Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cloud Security

AWS Announces Enhancements to Cloud Security, Privacy, Compliance

Amazon Web Services (AWS) is hosting its re:Inforce 2022 conference these days and the cloud giant has taken the opportunity to unveil several enhancements to its security offerings.

Amazon Web Services (AWS) is hosting its re:Inforce 2022 conference these days and the cloud giant has taken the opportunity to unveil several enhancements to its security offerings.

AWS has announced a new Customer Incident Response Team (CIRT), whose goal is to provide assistance to customers during active security events that impact systems and data for which the customer is responsible. The AWS CIRT can be contacted by opening a support case.

The company has also announced that its Amazon GuardDuty threat detection service for AWS accounts and workloads will now have the ability to detect malware. If the Malware Protection feature is enabled, a malware scan is launched whenever suspicious activity is detected in EC2 instances or container workloads.AWS security announcements

Findings from the Malware Protection system are also sent to the AWS Security Hub in an effort to make it easier for organizations to investigate incidents and take action. Results are also integrated with Amazon EventBridge and Amazon Detective.

Amazon Detective, a managed service for analyzing security issues, now supports Kubernetes workloads running on Amazon EKS. When the feature is enabled, EKS audit logs are automatically sent to Detective for security investigations.

In addition, Amazon Macie, a fully managed data security and privacy service, now has a capability that allows users to easily retrieve up to 10 examples of sensitive data found in Amazon S3 objects. The captured data is encrypted and only available temporarily.

Also at re:Inforce, the company launched the preview of AWS Wickr, an enterprise-grade secure collaboration product that provides end-to-end encrypted messaging, file transfer, screen sharding, and voice and video conferencing capabilities. AWS Wickr, available at no cost during the preview period, provides functionality such as content expiration, perfect forward secrecy, message recall and delete, and administrative controls to support information governance and compliance. AWS acquired Wickr last year.

Also for compliance purposes, AWS announced that Config conformance packs now provide scores to help organizations track resource compliance.

AWS also announced that its Single Sign-On (SSO) service is now called AWS IAM Identity Center. The service’s name has been changed, but its technical capabilities remain the same.

Advertisement. Scroll to continue reading.

AWS partners

The cloud computing giant has made several announcements related to partners. This includes the preview version of AWS Marketplace Vendor Insights, whose goal is to streamline third-party risk assessments by allowing sellers to make security and compliance information available on the AWS Marketplace.

AWS has also introduced new categories for Security Competency partners. Eight new categories have been added, including identity and access management (IAM), threat detection and response, infrastructure protection, data protection, compliance and privacy, application security, perimeter protection, and core security. More than 40 security partners have offerings in these categories.

In addition, the company has announced specialization categories for AWS Level 1 MSSP Competency, whose goal is to provide a baseline standard for organizations looking for a managed security service provider (MSSP). The new specialization categories should make it even easier for customers to find the right solution provider.

There are over a dozen competency specialization partners across modern compute, identity behavior monitoring, managed application security testing, data privacy event management, digital forensics incident response, and business continuity and ransomware readiness categories.

Related: Details Published on AWS Flaws Leading to Data Leaks

Related: Serious Vulnerabilities Found in AWS’s Log4Shell Hot Patches

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this event as we dive into threat hunting tools and frameworks, and explore value of threat intelligence data in the defender’s security stack.

Register

Learn how integrating BAS and Automated Penetration Testing empowers security teams to quickly identify and validate threats, enabling prompt response and remediation.

Register

People on the Move

Threat intelligence firm Team Cymru has appointed Joe Sander as its Chief Executive Officer.

Madhu Gottumukkala has been named Deputy Director of the cybersecurity agency CISA.

Wendi Whitmore has taken the role of Chief Security Intelligence Officer at Palo Alto Networks.

More People On The Move

Expert Insights

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.