AWS News Blog

At AWS re:Inforce 2025 (June 16-18, Philadelphia), AWS Vice President and Chief Information Security Officer Amy Herzog delivered the keynote address, announcing new security innovations. Throughout the event, AWS announced additional security capabilities focused on simplifying security at scale and enabling organizations to build more resilient applications in the cloud. Below is a comprehensive roundup […]

Expanded Amazon GuardDuty Extended Threat Detection for EKS clusters uses proprietary correlation algorithms to identify sophisticated multi-stage attack sequences across Kubernetes audit logs, container runtime behaviors, and AWS API activities through a new critical severity finding type: AttackSequence:EKS/CompromisedCluster.

AWS Security Hub has been enhanced with new capabilities that integrate multiple AWS security services to automatically discover resources, evaluate risks, analyze attack paths, and provide AI-assisted recommendations, helping security teams prioritize critical issues and respond to threats at scale with improved visualization and remediation guidance.

Multi-party approval for AWS Backup logically air-gapped vaults enables organizations to recover their backup data even when their AWS account is compromised, by creating approval teams of trusted individuals who can authorize vault sharing with a recovery account through a separate authentication path.

Shield network security posture management automatically discovers and analyzes network resources across AWS accounts, prioritizes security risks based on AWS best practices, and provides actionable remediation recommendations to protect applications against threats like SQL injections and DDoS attacks.

Try the simplified console experience with Amazon CloudFront to accelerate and secure web applications within a few clicks by automating TLS certificate provisioning, DNS configuration, and security settings through an integrated interface with AWS WAF’s enhanced Rule Packs.

You can now use AWS Certificate Manager to issue exportable public certificates for your AWS, hybrid, or multicloud workloads that require secure TLS traffic termination.

A new capability in IAM Access Analyzer helps security teams verify which principals within their AWS organization have access to critical resources like S3 buckets, DynamoDB tables, and RDS snapshots by using automated reasoning to evaluate multiple policies and provide findings through a unified dashboard.