AWS Weekly Roundup — Claude 3 Haiku in Amazon Bedrock, AWS CloudFormation optimizations, and more — March 18, 2024

Publicada el marzo 18, 2024 por Stack Over Cloud

Storage, storage, storage! Last week, we celebrated 18 years of innovation on Amazon Simple Storage Service (Amazon S3) at AWS Pi Day 2024. Amazon S3 mascot Buckets joined the celebrations and had a ton of fun! The 4-hour live stream was packed with puns, pie recipes powered by PartyRock, demos, code, and discussions about generative Read more about AWS Weekly Roundup — Claude 3 Haiku in Amazon Bedrock, AWS CloudFormation optimizations, and more — March 18, 2024[…]

Collaboration is Key – Making the Open-Source Community Safer for Developers

Publicada el enero 26, 2024 por Stack Over Cloud

Who is Sonar? Sonar is a code quality and security tool that helps developers write Clean Code. Sonar analyzes code for issues that lead to unreliable, unmaintainable, and insecure software at two points in the development lifecycle – first, when the developer initially writes code in the IDE with SonarLint and, again, as part of Read more about Collaboration is Key – Making the Open-Source Community Safer for Developers[…]

DNS over HTTPS is now available in Amazon Route 53 Resolver

Publicada el diciembre 20, 2023 por Stack Over Cloud

Starting today, Amazon Route 53 Resolver supports using the DNS over HTTPS (DoH) protocol for both inbound and outbound Resolver endpoints. As the name suggests, DoH supports HTTP or HTTP/2 over TLS to encrypt the data exchanged for Domain Name System (DNS) resolutions. Using TLS encryption, DoH increases privacy and security by preventing eavesdropping and Read more about DNS over HTTPS is now available in Amazon Route 53 Resolver[…]

Summer Internship in Jenkins security

Publicada el agosto 24, 2023 por Stack Over Cloud

Context Jenkins is an open-source CI/CD solution that is extensible with a wide range of plugins that can be installed using the Jenkins plugin distribution repository or via manual installation. This extensibility is a powerful feature of Jenkins, but it is a critical aspect that has to be secured to avoid risks and vulnerabilities that Read more about Summer Internship in Jenkins security[…]

New – Simplify the Investigation of AWS Security Findings with Amazon Detective

Publicada el mayo 18, 2023 por Stack Over Cloud

With Amazon Detective, you can analyze and visualize security data to investigate potential security issues. Detective collects and analyzes events that describe IP traffic, AWS management operations, and malicious or unauthorized activity from AWS CloudTrail logs, Amazon Virtual Private Cloud (Amazon VPC) Flow Logs, Amazon GuardDuty findings, and, since last year, Amazon Elastic Kubernetes Service Read more about New – Simplify the Investigation of AWS Security Findings with Amazon Detective[…]

Amazon S3 Encrypts New Objects By Default

Publicada el enero 5, 2023 por Stack Over Cloud

At AWS, security is job zero. Starting today, Amazon Simple Storage Service (Amazon S3) encrypts all new objects by default. Now, S3 automatically applies server-side encryption (SSE-S3) for each new object, unless you specify a different encryption option. SSE-S3 was first launched in 2011. As Jeff wrote at the time: “Amazon S3 server-side encryption handles Read more about Amazon S3 Encrypts New Objects By Default[…]

Fortinet FortiCNP – Now Available in AWS Marketplace

Publicada el julio 27, 2022 por Stack Over Cloud

When I first started to talk about AWS in front of IT professionals, they would always listen intently and ask great questions. Invariably, a seasoned pro would raise there hand and ask “This all sounds great, but have you thought about security?” Of course we had, and for a while I would describe our principal Read more about Fortinet FortiCNP – Now Available in AWS Marketplace[…]

New for Amazon GuardDuty – Malware Detection for Amazon EBS Volumes

Publicada el julio 26, 2022 por Stack Over Cloud

With Amazon GuardDuty, you can monitor your AWS accounts and workloads to detect malicious activity. Today, we are adding to GuardDuty the capability to detect malware. Malware is malicious software that is used to compromise workloads, repurpose resources, or gain unauthorized access to data. When you have GuardDuty Malware Protection enabled, a malware scan is Read more about New for Amazon GuardDuty – Malware Detection for Amazon EBS Volumes[…]

Amazon EC2 Now Supports NitroTPM and UEFI Secure Boot

Publicada el mayo 11, 2022 por Stack Over Cloud

In computing, Trusted Platform Module (TPM) technology is designed to provide hardware-based, security-related functions. A TPM chip is a secure crypto-processor that is designed to carry out cryptographic operations. There are three key advantages of using TPM technology. First, you can generate, store, and control access to encryption keys outside of the operating system. Second, Read more about Amazon EC2 Now Supports NitroTPM and UEFI Secure Boot[…]

Spring Framework RCE, CVE-2022-22965

Publicada el abril 1, 2022 por Stack Over Cloud

A remote code execution vulnerability has been identified in the Spring Framework. This vulnerability is identified as CVE-2022-22965. Spring officially reacted early in an early announcement. Spring4Shell in Jenkins Core and Plugins The Jenkins security team has confirmed that the Spring vulnerability is not affecting Jenkins Core. There is no impact because we are using Read more about Spring Framework RCE, CVE-2022-22965[…]