AWS Security Blog

Spring 2025 PCI DSS compliance package available now

Amazon Web Services (AWS) is pleased to announce that three new AWS services have been added to the scope of our Payment Card Industry Data Security Standard (PCI DSS) certification: Amazon Verified Permissions AWS B2B Data Interchange AWS Resource Explorer This certification means that customers can use these services while maintaining PCI DSS compliance, enabling […]

2025 CyberVadis report now available for due diligence on third-party suppliers

We’re excited to announce that AWS has completed the CyberVadis assessment of its security posture with the highest score (Mature) in all assessed areas. This demonstrates our continued commitment to meet the heightened expectations for cloud service providers. Customers can now use the 2025 AWS CyberVadis report and scorecard to reduce their supplier due-diligence burden. With […]

Remote access to AWS: A guide for hybrid workforces

Amazon Web Services (AWS) customers can enable secure remote access to their cloud resources, supporting business operations with both speed and agility. As organizations embrace flexible work environments, employees can safely connect to AWS resources from various locations using different devices. AWS provides comprehensive security solutions that help organizations maintain strong protection of corporate resources, […]

AWS Certificate Manager now supports exporting public certificates

July 2, 2025: We’ve updated this post to include an FAQ section at the end. This includes our response to changing validity periods and associated certificate price points. AWS Certificate Manager (ACM) simplifies the provisioning, management, and deployment of public and private TLS certificates for AWS services and your on-premises and hybrid applications. To further […]

CISPE logo

CISPE Data Protection Code of Conduct Public Register now certifies 122 AWS services as adherent

We continue to expand the scope of our assurance programs at Amazon Web Services (AWS) and are pleased to announce that 122 services are now certified as adherent to the Cloud Infrastructure Services Providers in Europe (CISPE) Data Protection Code of Conduct. This alignment with the CISPE requirements demonstrates our ongoing commitment to adhere to the heightened expectations for […]

How to prioritize security risks using AWS Security Hub exposure findings

At re:Inforce 2025, AWS unveiled an enhanced AWS Security Hub that transforms how organizations prioritize their most critical security issues and respond at scale to protect their cloud environments. In this blog post, we discuss how you can use Security Hub to prioritize these issues with exposure findings. The enhanced Security Hub now uses advanced […]

Empower AI agents with user context using Amazon Cognito

Amazon Cognito is a managed customer identity and access management (CIAM) service that enables seamless user sign-up and sign-in for web and mobile applications. Through user pools, Amazon Cognito provides a user directory with strong authentication features, including passkeys, federation to external identity providers (IdPs), and OAuth 2.0 flows for secure machine-to-machine (M2M) authorization. Amazon […]

Secure your Express application APIs in minutes with Amazon Verified Permissions

June 23, 2025: We updated @verifiedpermissions/authorization-clients to @verifiedpermissions/authorization-clients-js to correctly reflect the name of the package on npm. Today, Amazon Verified Permissions announced the release of @verifiedpermissions/authorization-clients-js, an open source package that developers can use to implement external fine-grained authorization for Express.js web application APIs in minutes when using Verified Permissions. Express is a minimal […]

Improve your security posture using Amazon threat intelligence on AWS Network Firewall

Today, customers use AWS Network Firewall to safeguard their workloads against common security threats. However, they often have to rely on third-party threat feeds and scanners that have limited visibility in AWS workloads to protect against active threats. A self-managed approach to cloud security through traditional threat intelligence feeds and custom rules can result in […]

How AWS is simplifying security at scale: Four keys to faster innovation from AWS re:Inforce 2025

When I began my career in security, most people accepted as fact that protecting systems came at the expense of productivity. That didn’t have to be true then, and it’s definitely not true now. The cloud, and specifically the AWS Cloud, is a big reason why. But as technology evolves and systems become more complex, […]