AWS announces new security innovations

The new offerings are expected to help AWS customers increase security, affordable cyber insurance policies, and create a simplified customer experience.

AWS announced 14 new security offerings across cloud security, management tools, encryption, and more at its AWS re:Inforce 2023

Phil Rodrigues, AWS head of Security in Asia Pacific and Japan said, “Security is our top priority. AWS provides our customers in Vietnam with cloud security solutions that allow them to experiment and iterate securely, so they can move quickly and stay secure.”

“Today at AWS re:Inforce, we announced a series of services and features which allow customers to optimise their security investments, innovate securely with advanced technology including generative AI, and use data to respond more quickly to an evolving security landscape. We also announced a series of programmes to help our partners in new domains, such as cyber insurance, to accelerate secure cloud adoption. Our focus is to continually raise the bar for security in the industry by providing the most secure place for builders in Vietnam to develop innovative applications,” he said.

For cloud security, the new offerings include Amazon CodeGuru Security, Software Bill of Materials export capability in Amazon Inspector, the general availability of Code Scans for AWS Lambda function, and Amazon Detective.

Amazon CodeGuru Security is now available in preview. AWS announced the preview release of Amazon CodeGuru Security, a static application security testing tool that uses Machine Learning to help customers identify code vulnerabilities and provide guidance customers can use as part of remediation. It also provides in-context code patches for certain classes of vulnerabilities to help reduce the effort required to fix code vulnerabilities.

In terms of management tools, AWS announced AWS CloudTrail Lake Dashboards, AWS Security Hub with a new capability for automating actions to update findings, AWS Config, and Amazon EC2 Instance Connect.

AWS announced that CloudTrail Lake dashboards are now generally available. CloudTrail Lake dashboards provide out-of-the-box visibility and top insights from your audit and security data directly within the CloudTrail Lake console.

AWS announced the general availability of a new feature within AWS Config that lets customers exclude resource types in the configuration recorder. This launch is particularly useful for customers who identify high-volume resource types that they do not need.

For encryption, AWS announced Amazon S3 Dual-Layer Server-Side Encryption with keys stored in AWS key management service, and Move Payment Processing to the Cloud with AWS Payment Cryptography.

Amazon S3 dual-layer server-side encryption with keys stored in AWS Key Management Service is a new encryption option in Amazon Simple Storage Service (Amazon S3) that applies two layers of encryption to objects when they are uploaded to an Amazon S3 bucket.

Meanwhile, AWS Payment Cryptography is a service that simplifies the implementation of cryptography operations used to secure data in payment processing applications for debit, credit, and stored-value cards in accordance with various payment card industry, network, and American National Standards Institute standards and rules.

To help simplify how customers manage authorisation in their applications, AWS announced Amazon Verified Permissions. It is now generally available.

First announced in preview at re:Invent 2022, Amazon Verified Permissions is a scalable permissions management and fine-grained authorisation service for building applications. Amazon Verified Permissions centralises permissions in a policy store and helps developers use those permissions to authorise user actions within their applications.

For AWS partners, AWS announced the Cyber Insurance Partner Programme, the AWS Global Partner Security Initiative, and AWS Built-in Partner Solutions to achieve faster growth and scale.

AWS Cyber Insurance Partners makes it easy for customers, particularly small and medium businesses to find affordable cyber insurance policies that integrate their security posture assessment solutions through a new, simplified customer experience.

By using the new assessment solutions from AWS Cyber Insurance Partners, organisations can receive cyber insurance pricing estimates, purchase plans, and be confident they have the coverage for security and recovery services when needed most. AWS Cyber Insurance Partners have worked with AWS to digitally transform their assessment and onboarding processes and can now reward customers that present a security posture which follows AWS best practices.

New requirements to shore up personal data protection The forthcoming legal framework on personal data protection means all domestic and foreign organisations processing personal information must handle sensitive individual personal information in a proper manner.

All systems go for energy security The newly approved Power Development Plan VIII for 2021-2030, with a vision to 2050, is designed to improve the country’s energy security and set out a roadmap for developing energy sources towards a green path. However, realising the targets will be a profound challenge for all involved.

Data security – A top priority for digital economy development Businesses, policymakers, and experts gathered at the Vietnam Security Summit 2023 on June 2 to discuss the importance of information security and how to effectively utilise it in the context of digital transformation and global uncertainties.

SASE considered optimal solution for network security in the hybrid work era Using a single vendor secure access service edge (SASE) is an important solution to secure remote workers amidst the surge of unmanaged devices and increasing security incidents.

Lenders reinforce security measures By harnessing the power of chip-embedded ID cards, AI, and reliable population data, banks in Vietnam are reinforcing security measures and revolutionising banking services for their customers.