Amazon Web Services (AWS) is hosting its re:Inforce 2022 conference these days and the cloud giant has taken the opportunity to unveil several enhancements to its security offerings.
AWS has announced a new Customer Incident Response Team (CIRT), whose goal is to provide assistance to customers during active security events that impact systems and data for which the customer is responsible. The AWS CIRT can be contacted by opening a support case.
The company has also announced that its Amazon GuardDuty threat detection service for AWS accounts and workloads will now have the ability to detect malware. If the Malware Protection feature is enabled, a malware scan is launched whenever suspicious activity is detected in EC2 instances or container workloads.
Findings from the Malware Protection system are also sent to the AWS Security Hub in an effort to make it easier for organizations to investigate incidents and take action. Results are also integrated with Amazon EventBridge and Amazon Detective.
Amazon Detective, a managed service for analyzing security issues, now supports Kubernetes workloads running on Amazon EKS. When the feature is enabled, EKS audit logs are automatically sent to Detective for security investigations.
In addition, Amazon Macie, a fully managed data security and privacy service, now has a capability that allows users to easily retrieve up to 10 examples of sensitive data found in Amazon S3 objects. The captured data is encrypted and only available temporarily.
Also at re:Inforce, the company launched the preview of AWS Wickr, an enterprise-grade secure collaboration product that provides end-to-end encrypted messaging, file transfer, screen sharding, and voice and video conferencing capabilities. AWS Wickr, available at no cost during the preview period, provides functionality such as content expiration, perfect forward secrecy, message recall and delete, and administrative controls to support information governance and compliance. AWS acquired Wickr last year.
Also for compliance purposes, AWS announced that Config conformance packs now provide scores to help organizations track resource compliance.
AWS also announced that its Single Sign-On (SSO) service is now called AWS IAM Identity Center. The service’s name has been changed, but its technical capabilities remain the same.
AWS partners
The cloud computing giant has made several announcements related to partners. This includes the preview version of AWS Marketplace Vendor Insights, whose goal is to streamline third-party risk assessments by allowing sellers to make security and compliance information available on the AWS Marketplace.
AWS has also introduced new categories for Security Competency partners. Eight new categories have been added, including identity and access management (IAM), threat detection and response, infrastructure protection, data protection, compliance and privacy, application security, perimeter protection, and core security. More than 40 security partners have offerings in these categories.
In addition, the company has announced specialization categories for AWS Level 1 MSSP Competency, whose goal is to provide a baseline standard for organizations looking for a managed security service provider (MSSP). The new specialization categories should make it even easier for customers to find the right solution provider.
There are over a dozen competency specialization partners across modern compute, identity behavior monitoring, managed application security testing, data privacy event management, digital forensics incident response, and business continuity and ransomware readiness categories.
Related: Details Published on AWS Flaws Leading to Data Leaks
Related: Serious Vulnerabilities Found in AWS’s Log4Shell Hot Patches
