AWS enhances cloud security

As organizations face increasingly sophisticated cyber threats, Amazon Web Services (AWS) unveiled a suite of new security capabilities at AWS re:Inforce, its annual cloud security conference it held on June 17 and 18 in Philadelphia, US, to help customers of all sizes strengthen their digital defenses.

“Our customers across the region, including in Vietnam, do face active security threats,” said Mr. Bryce Boland, Head of Security Solutions Architecture for APJ, AWS - the unit responsible for helping customers build secure, reliable solutions with AWS. “We are continuously working to ensure that the cloud services we provide are protected against those threats and to make it as easy as possible for our customers to build securely on the AWS cloud.”

Security threats

There are some common security concerns across the ASEAN region, including in Vietnam. According to AWS’s observation in countries where it receives third-party data, the number of threats, incidents, and other related activities have increased. One concern from AWS’s customers across the region is ransomware, or any kind of attack that results in the unavailability or destruction of the core services they rely on to serve their customers. This is also an issue for customers in Vietnam.

“We have had cases where customers came to us after experiencing a ransomware incident, and we were able to help bring them back online by recovering their systems into the AWS cloud,” Mr. Boland continued. “While this is not a situation we like to see, it does happen. Fortunately, most of our customers are now taking advantage of the resilience of AWS to protect themselves against (such) attacks.”

Another common issue is inadvertent credential leakage. This can happen in a variety of ways, but AWS provides services that allow customers to build securely using short-term, temporary credentials, which helps protect against the loss of credentials and access to infrastructure. AWS’s customers are using these features today to mitigate those types of risks as well.

“What we have been doing to help our customers is focusing on enabling them to implement security controls at scale, so they can ensure that the workloads they’ve moved to AWS are as secure as possible,” he added. “In the vast majority of cases, our customers find that the security they can achieve on AWS is significantly stronger than what they had with their on-premises solutions.”

Specific solutions needed

At AWS re:Inforce conference, AWS announced several key services to simplify security management while providing even more comprehensive protection. Here are three of them:

First, the new AWS Security Hub helps customers identify their most critical security issues and respond quickly to reduce risks. It acts as a kind of “security command center”, connecting the dots between different types of security alerts and vulnerabilities. This helps security teams quickly spot and prioritize active threats to their cloud systems. By bringing everything together into one place, AWS Security Hub provides a clearer picture of an organization’s security status while eliminating the need to manually gather information from multiple security tools. AWS Security Hub is now available in preview for AWS customers.

Second, AWS Shield is enhancing how it protects websites and online applications by proactively finding network security configuration mistakes and weaknesses. The service now creates a map of customers’ security resources, identifying vulnerabilities to common attacks like SQL injections (when hackers try to access data through website forms) and Distributed Denial-of-Service, or DDoS attacks (when attackers overwhelm websites with fake traffic to make them crash).

AWS Shield provides an easy-to-understand dashboard that highlights issues by severity, along with step-by-step instructions for fixing problems quickly. Customers can even use Amazon Q, the most capable generative AI-powered assistant for work, to receive guidance through simple conversations, rather than navigating complex security settings.

Third, AWS announced expanded capabilities for Amazon GuardDuty through Extended Threat Detection (XTD), which now protects container-based applications running on Amazon Elastic Kubernetes Service (EKS). Amazon GuardDuty connects various security signals across customers’ systems to detect sophisticated attack patterns that might otherwise go unnoticed. By monitoring EKS audit logs, runtime behavior, and AWS activity, Amazon GuardDuty can now better identify complex, multi-stage attacks.

These improved detection capabilities allow security teams to spend less time investigating potential issues and more time addressing genuine threats, reducing the impact on business operations.

“Every company is now entering the phase where they need to leverage AI to drive business value,” Mr. Boland said. “Our customers are looking to us for support in doing so, safely and securely. At the core of AWS, we ensure all our infrastructure is designed and built with resilience and security in mind.”

“We see many customers, including in Vietnam, taking advantage of the robust security provided by AWS’s underlying cloud services,” he noted. “We have many customers in Vietnam actively using our security services to protect themselves against threats.”

 

As security challenges continue to evolve, AWS is committed to ensuring organizations stay ahead of potential risks. For example, it now has 100 per cent multi-factor authentication enforcement for all root users across all types of AWS accounts. The new security capabilities announced provide customers with deeper visibility, streamline security operations, and help protect their cloud environments more effectively.

By building security capabilities that empower innovation and creating guardrails that give organizations the confidence to scale rapidly, AWS is helping customers build stronger security postures with less effort, allowing them to focus more resources on growth.