Category: Advanced (300)

This blog post is the second of a two-part series where we show you how to respond to a specific incident by using HAQM Security Lake as the primary data source to accelerate incident response workflow. The workflow is described in the Unintended Data Access in HAQM S3 incident response playbook, published in the AWS […]

As security best practices have evolved over the years, so has the range of security telemetry options. Customers face the challenge of navigating through security-relevant telemetry and log data produced by multiple tools, technologies, and vendors while trying to monitor, detect, respond to, and mitigate new and existing security issues. In this post, we provide […]

HAQM Virtual Private Cloud (HAQM VPC) provides two options for controlling network traffic: network access control lists (ACLs) and security groups. A network ACL defines inbound and outbound rules that allow or deny traffic based on protocol, IP address range, and port range. Security groups determine which inbound and outbound traffic is allowed on a […]

March 7, 2025: This post was republished to update the code, architecture, and narrative introducing the launch of Single Sign-on and trusted identity propagation support for HAQM Redshift Data API with AWS IAM Identity Center. With the introduction of trusted identity propagation, applications can now propagate a user’s workforce identity from their identity provider (IdP) […]

As independent software vendors (ISVs) shift to a multi-tenant software-as-a-service (SaaS) model, they commonly adopt a shared infrastructure model to achieve cost and operational efficiency. The more ISVs move into a multi-tenant model, the more concern they may have about the potential for one tenant to access the resources of another tenant. SaaS systems include […]

Securely share sensitive data with time-limited, nonce-enhanced presigned URLs that prevent replay attacks, minimizing exposure risks through granular access controls and rigorous monitoring.

In this post, we’ll show how you can use AWS Private Certificate Authority (AWS Private CA) to issue a wide range of X.509 certificates that are tailored for specific use cases. These use-case bound certificates have their intended purpose defined within the certificate components, such as the Key Usage and Extended Key usage extensions. We […]

A data perimeter on HAQM Web Services (AWS) is a set of preventive controls you can use to help establish a boundary around your data in AWS Organizations. This boundary helps ensure that your data can be accessed only by trusted identities from within networks you expect and that the data cannot be transferred outside […]

September 20, 2024: Updated the incident response life cycle related wording in the first blog of this series, so to better align with the NIST defined terms. This blog post is the first of a two-part series that will demonstrate the value of HAQM Security Lake and how you can use it and other resources to accelerate […]

When an identity provider (IdP) serves multiple service providers (SPs), IdP-initiated single sign-on provides a consistent sign-in experience that allows users to start the authentication process from one centralized portal or dashboard. It helps administrators have more control over the authentication process and simplifies the management. However, when you support IdP-initiated authentication, the SP (HAQM […]