AWS adds passkey multi-factor authentication (MFA) for root and IAM users

Security is our top priority at Amazon Web Services (AWS), and today, we’re launching two capabilities to help you strengthen the security posture of your AWS accounts: First, we’re adding passkeys to the list of supported multi-factor authentication (MFA) for your root and AWS Identity and Access Management (IAM) users. Second, we started to enforce MFA Read more about AWS adds passkey multi-factor authentication (MFA) for root and IAM users[…]

AWS Weekly Roundup — Claude 3 Haiku in Amazon Bedrock, AWS CloudFormation optimizations, and more — March 18, 2024

Storage, storage, storage! Last week, we celebrated 18 years of innovation on Amazon Simple Storage Service (Amazon S3) at AWS Pi Day 2024. Amazon S3 mascot Buckets joined the celebrations and had a ton of fun! The 4-hour live stream was packed with puns, pie recipes powered by PartyRock, demos, code, and discussions about generative Read more about AWS Weekly Roundup — Claude 3 Haiku in Amazon Bedrock, AWS CloudFormation optimizations, and more — March 18, 2024[…]

Collaboration is Key – Making the Open-Source Community Safer for Developers

Who is Sonar? Sonar is a code quality and security tool that helps developers write Clean Code. Sonar analyzes code for issues that lead to unreliable, unmaintainable, and insecure software at two points in the development lifecycle – first, when the developer initially writes code in the IDE with SonarLint and, again, as part of Read more about Collaboration is Key – Making the Open-Source Community Safer for Developers[…]

DNS over HTTPS is now available in Amazon Route 53 Resolver

Starting today, Amazon Route 53 Resolver supports using the DNS over HTTPS (DoH) protocol for both inbound and outbound Resolver endpoints. As the name suggests, DoH supports HTTP or HTTP/2 over TLS to encrypt the data exchanged for Domain Name System (DNS) resolutions. Using TLS encryption, DoH increases privacy and security by preventing eavesdropping and Read more about DNS over HTTPS is now available in Amazon Route 53 Resolver[…]

Summer Internship in Jenkins security

Context Jenkins is an open-source CI/CD solution that is extensible with a wide range of plugins that can be installed using the Jenkins plugin distribution repository or via manual installation. This extensibility is a powerful feature of Jenkins, but it is a critical aspect that has to be secured to avoid risks and vulnerabilities that Read more about Summer Internship in Jenkins security[…]

New – Simplify the Investigation of AWS Security Findings with Amazon Detective

With Amazon Detective, you can analyze and visualize security data to investigate potential security issues. Detective collects and analyzes events that describe IP traffic, AWS management operations, and malicious or unauthorized activity from AWS CloudTrail logs, Amazon Virtual Private Cloud (Amazon VPC) Flow Logs, Amazon GuardDuty findings, and, since last year, Amazon Elastic Kubernetes Service Read more about New – Simplify the Investigation of AWS Security Findings with Amazon Detective[…]

Amazon S3 Encrypts New Objects By Default

At AWS, security is job zero. Starting today, Amazon Simple Storage Service (Amazon S3) encrypts all new objects by default. Now, S3 automatically applies server-side encryption (SSE-S3) for each new object, unless you specify a different encryption option. SSE-S3 was first launched in 2011. As Jeff wrote at the time: “Amazon S3 server-side encryption handles Read more about Amazon S3 Encrypts New Objects By Default[…]

Fortinet FortiCNP – Now Available in AWS Marketplace

When I first started to talk about AWS in front of IT professionals, they would always listen intently and ask great questions. Invariably, a seasoned pro would raise there hand and ask “This all sounds great, but have you thought about security?” Of course we had, and for a while I would describe our principal Read more about Fortinet FortiCNP – Now Available in AWS Marketplace[…]

New for Amazon GuardDuty – Malware Detection for Amazon EBS Volumes

With Amazon GuardDuty, you can monitor your AWS accounts and workloads to detect malicious activity. Today, we are adding to GuardDuty the capability to detect malware. Malware is malicious software that is used to compromise workloads, repurpose resources, or gain unauthorized access to data. When you have GuardDuty Malware Protection enabled, a malware scan is Read more about New for Amazon GuardDuty – Malware Detection for Amazon EBS Volumes[…]

Amazon EC2 Now Supports NitroTPM and UEFI Secure Boot

In computing, Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. There are three key advantages of using TPM technology. First, you can generate, store, and control access to encryption keys outside of the operating system. Second, Read more about Amazon EC2 Now Supports NitroTPM and UEFI Secure Boot[…]