AWS made several security-related announcements at its re:Inforce conference this week, including ones involving identity and malware protection services.
The cloud giant informed customers about passkeys being added to the list of supported multi-factor authentication (MFA) mechanisms for root and Identity and Access Management (IAM) users.
The company also started enforcing MFA on root users, particularly AWS Organization management account users.
“You can use the built-in authenticators in your phones and laptops to unlock a cryptographically secured credential to your AWS sign-in experience,” AWS said. “And when using a cloud service to store the passkey (such as iCloud keychain, Google accounts, or 1Password), the passkey can be accessed from any of your devices connected to your passkey provider account. This helps you to recover your passkey in the unfortunate case of losing a device.”
A different identity-related announcement concerns IAM Access Analyzer, which now benefits from custom policy checks to detect policies that grant access to critical AWS resources or grant any type of public access.
In addition, AWS has introduced guided revocation. IAM Access Analyzer users are provided guidance that they can share with developers to revoke permissions which grant access that is not actually needed.
AWS also announced the general availability of Amazon GuardDuty Malware Protection for the Amazon S3 service, which enables the detection of malicious files in S3 buckets. Until now, GuardDuty Malware Protection provided agentless scanning capabilities on Amazon EBS volumes attached to EC2 and container workloads.
The company also unveiled the preview version of natural language query generation in AWS CloudTrail Lake. The new feature uses gen-AI to enable customers to analyze CloudTrail logs to ensure that compliance, security and operational requirements are met.
AWS informed customers this week that in early 2025 Taiwan will get its own region to give customers the ability to run workloads and store data that cannot leave the country.
Related: Inside AWS’s Crusade Against IP Spoofing and DDoS Attacks
Related: Vulnerability Allowed Takeover of AWS Apache Airflow Service
Related: AWS Using MadPot Decoy System to Disrupt APTs, Botnets
