DEV Community

Cover image for Issue 53 of AWS Cloud Security Weekly
AJ for AWS Community Builders

Posted on • Originally published at aws-cloudsec.com

Issue 53 of AWS Cloud Security Weekly

(This is just the highlight of Issue 53 of AWS Cloud Security weekly @ https://aws-cloudsec.com/p/issue-53 << Subscribe to receive the full version in your inbox weekly for free!!).

What happened in AWS CloudSecurity & CyberSecurity last week July 09-July 16, 2024?

  • AWS Security Hub has introduced 24 new security controls (total offerings now 418).
  • Amazon S3 Express One Zone now supports logging all data plane API actions in AWS CloudTrail, providing detailed insights into the users making API calls to S3 Express One Zone and the timestamps of these calls. With AWS CloudTrail, you can now log not only directory and bucket-level actions like CreateBucket and DeleteBucket but also object-level activities such as PutObject and GetObject for S3 Express One Zone.
  • AWS Secrets Manager introduced Secrets Manager Agent, a language-agnostic local HTTP service designed for fetching secrets from Secrets Manager and caching them in memory within your compute environments. This release enables you to streamline and unify the process of accessing secrets across various compute environments, eliminating the necessity for custom code.
  • AWS Partner Central now includes support for multi-factor authentication (MFA) during login. Users will be required to enter a one-time passcode sent to their registered email address in addition to their login credentials to verify their identity.

Trending on the news & advisories (Subscribe to the newsletter for details):

  • Google- Passkeys are now available for high risk users to enroll in the Advanced Protection Program.
  • CISA and FBI Release Secure by Design Alert on Eliminating OS Command Injection Vulnerabilities

Top comments (0)