|
In AWS Re: Inforce 2025 (16th-18th June, Philadelphia), AWS Vice President and Main Officer for Information Security Amy Herzog delivered the main lecture address and announced new security innovations. During this event, AWS announced another security capacity aimed at simplifying security in the extent and enably organizations to create more resistant applications in the cloud. Below is a comprehensive rounding of the main security launch and update announced at this year’s conference.
Verify the internal approach to AWS critical resources with the new IAM Access analyzer
The new ability in AWS identity and access management analyzers helps to verify which network of AWS organizations has access to critical resources such as S3 buckets, Dynamodb tables, and RDS images using automated thinking to evaluate policy and provide detection through a unified control panel.
AWS Iam now endoces MFA for root users across all types of accounts
The new multi -factor sweeping prevents more than 99% of the password -related attacks. You can use a number of supported IAM MFA methods that include security keys with certification to solidify access to your AWS accounts. AWS supports PassSkeys Fido2 for user -friendly MFA implementation and allows you to register up to 8 MFA devices on ROOT and IAM users.
Improve your body safety posture using Amazon Threat Intelligence intelligence on AWS Network Firewall
This new group managed network group Firewall offers protection against active threats that have workload in AWS. This feature uses the Amazon Threat Intelligence System Madpot to continuously monitor offensive infrastructure, including malware hosting the URL, command and control servers of botnet and crypto mining, identifying compromise indicators (IOC) for active threats.
AWS EXPORTABLE PUBLE SSL/TLS Certificate Certificates Administrator for use anywhere
You can now use AWS certificates to export public certificates for your AWS, Hybrid or Multicles that require secure TLS transport.
AWS WAF Simplified Console experience
The new AWS WAF console experience reduces security configuration steps by up to 80% through pre -configured protective packages. Safety teams can quickly implement understanding of protection of specific application types, with consultes metrics and customizable controls through an intuitive interface.
Amazon Cloudfront simplifies the delivery and security of the web application with a new user -friendly interface
Try simplified console experience with Amazon Cloudfront to accelerate and secure web applications by automating TLS certificates, DNS configurations, and security settings via integrated AWS WAF rules.
The new AWS Shield feature discovers network security before you can use (preview)
Shield security management automatically discovers and analyzes network resources across AWS accounts, prioritization safety risks based on proven AWS procedures, and provides remedial recommendations that can be carried out to protect applications from threats such as SQL injections and DDOS attacks.
Unify your security with the new AWS Safety Center to prioritize risks and reaction in scale (preview)
The AWS Security Hub has been improved to transform security signals into special information that helps security teams to prefer and respond to critical scale problems. This unified solution provides comprehensive visibility in your cloud environment while reducing the complexity of management of multiple security tools.
Amazon Guardduts expands the widespread coverage of threat detection on Amazon eCs
Amazon Guardduty Detected Detection Detection Threat Detection now supports Amazon EKS clusters and helps you detect sophisticated multi -stage attacks of security signals across the Kubernetes audit protocol, API running and API activities. This improvement automatically identifies the critical sequence of attack, which could otherwise be unnoticed, allowing a faster response to threat.
New categories for AWS MSSP compound
AWS MSSP competences (formerly AWSP competences) now include new categories covering infrastructure security, working utilization, application security, data protection, identity and access management, response to incidents and cyber recovery. Partners provide 24/7 monitoring and incident response through specialized security centers.
Ensure the Express Application API APIs within minutes using Amazon Authorized Authorization
Amazon verified permissions announced the issue of a verified survey-Express-Toolkit, an open source package that allows developers to authorize for the express API for the web application in minutes using the verified AMAZON permissions.
Beyond Compute: Shift of vulnerability detection remaining with Amazon inspector
The Amazon Inspector code is now generally available, helping you to ensure the application before manufacturing by quick identification and priority of security injury and incorrect configurations across the source code, dependence and infrastructure as code (IAC).
AWS Backup adds new approval of multiple pages for logically air safes
Approval of multiple pages for AWS backups logically air vaults allow you to restore backup data, even if your AWS account is at risk, using authorization from the designated approval team of trusted individuals who can allow sharing safes with recovery accounts.