Securing open proxies in your AWS environment
This article shows you how to identify and secure open proxies in your AWS environment to prevent abuse, protect your IP address reputation, and control cost...
AWS Security Blog
17 articles
Security posture improvement in the AI era
It’s only been a few weeks since Anthropic announced the Claude Mythos Preview model and launched Project Glasswing with AWS and other leading organizations....
Announcing the ISO 31000:2018 Risk Management on AWS Compliance Guide
AWS Security Assurance Services is announcing the release of our latest compliance guide, ISO 31000:2018 Risk Management on AWS, which provides practical gui...
Designing trust and safety into Amazon Bedrock powered applications
Generative AI brings promising innovation, transforming how individuals and organizations approach everything from customer service to content creation and m...
What the March 2026 Threat Technique Catalog update means for your AWS environment
The AWS Customer Incident Response Team (AWS CIRT) regularly encounters patterns that repeat across their engagements when helping customers respond to secur...
Access control with IAM Identity Center session tags
As organizations expand their Amazon Web Services (AWS) footprint, managing secure, scalable, and cost-efficient access across multiple accounts becomes incr...
Optimize security operations through an AWS Security Hub POC
April 27, 2026: This post was first published in September 2025 when the enhanced AWS Security Hub was in public preview. It has since been updated to reflec...
Can I do that with policy? Understanding the AWS Service Authorization Reference
Understanding what AWS Identity and Access Management (IAM) policies can control helps you build better security controls and avoid spending time on approach...
Protecting your secrets from tomorrow’s quantum risks
As outlined in the AWS post-quantum cryptography (PQC) migration plan, addressing the risk of harvest now, decrypt later (HNDL) attack is an important part o...
A technical walkthrough of multicloud full-stack security using AWS Security Hub Extended
Building on our recent announcement of AWS Security Hub Extended —our full-stack enterprise security offering — we want to show you how we’re simplifying sec...
Winter 2025 SOC 1 report is now available with 184 services in scope
Amazon Web Services (AWS) is pleased to announce that the Winter 2025 System and Organization Controls (SOC) 1 report is now available. The report covers 184...
How to clone an AWS CloudHSM cluster across Regions
Important: As of January 1, 2025, Client SDK 3 tools (CMU and KMU) are no longer supported. This guide has been updated to use Client SDK 5 commands exclusiv...
Transform security logs into OCSF format using a configuration-driven ETL solution
Security logs capture essential security-related activities, such as user sign-ins, file access, network traffic, and application usage. These logs are impor...
Secure AI agent access patterns to AWS resources using Model Context Protocol
AI agents and coding assistants interact with AWS resources through the Model Context Protocol (MCP). Unlike traditional applications with deterministic code...
A framework for securely collecting forensic artifacts into S3 buckets
When customers experience a security incident, they need to acquire forensic artifacts to identify root cause, extract indicators of compromise (IoCs), and v...
Building AI defenses at scale: Before the threats emerge
At AWS, we’ve spent decades developing processes and tools that enable us to defend millions of customers simultaneously, wherever they operate around the wo...
Introducing the Landing Zone Accelerator on AWS Universal Configuration and LZA Compliance Workbook
November 20, 2025: Original publication date of this post. This post has been updated to reference the most recent version of the LZA Compliance Workbook pub...