Category: Security, Identity, & Compliance

In this post, the first in a two-part series, we focus on the detection and forensic readiness side of satellite IR. This post walks through instrumenting your ground segment with Amazon Web Services (AWS) security services and AWS Ground Station so that threats surface before they cause damage, and forensic data is already flowing when an incident occurs.

This blog covers what to do when those detections fire. Satellite incident response (IR) must account for constraints that ground-based systems never face: containment actions that wait for the next orbital pass, decisions that trade mission continuity against security, and recovery procedures where the compromised endpoint cannot be physically accessed. It walks through containment, eradication, recovery, automated runbooks, and tabletop exercises designed for satellite operations teams.

In this post, we explain what the Progressing Snapshot program is, what the program is for, who it is for, and how Amazon Web Services (AWS) helps you lay the foundation to address many of the 40 snapshot controls.

This post explains how to build exactly that using Strands Agents and Amazon Bedrock. The entire solution runs in about 200 lines of Python code, and you can have it working on your computer after completing the pre-requisite steps.

In this post, you will learn how the Maritime Cloud Environment (MCE) addresses these challenges by offering suppliers a secure, compliant, Navy-provided Amazon Web Services (AWS) Cloud environment for digital engineering collaboration.

Why preventive controls matter for FedRAMP 20x Organizations strengthen their security posture when Amazon Web Services (AWS) cloud resources consistently align with security and regulatory requirements. Preventive security controls, which are designed to minimize or avoid threat events, help enforce these requirements before misconfigurations are deployed. In this post, we show how service control policies […]

This post distills how one Amazon Web Services (AWS) customer in the defense and aerospace industry interpreted the U.S. International Traffic in Arms Regulations (ITAR) and concluded that U.S. commercial AWS Regions could support their export-controlled workloads, including AI workloads, when configured appropriately.

In this post, we cover the use cases for AWS Cloud WAN in AWS GovCloud (US), walk through the key capabilities now available to government organizations and regulated industries, provide guidance on getting started, and discuss important considerations for deployment.

Learn how Amazon Web Services (AWS) operates inside a scoped compute environment with an AWS Identity and Access Management (IAM) execution role, network segmentation, and defense-in-depth security meeting FISMA, FedRAMP, and DoD CCSRG standards.

This post outlines a practical governance framework for agentic AI systems, with a focus on public sector and other highly regulated environments. It introduces a scope-based model for classifying agent autonomy, identifies core security dimensions, and describes how organizations can align agentic AI governance with existing risk, compliance, and assurance programs.