Category: Security, Identity, & Compliance

At AWS, security is the top priority, and we are committed to providing you with the necessary guidance to fortify the security posture of your environment. In 2018, we introduced built-in authentication support for Application Load Balancers (ALBs), enabling secure user authentication as they access applications. This feature allows developers to offload the authentication responsibility […]

Organizations use remote access solutions for secure remote user access to resources hosted on their internal networks. This post shows various deployment models to integrate AWS Network Firewall with AWS Client VPN. AWS Client VPN is a managed client-based VPN service that secures access to your AWS resources, and resources in your on-premises network, over […]

Protecting against bot threats requires insights into the client environment beyond what is available through network-level characteristics of a request, such as TCP or HTTP payload signatures. AWS WAF uses CAPTCHA and Challenge actions to undertake a client-side interaction, whether on a mobile device or browser, to understand this client environment before they can be […]

Web application security is an ongoing process. AWS WAF enables real-time monitoring and blocking of potentially harmful web requests. Bot Control and Fraud Control use machine learning (ML) to detect and prevent sophisticated threats. Bot traffic can make up anywhere from 30% to 50% or even more of total web traffic. After enabling AWS WAF, […]

AWS Network Firewall is a managed, stateful network firewall and intrusion protection service that allows you to implement firewalls rules for fine grained control over your network traffic. If you’re new to AWS Network Firewall, and want to understand its features and use cases, we recommend you review the blog post AWS Network Firewall – […]

Many AWS customers modernizing their applications into modular services to speed up the development process and improve their ability to scale out individual services as part of the architecture. This includes services developed by the customer and SaaS applications developed by partners. Communication between services requires network connectivity across the Amazon Web Services (AWS) environment. […]

Traffic Mirroring is an Amazon Virtual Private Cloud (VPC) feature you can use to copy network traffic from an elastic network interface of an Amazon Elastic Compute Cloud (EC2) instance and send it to a target storage service for analysis. You can use it for content inspection, threat monitoring, network performance monitoring, and troubleshooting. Through […]

Amazon Web Services (AWS) Verified Access (AVA) is a secure remote access service that eliminates the need for VPNs. AVA reduces management complexity and improves security with real-time evaluations of requests based on factors such as identity and device posture. With Verified Access, you can define access policies written in Cedar using end user context, […]

As security threats have become more sophisticated and easier to scale, customers increasingly use Amazon CloudFront and AWS WAF together to improve the performance, resiliency, and security of their web applications and APIs. CloudFront is a Content Delivery Network (CDN) that reduces latency by delivering data to viewers anywhere in the world using one of […]

In this blog post, we will discuss how you can setup VPN-less secure access to your corporate applications if you are using Security Assertion Markup Language (SAML) based identity providers (IdPs). We will also provide guidance if you have already invested in integrating third-party IdPs with AWS IAM Identity Center (successor to AWS Single Sign-On), […]