Security Experts:

Connect with us

Hi, what are you looking for?


Cloud Security

AWS Unveils New Security Services and Capabilities

Amazon Web Services (AWS) has expanded its portfolio with three new services and capabilities meant to help organizations build and operate securely in the cloud.

Amazon Web Services (AWS) has expanded its portfolio with three new services and capabilities meant to help organizations build and operate securely in the cloud.

With the new Amazon Detective, customers can increase efficiency when investigating incidents across workloads. Currently available in preview, the service leverages machine learning, statistical analysis, and graph theory.

Once enabled in the AWS Management Console, Amazon Detective taps into data from AWS CloudTrail and Amazon Virtual Private Cloud (VPC) Flow Logs to summarize resource behaviors and interactions across the customer’s AWS environment.New AWS security services

Via tailored visualizations, Amazon Detective aims to provide the details, context, and guidance needed to determine the nature and extent of issues identified by security services such as Amazon GuardDuty, Inspector, Macie, and AWS Security Hub.

AWS also announced the Identity and Access Management (IAM) Access Analyzer, which is designed to help customers audit and understand the policies that protect their resources, allowing administrators to easily check if their policies provide only the intended access to resources.

The new AWS IAM capability, which is immediately available, analyzes policies associated with Amazon S3 buckets, AWS KMS keys, Amazon SQS queues, IAM roles, and AWS Lambda functions to determine all possible access paths. The findings are listed in the IAM console, enabling customers to take action when needed.

The Access Analyzer also monitors policies for changes, and makes findings accessible through the IAM, Amazon S3, and AWS Security Hub consoles and APIs. Furthermore, the data can be exported as a report for auditing purposes.

Access Analyzer for S3 can help organizations ensure that their S3 buckets are not made public by mistake. Publicly accessible S3 buckets have been the cause of many data security incidents in the past years.

AWS also launched Nitro Enclaves, a new Amazon EC2 capability that aims to make it easier for customers to protect and process highly sensitive data through partitioning compute and memory resources. Nitro Enclaves is set to become available in preview early next year.

“Each enclave is an isolated virtual machine with its own kernel, memory, and processor. Customers simply select an instance type and decide how much CPU and memory they want to designate to the enclave. There is no persistent storage, no ability to login to the enclave, and no networking connectivity beyond a secure local channel,” AWS explains.

Customers can also select different combinations of CPU cores and memory when creating an enclave, depending on the size and performance demands of workloads.

Furthermore, the AWS Nitro Enclaves SDK’s set of open-source libraries allow for the building of enclave applications. The SDK integrates with AWS Key Management Service (KMS), so that customers can generate data keys and decrypt them inside the enclave.

Related: AWS Announces General Availability of Security Hub

Related: AWS Launches Mirroring Feature for Inspecting Network Traffic

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cloud Security

VMware vRealize Log Insight vulnerability allows an unauthenticated attacker to take full control of a target system.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.

Cloud Security

Orca Security published details on four server-side request forgery (SSRF) vulnerabilities impacting different Azure services.

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Cloud Security

Cloud Disaster Recovery - Ingredients for a Recipe that Saves Money and Offers a Safe, More Secure Situation with Greater Accessibility

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...