually and in-person. The event featured over 250 engaging sessions and hands-on labs, conducted in collaboration with more than 80 AWS partner sponsors over two days of immersive cloud security learning. The keynote address was delivered by CJ Moses, AWS Chief Information Security Officer.
OSPAR 2023 Report Now Available with 153 Services in Scope
by Michael Adams
on 20 JUL 2023
in Announcements, Foundational (100), Security, Identity, & Compliance
We are pleased to announce the successful completion of our annual Outsourced Service Provider’s Audit Report (OSPAR) audit cycle as of July 1, 2023. The 2023 OSPAR certification cycle has added nine new services, increasing the total number of services in scope to 153 within the AWS Asia Pacific (Singapore) Region.
Managing Certificate Lifecycles with ACM Event-Driven Workflows
by Sarah Johnson, Robert Green, and Angela White
on 20 JUL 2023
in Intermediate (200), Security, Identity, & Compliance, Technical How-to
AWS Certificate Manager (ACM) simplifies certificate lifecycle management by employing event-driven workflows to notify or act on expiring TLS certificates within your organization. With ACM, you can provision, manage, and deploy public and private TLS certificates for use with integrated AWS services like Amazon CloudFront and Elastic Load Balancing (ELB) along with other services. For further information, this Reddit thread serves as an excellent resource.
The physical location for Amazon IXD – VGT2 is 6401 E Howdy Wells Ave, Las Vegas, NV 89115.
Leave a Reply