AWS Cloud Security

Infrastructure and services to elevate your security in the cloud
ebook | Security Trends

AWS CISO, CJ Moses, shares what’s ahead for the cloud security industry and how to prepare your business. These predictions are based on what we’re seeing in the cloud security and broader technology industry, our customer interactions and macroeconomic trends. As businesses push to innovate quickly, understanding how to stay ahead of the evolving cloud security landscape will be critical.

Read the ebook >>

Raise your security posture with AWS infrastructure and services.

Using AWS, you will gain the control and confidence you need to securely run your business with the most flexible and secure cloud computing environment available today. As an AWS customer, you will benefit from AWS data centers and a network architected to protect your information, identities, applications, and devices. With AWS, you can improve your ability to meet core security and compliance requirements, such as data locality, protection, and confidentiality with our comprehensive services and features.

AWS allows you to automate manual security tasks so you can shift your focus to scaling and innovating your business. Plus, you pay only for the services that you use. All customers benefit from AWS being the only commercial cloud that has had its service offerings and associated supply chain vetted and accepted as secure enough for top-secret workloads.

What is AWS Security?

Benefits

Scale Securely with Superior Visibility and Control

With AWS, you control where your data is stored, who can access it, and what resources your organization is consuming at any given moment. Fine-grain identity and access controls combined with continuous monitoring for near real-time security information ensures that the right resources have the right access at all times, wherever your information is stored.

Read more »

Automate and Reduce Risk with Deeply Integrated Services

Automating security tasks on AWS enables you to be more secure by reducing human configuration errors and giving your team more time to focus on other work critical to your business. Select from a wide variety of deeply integrated solutions that can be combined to automate tasks in novel ways, making it easier for your security team to work closely with developer and operations teams to create and deploy code faster and more securely.

Read more »

Build with the Highest Standards for Privacy and Data Security

AWS is vigilant about your privacy. With AWS you can build on the most secure global infrastructure, knowing you always own your data, including the ability to encrypt it, move it, and manage retention. All data flowing across the AWS global network that interconnects our datacenters and regions is automatically encrypted at the physical layer before it leaves our secured facilities. Additional encryption layers exist as well; for example, all VPC cross-region peering traffic, and customer or service-to-service TLS connections.

Read more »

Largest Ecosystem of Security Partners and Solutions

Extend the benefits of AWS by using security technology and consulting services from familiar solution providers you already know and trust. We have carefully selected providers with deep expertise and proven success securing every stage of cloud adoption, from initial migration through ongoing day to day management.

Read more »

Inherit the Most Comprehensive Security and Compliance Controls

To aid your compliance efforts, AWS regularly achieves third-party validation for thousands of global compliance requirements that we continually monitor to help you meet security and compliance standards for finance, retail, healthcare, government, and beyond.

Read more »

Strategic Security

AWS is designed to help you build secure, high-performing, resilient, and efficient infrastructure for your applications. World-class security experts who monitor our infrastructure also build and maintain our broad selection of innovative security services, which can help you simplify meeting your own security and regulatory requirements. Our security services and solutions are focused on delivering the following key strategic benefits critical to helping you implement your organization’s optimal security posture:

Prevent

Define user permissions and identities, infrastructure protection and data protection measures for a smooth and planned AWS adoption strategy.

 

Detect

Gain visibility into your organization’s security posture with logging and monitoring services. Ingest this information into a scalable platform for event management, testing, and auditing.

Respond

Automated incident response and recovery to help shift the primary focus of security teams from response to analyzing root cause.

Remediate

Leverage event driven automation to quickly remediate and secure your AWS environment in near real-time.

Customers

"AWS allowed us to store information in a cost effective manner while alleviating the burden of supporting the necessary infrastructure since AWS takes care of that. It really is a win-win for us and our customers."

For security and compliance, customers choose AWS.

Partners

APN Partners offer hundreds of industry-leading security solutions that help customers improve their security and compliance. The scalability, visibility, and affordability our partners inherit with the cloud enables them to create world-class offerings for customers. Learn about products and solutions pre-qualified by the AWS Partner Competency Program to support you in multiple areas, including: infrastructure security, policy management, identity management, security monitoring, vulnerability management, data protection, and consulting services.

