Category: Compliance

Does AWS comply with X program? How about GDPR? What about after Brexit? And what happens with machine learning data? In the latest AWS Security & Compliance Podcast, we sit down with VP of Security Chad Woolf, who answers your compliance and data privacy questions. Including one of the most frequently asked questions from customers […]

For more from Steve, follow him on Twitter Customers continue to tell me that our AWS re:Invent conference is a winner. It’s a place where they can learn, meet their peers, and rediscover the art of the possible. Of course, there is always an air of anticipation around what new AWS service releases will be […]

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. In just the last year, we’ve increased the number of ISO services in scope by 70%. That makes 114 services in total that have been validated against ISO 9001, 27001, 27017, and 27018. The following services are new to our […]

September 9, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details. In just the last 6 months, we’ve increased the number of Payment Card Industry Data Security Standard (PCI DSS) certified services by 50%. We were evaluated by third-party auditors from Coalfire and the latest report is now available on AWS […]

April 25, 2023: We’ve updated this blog post to include more security learning resources. Governance, risk, and compliance (GRC) programs are sometimes looked upon as the bureaucracy getting in the way of exciting cybersecurity work. But a good GRC program establishes the foundation for meeting security and compliance objectives. It is the proactive approach to […]

Continuous Diagnostics and Mitigation (CDM), a U.S. Department of Homeland Security cybersecurity program, is gaining new visibility as part of the federal government’s overall focus on securing its information and networks. How an agency performs against CDM will soon be regularly reported in the updated Federal Information Technology Acquisition Reform Act (FITARA) scorecard. That’s in […]

Seventy-three. That’s the number of AWS services now available to our customers under our System and Organizational Controls (SOC) 1, 2, and 3 audits, with 11 additional services included during this most recent audit cycle. The SOC reports are now available to you on demand in the AWS Management Console. The SOC 3 report can […]

There are about 60 security-focused sessions and talks at re:Invent this year. That’s in addition to more than 2,000 other sessions, activities, chalk talks, and demos planned throughout the week. We want to help you get the most out the event and maximize your time. That’s why we’re previewing the security track and highlighting what’s […]

As financial institutions increasingly move their technology infrastructure to the cloud, financial regulators are tailoring their oversight to the unique features of a cloud environment. Regulators have followed a variety of approaches, sometimes issuing new rules and guidance tailored to the cloud. Other times, they have updated existing guidelines for managing technology providers to be […]

We have completed the European automotive industry’s TISAX high assessment for 43 services. To successfully complete the TISAX high assessment, EY Germany conducted an independent audit, and attested that our information management system meets industry-set standards. This provides automotive industry organizations the assurance needed to build secure applications and services on AWS. TISAX was established by the German Association […]