Category: Configuration, compliance, and auditing

This post is co-written with Dr. Jens Kohl, Daniel Engelhardt, and Sascha Kallin from BMW Group. The BMW Group – headquartered in Munich, Germany – is a vehicle manufacturer with 149,000 employees worldwide and manufactures in over 30 production and assembly facilities across 15 countries. Today, the BMW Group (BMW) is the world’s leading manufacturer […]

AWS Config assesses, audits, and evaluates the configurations and relationships of your resources in your AWS account. Why might we want to use this service for cost optimization? Well consider a scenario where we can be alerted if a specific Amazon Relational Database Service (Amazon RDS) instance is deployed in the account. If a larger […]

Balancing developer freedom and governance controls is a key challenge faced by organizations that are adopting cloud. On one hand, developers need the freedom to innovate and develop new applications and services quickly and on the other, organizations need to maintain control over the resources used and the data processed in order to ensure compliance […]

The rapid growth of generative AI brings promising new innovation, and at the same time raises new challenges. At AWS, we are committed to developing AI responsibly while enabling customers to provide assurance regarding the security of their environment to regulators and auditors. AWS Audit Manager announces the first version of AWS best practices framework for generative AI […]

AWS Config is a service that tracks configuration changes of AWS resources in your AWS account or across your AWS Organizations. AWS Config uses the configuration recorder to detect changes of your resources and track them as configuration items (CIs). Given the increasing complexity of cloud infrastructure, the number of resource configuration changes being made […]

Today, we are happy to announce that AWS CloudTrail Lake data is now available for zero-ETL analysis in Amazon Athena. AWS CloudTrail Lake is a managed data lake for capturing, storing, accessing, and analyzing user and API activity on AWS for audit, security, and compliance purposes. CloudTrail Lake allows you to easily aggregate activity logs […]

The purpose of this narrative is to provide guidance for Mergers & Acquisitions (M&A) Due Diligence stakeholders on how to leverage AWS Audit Manager to support compliance and risk assessments during technical due diligence. The target audience of this guidance includes practitioners that support diligence, integration, corporate development (CorpDev), technology/IT, auditing, and advisory activities during […]

In 2022 Amazon Web Services (AWS) released AWS CloudTrail Lake, a managed audit and security lake that allows you to aggregate, immutably store, visualize, and query your activity logs for auditing, security investigation, and operational troubleshooting.  Working backwards from our customers we have added capabilities to CloudTrail Lake such as the ability to copy CloudTrail events into […]

Security and compliance is a shared responsibility between AWS and the customer. The shared responsibility model outlines responsibilities for Security of the Cloud versus Security in the Cloud. Customers are responsible for Security in the Cloud, which includes patching Amazon EC2 instances. For the customers running workloads on EC2 instances, during security audits, they may be […]

In the first post of this two-part series, we highlighted how Life Sciences customers can implement a controlled change management process using AWS Systems Manager Change Manager and AWS Config. The solution in our first post, highlighted how a you can follow your Standard Operating Procedures (SOP’s) by implementing approval steps in order to make […]