AWS Open Source Blog
Category: Security, Identity, & Compliance
Secure your Express application APIs in 5 minutes with Cedar
Today, the open source Cedar project announced the release of authorization-for-expressjs, an open source package that simplifies using the Cedar policy language and authorization engine to verify application permissions. This release allows developers to add policy-based authorization to their Express web framework APIs within minutes, and without any remote service calls. Express is a minimal […]
Introducing Cedar Analysis: Open Source Tools for Verifying Authorization Policies
Today, we’re excited to announce Cedar Analysis, a new open source toolkit for developers that makes it easier for everyone to verify the behavior of their Cedar policies. Cedar is an open source authorization system that enables developers to implement fine-grained access controls in their applications. With ~1.17 million downloads and growing adoption, Cedar is […]
GNOME has a new infrastructure partner: welcome AWS!
This post was contributed by Andrea Veri from the GNOME Foundation. It has been cross-posted from gnome.org with permission. GNOME has historically hosted its infrastructure on premises. That changed with an AWS Open Source Credits program sponsorship which has allowed our team of two SREs to migrate the majority of the workloads to the cloud […]
OCSF Joins the Linux Foundation: Accelerating the Standardization of Cybersecurity Data
In the ever-evolving landscape of cybersecurity, the need for efficient, standardized ways to manage and analyze security data has never been more critical. Today, we are announcing a significant milestone in our industry’s journey towards this goal: the Open Cybersecurity Schema Framework (OCSF) is joining the Linux Foundation. AWS is a founding member and active […]
From Data Chaos to Cohesion: How OCSF is Optimizing Cyber Threat Detection
With the release of version 1.3.0, the Open Cybersecurity Schema Framework (OCSF) introduces several enhancements designed to further standardize and help streamline cybersecurity data management. OCSF is a collaborative, open source effort by AWS and leading partners in the cybersecurity industry, which provides a standard schema for common security events, defines versioning criteria to facilitate […]
Lean Into Verified Software Development
We built a formal model of Cedar in Lean, and proved that Cedar’s components satisfy key safety and security properties.
Two New Open Source Rust Crates Create Easier Cedar Policy Management
Developers using the Cedar SDK can use two new open source Rust crates, cedar-local-agent and avp-local-agent, to reduce their development burden and ease policy management tasks.
How Open Source Projects are Using Kani to Write Better Software in Rust
AWS open source project Kani is succeeding in changing the perception, effectiveness, and usability of verification tools that were previously thought to be cumbersome or beyond reach.
Celebrating One Year of OCSF: Simplifying Security Telemetry for a Stronger Defense
On the one-year anniversary of the Open Cybersecurity Schema Framework (OCSF) project, we’re thrilled to announce the release of OCSF v1.0.0 and reflect on the milestones we’ve achieved and the positive impact OCSF has had on the security industry.
Configure Keycloak on Amazon Elastic Kubernetes Service (Amazon EKS) using Terraform
Learn how to configure open source Keycloak on Amazon Elastic Kubernetes Service (Amazon EKS) using Terraform to manage an open source application in AWS.