Category: Security, Identity, & Compliance

AWS Backup simplifies policy-based data protection at scale, and observability offers insights into the backup process for monitoring, issue detection, troubleshooting, and optimization. This ensures backup dependability, efficiency, and security. CloudQuery enables managing and visualizing AWS Backup across accounts, including backup health, configuration, and protected resources to facilitate building a robust compliance posture.

Symmetry Systems DataGuard is a data security posture management solution to enhance protection of sensitive data in AWS environments. It seamlessly integrates with AWS services to discover where sensitive data resides, map permissions, and identify risks—all without extracting data. Overall, the combination of AWS security services and Symmetry Systems DataGuard enables organizations to securely unlock the full potential of the cloud.

As systems generate increasing data, making sense of it is critical. Application logs are unique and not standardized. Leidos addresses logging issues using the Open Cybersecurity Schema Framework (OCSF) and Amazon Security Lake via the Leidos OCSF Integration Suite (LOIS), which bridges applications to generate OCSF-compliant messages and ingest them into Amazon Security Lake for analysis and visualization.

Marriott’s CISO Arno Van Der Walt manages cybersecurity through a “human-centered, data-driven, technology-enabled” approach aimed at making security frictionless. Critical partnerships with AWS, Deloitte, and Palo Alto Networks leverage AI/ML to share threat data and empower “impossible” autonomous security. Together, their tri-party services provide an end-to-end platform unifying business and security data to detect threats and enable quick response.

As online commerce grows, so do opportunities for fraud. Businesses lose billions annually to bots and attacks like scraping and payment fraud, making effective and scalable protection essential. DataDome provides accurate, real-time detection and mitigation without compromising user experience. By deploying globally on AWS and optimizing performance, DataDome achieves sub-millisecond response times to inspect every request while minimizing false positives.

Uptycs and AWS Systems Manager integration provides automated, consistent deployment of Uptycs sensors across Amazon EC2 instances. This enhances security by ensuring full coverage, reducing misconfigurations, and streamlining management. Uptycs is an AWS Specialization Partner offering cloud-native application protection and endpoint detection and response. The integration leverages AWS Systems Manager’s capabilities for centralized instance management.

Cisco Multicloud Defense is a highly scalable, on-demand as-a-service solution that provides cloud-native and flexible security to your multicloud infrastructure. It unifies security controls across cloud environments, protects workloads from multiple directions, and drives operational efficiency with automation and orchestration of cloud-native constructs. Cisco Multicloud Defense consists of two major components: Multicloud Defense Controller and Cisco Multicloud Defense Gateway.

Organizations are rapidly adopting containerized environments using AWS Fargate for developer efficiency. Sysdig uses advanced instrumentation to provide real-time visibility into AWS Fargate containers to detect threats. With policies and automatic response, Sysdig Secure enables AWS Fargate workload protection without requiring code changes. As an AWS Specialization Partner, Sysdig helps secure cloud-native applications on AWS.

AWS IAM Roles Anywhere allow you to use identity and access management roles to obtain temporary credentials for workloads outside AWS. This minimizes exposed credentials, enables centralized access controls with AWS IAM, and provides granular permissions to virtual machines. Explore common use cases for using IAM Roles Anywhere for your workloads running on VMware Cloud on AWS and the relevant setup process on a virtual machine in VMware Cloud on AWS.

For applications running outside AWS, developers often create IAM users with long-lived credentials which can increase security risks. Instead, learn how to integrate AWS IAM Web Identity Roles with Microsoft Entra ID for centralized user management. This post walks through manual setup steps to register an app in Entra ID and create a role in AWS, and describes an automated architecture to synchronize Entra ID service principals and AWS roles.