AWS Security Blog
Tag: Amazon Athena
Federated access to Amazon Athena using AWS IAM Identity Center
Managing Amazon Athena through identity federation allows you to manage authentication and authorization procedures centrally. Athena is a serverless, interactive analytics service that provides a simplified and flexible way to analyze petabytes of data. In this blog post, we show you how you can use the Athena JDBC driver (which includes a browser Security Assertion […]
Enhance container software supply chain visibility through SBOM export with Amazon Inspector and QuickSight
In this post, I’ll show how you can export software bills of materials (SBOMs) for your containers by using an AWS native service, Amazon Inspector, and visualize the SBOMs through Amazon QuickSight, providing a single-pane-of-glass view of your organization’s software supply chain. The concept of a bill of materials (BOM) originated in the manufacturing industry […]
Aggregating, searching, and visualizing log data from distributed sources with Amazon Athena and Amazon QuickSight
Part 1 of a 3-part series Part 2 – How to visualize Amazon Security Lake findings with Amazon QuickSight Part 3 – How to share security telemetry per Organizational Unit using Amazon Security Lake and AWS Lake Formation Customers using Amazon Web Services (AWS) can use a range of native and third-party tools to build […]
Three ways to accelerate incident response in the cloud: insights from re:Inforce 2023
AWS re:Inforce took place in Anaheim, California, on June 13–14, 2023. AWS customers, partners, and industry peers participated in hundreds of technical and non-technical security-focused sessions across six tracks, an Expo featuring AWS experts and AWS Security Competency Partners, and keynote and leadership sessions. The threat detection and incident response track showcased how AWS customers […]
How to visualize IAM Access Analyzer policy validation findings with QuickSight
In this blog post, we show you how to create an Amazon QuickSight dashboard to visualize the policy validation findings from AWS Identity and Access Management (IAM) Access Analyzer. You can use this dashboard to better understand your policies and how to achieve least privilege by periodically validating your IAM roles against IAM best practices. […]
How to query and visualize Macie sensitive data discovery results with Athena and QuickSight
February 21, 2023: We’ve updated the CREATE TABLE DDL to add the new originType field introduced as part of the Automated Sensitive Data Discovery feature of Macie. Amazon Macie is a fully managed data security service that uses machine learning and pattern matching to help you discover and protect sensitive data in Amazon Simple Storage Service (Amazon S3). With […]
How to use Amazon Macie to preview sensitive data in S3 buckets
February 13, 2024: We’ve updated this post to show you how to configure Macie to assume an IAM role when you configure Macie to preview sensitive data in findings. Security teams use Amazon Macie to discover and protect sensitive data, such as names, payment card data, and AWS credentials, in Amazon Simple Storage Service (Amazon […]
How to build a multi-Region AWS Security Hub analytic pipeline and visualize Security Hub data
AWS Security Hub is a service that gives you aggregated visibility into your security and compliance posture across multiple Amazon Web Services (AWS) accounts. By joining Security Hub with Amazon QuickSight—a scalable, serverless, embeddable, machine learning-powered business intelligence (BI) service built for the cloud—your senior leaders and decision-makers can use dashboards to empower data-driven decisions […]
The three most important AWS WAF rate-based rules
In this post, we explain what the three most important AWS WAF rate-based rules are for proactively protecting your web applications against common HTTP flood events, and how to implement these rules. We share what the Shield Response Team (SRT) has learned from helping customers respond to HTTP floods and show how all AWS WAF […]
Automate Amazon Athena queries for PCI DSS log review using AWS Lambda
In this post, I will show you how to use AWS Lambda to automate PCI DSS (v3.2.1) evidence generation, and daily log review to assist with your ongoing PCI DSS activities. We will specifically be looking at AWS CloudTrail Logs stored centrally in Amazon Simple Storage Service (Amazon S3) (which is also a Well-Architected Security […]