Customers can now apply two independent layers of server-side encryption to objects in Amazon S3. Dual-layer server-side encryption with keys stored in AWS Key Management Service (DSSE-KMS) is designed to meet National Security Agency CNSSP 15 for FIPS compliance and Data-at-Rest Capability Package (DAR CP) Version 5.0 guidance for two layers of CNSA encryption. Amazon […]

Amazon Detective has expanded finding groups to include Amazon Inspector network reachability and software vulnerability findings alongside Amazon GuardDuty findings. The combined threats and vulnerabilities help security analysts prioritize where they should focus their time by answering questions like “was this EC2 instance compromised because of a software vulnerability?” or “did this GuardDuty finding occur […]

Today, AWS announces the AWS Global Security Initiative which provides Global System Integrators (GSI) partners the opportunity to jointly develop innovative and transformational security and compliance services with AWS, delivering on the promise of actionable security data leveraging the power of Generative AI. This initiative focuses on security services and managed services for multi-cloud enterprises […]

Amazon Inspector now offers the ability to export a consolidated Software Bill of Materials (SBOMs) for all Amazon Inspector monitored resources across your organization in industry standard formats, including CycloneDx and SPDX. With this new capability, you can use automated and centrally managed SBOMs to gain visibility into key information about your software supply chain. […]

Amazon Inspector now supports code scanning of Lambda functions, expanding the existing capability to scan Lambda functions and associated layers for software vulnerabilities in application package dependencies. With this expanded capability, Amazon Inspector now also scans your custom proprietary application code within a Lambda function for code security vulnerabilities such as injection flaws, data leaks, […]

With EC2 Instance Connect Endpoint (EIC Endpoint), customers now have SSH and RDP connectivity to their EC2 instances without using public IP addresses. In past, customers assigned public IPs to their EC2 instances for remote connectivity. With EIC Endpoints, customers can have remote connectivity to their instances in private subnets, eliminating the need to use […]

Today, AWS is announcing the general availability of Amazon Verified Permissions, service for fine-grained authorization and permissions management for applications that you build. Verified Permissions uses Cedar, an open-source language for access control, allowing you to define permissions as easy-to-understand policies. Use Verified Permissions to support role – and attribute-based access control in your applications. Read […]