These products complement existing AWS services to help you deploy a comprehensive security architecture and a more seamless experience across your cloud and on-premises environments. To learn more about the NIST framework and our Cybersecurity Partners, click here. In addition, refer to our Security Solutions in AWS Marketplace for a broad selection of security offerings from hundreds of independent software vendors.

Network and Infrastructure Security

Network inspection designed to detect and protect your workloads from malicious or unauthorized traffic.

Learn more »

Host and Endpoint Security

Agents that detect and protect against malware and other threats found on your operating system or host. Includes AV, EDR, EPP, FIM, and HIDS.

Learn more »

Data Protection and Encryption

Helps protect data via encryption, user behavior analysis, and identification of content.

Learn more »

Governance, Risk and Compliance (Technology Partners)

Helps provide analysis to assess controls or AWS policies (IAM, S3) as well as regulatory frameworks such as PCI, GDPR, and HIPAA.

Learn more »

Logging, Monitoring, Threat Detection, and Analytics

Centralized logging, reporting, and analysis of logs to provide visibility and security insights.

Learn more »

Identity and Access Control

Help define and manage user identity, access policies and entitlements. Helps enforce business governance including, user authentication, authorization, and single sign on.

Learn more »

Vulnerability and Configuration Analysis

Help inspect your application deployments for security risks and vulnerabilities, while providing priorities and advice to assist with remediation.

Learn more »

Application Security

Assesses code, logic, and application inputs to detect software vulnerabilities and threats.

Learn more »

Consulting Partners

Providing expert guidance to AWS customers on how to leverage security tools and embed best practices into every layer of their environment.

Learn more »

Security Engineering

Accelerating people and processes with modern security tools and frameworks to provide security capabilities that are uniquely available on the AWS Cloud.

Learn more »

Governance, Risk and Compliance

Demonstrable success in helping customers navigate and achieve successful audits and accreditation to industry assurance and certifications programs.

Learn more »

Security Operations and Automation

Proven capabilities of building scalable solutions for customers across all industry verticals and expertise in building secure infrastructure, environments, and applications from the ground up.

Learn more »

Learning

Learn about cloud security with resources such as whitepapers, videos, articles, blog posts, training, and documentation. Learn more >>

How to Enable Encryption in a Browser with the AWS Encryption SDK for JavaScript and Node.js

In this post, we’ll show you how to use the AWS Encryption SDK (“ESDK”) for JavaScript to handle an in-browser encryption workload for a hypothetical application. 

AWS Security Blog >>

Security at the Edge: Core Principles

This whitepaper provides security executives the foundations for implementing a defense in depth security strategy at the edge by addressing three areas of security at the edge.

AWS Whitepaper >>

AWS Security Fundamentals

In this self-paced course, you will learn fundamental AWS cloud security concepts, including AWS access control, data encryption methods, and how network access to your AWS infrastructure can be secured. We will address your security responsibility in the AWS Cloud and the different security-oriented services available.

AWS Training Course >>

AWS Security Reference Architecture

The Amazon Web Services (AWS) Security Reference Architecture (AWS SRA) is a holistic set of guidelines for deploying the full complement of AWS security services in a multi-account environment.

AWS Prescriptive Guidance >>

Introduction to AWS Security

AWS’s approach to security, including controls available to customers.

Learn more >>

Free Digital Training

Learn with hundreds of free, self-paced digital courses on AWS fundamentals.

Learn more >>

Classroom Training

Deepen your technical skills and learn from an accredited AWS instructor.

Learn more >>

AWS Certification

Validate your expertise with an industry-recognized credential.

Learn more >>

What's new in Security, Identity, & Compliance?

View all >>

Expert Guidance

Security support

  • Real-time insight through Trusted Advisor
  • Proactive Support and advocacy with a Technical Account Manager (TAM)

Professional services

  • Strategic advice for In-Depth Security Solutions
  • Detect and respond to security issues with the Security Operations Playbook

Vulnerability Reporting

Learn about our practice for addressing potential vulnerabilities in any aspect of our cloud services.

Report vulnerabilities

AWS investigates all reported vulnerabilities

Report suspicious emails

Please notify us of any suspicious emails 

Have Questions? Connect with an AWS Business Representative
Exploring security roles?
Apply today »
Want AWS Security updates?
Follow us on Twitter »