Security Learning

Why AWS?

Security in the cloud is similar to security in your on-premises data centers — only without the costs of maintaining facilities and hardware. In the cloud, you don’t have to manage physical servers or storage devices. Instead, you use software-based security tools to monitor and protect the flow of information into and of out of your cloud resources. For this reason, cloud security is a Shared Responsibility between the customer and AWS, where customers are responsible for “security in the cloud” and AWS is responsible for “security of the cloud.”

The AWS cloud allows you to scale and innovate while maintaining a secure environment. As an AWS customer, you will benefit from data centers and network architecture designed to meet the requirements of the most security-sensitive organizations. AWS infrastructure is custom-built for the cloud and is monitored 24x7 to help protect the confidentiality, integrity, and availability of our customers’ data. Browse this page to learn more about key topics, areas of research, and training opportunities for cloud security on AWS.

Use Cases

AWS cryptography tools and services utilize a wide range of encryption and storage technologies that can help you protect your data at rest and in transit. Traditionally, data has to be decrypted before it can be used in a computation. Cryptographic computing is a technology that operates directly on cryptographically protected data so that sensitive data is never exposed.

Learn more

AWS is already at work, preparing for a post-quantum world. AWS has invested in the migration to post-quantum cryptography by contributing to post-quantum key agreement and post-quantum signature schemes to protect the confidentiality, integrity, and authenticity of customer data.

Learn more

AWS uses automated reasoning technology — the application of mathematical logic to assess cloud security — to help detect misconfigurations and answer critical questions about your infrastructure. Known as provable security, AWS leverages leading insight and applications from AWS security experts to help you achieve the highest possible level of security assurance in the cloud.

Learn more

Ransomware is not specific to the cloud—in fact, AWS can provide increased visibility and control over your security posture against malware. Raising your security posture begins with reviewing your security program and controls against best practices from AWS, third party organizations, and your internal policies.

Learn more

Zero Trust is a security model centered on the idea that access to data should not be solely made based on network location. To help you on this journey, a number of AWS identity and networking services provide core Zero Trust building blocks as standard features that can be applied to both new and existing workloads.

Learn more

Security Documentations

Security is a key component of your decision to use the cloud. This documentation can help your organization get in-depth information about both the built-in and the configurable security of AWS services. This information goes beyond “how-to” and can help developers — as well as Security, Risk Management, Compliance, and Product teams — assess a service prior to use, determine how to use a service securely, and get updated information as new features are released. To learn more about how customers use security documentation, read the AWS Security blog post.

Documentation

Security in AWS Elastic File System
Learn more »

Documentation

Security in AWS Key Management Service
Learn more »

Documentation

Security in Amazon S3
Learn more »

Training

Organizations need individuals with deep security knowledge to help protect their business. AWS training courses enable you to build the skillset you need to meet your security and compliance objectives. With a variety of content and training materials curated by experts at AWS, you can stay up-to-date with evolving best practices and security trends in the industry — whether you’re new to the cloud or “all-in” on AWS.

Learn more about Training

Cloud Audit Academy

Cloud Audit Academy (CAA) is an AWS Security Auditing Learning Path designed for those that are in auditing, risk, and compliance roles and are involved in assessing regulated workloads in the cloud. The CAA curriculum dives into cloud-specific audit considerations and AWS best practices for security auditing aligned to global industry security and compliance frameworks.

AWS Cloud Audit Academy

AWS Security Control Domains

AWS Security Control Domain: Data Privacy
AWS Security Control Domain: Vulnerability Management
AWS Security Control Domain: Governance
AWS Security Control Domain: User Device Management
AWS Security Control Domain: Risk Management
AWS Security Control Domain: Network Management
AWS Security Control Domain: Managing Identity & Access
AWS Security Control Domain: Incident Response
AWS Security Control Domain: Configuration Management
AWS Security Control Domain: Business Continuity

AWS Security Control Domains

AWS Security Control Domains

AWS Security Control Domains

Whitepapers, Technical Guides, and Reference Materials

AWS security specialists leverage their first-hand experience to craft technical content that helps expand your knowledge of cloud security. These whitepapers, guides, and reference materials cover best practices for leading trends in the industry, including incident response, compliance in the cloud, and privacy considerations. Peruse the technical content library below to find guidance on how to securely build your future on AWS. You can also visit the AWS Architecture Center to see more best practices for security, identity, and compliance.

  • Date
1
Contact an AWS Business Representative
Have Questions? Connect with AWS Support
Exploring security roles?
Apply today »
Want AWS Security updates?
Follow us on Twitter »