What's New With AWS Security? | February Edition

It's that time of the month where we go through the latest and greatest updates to AWS security services.

Feel free to check out the previous articles within this series to get yourself updated on what AWS has been up to in terms of security.

Series: What's New With AWS Security?
 

What's New With AWS Security Now?

It's not everyday that you get to hear something being updated on AWS security services and it was a case where AWS only announced a handful of updates to its services.

 
Let's take a look at the latest additions to the AWS security services.

 
Announcement Date: 01/02/2024

1. Amazon Cognito adds signing, encryption, and Identity Provider-initiated SSO for SAML federation

Announcement Date: 06/02/2024

1. AWS WAF announces Captcha improvements

Announcement Date: 09/02/2024

1. Amazon GuardDuty Malware Protection now supports scanning EBS managed key encrypted volumes
2. AWS IoT Core supports Online Certificate Status Protocol Stapling for server certificates

Announcement Date: 13/02/2024

1. Amazon GuardDuty Runtime Monitoring protects clusters running in shared VPC

Announcement Date: 23/02/2024

1. Remediating non-compliant resources with AWS Config rules is now available in Canada West (Calgary)

Announcement Date: 29/02/2024

1. Amazon Security Lake now supports audit logs from Amazon EKS
2. Amazon Security Lake enhances analytics performance with OCSF 1.1.0 and Apache Iceberg
3. AWS Backup now supports restore testing for Amazon Aurora continuous backups

 

Noteworthy Updates To Services

Like always some of these announcements stood out of the rest of the list, so let's take a look at them!

1. Amazon Cognito

Amazon Cognito now comes with 3 brand new features that SAML federation:

1. IdP-Initiated Login
2. Encrypted SAML assertion/response
3. Signed SAML requests

This video talks in-depth about these new features and how you can also start using it today!
 

2. Amazon GuardDuty

Now you can run on-demand malware scans on EBS volumes attached to EC2 instances and container workloads that are encrypted by EBS managed keys!

Findings may include information such as Threat, File Name, File Path, EC2 instance ID, Container ID and Container Image used

Amazon GuardDuty Runtime Monitoring can now detect threats running in all supported compute services running in a shared VPC.
 

3. AWS WAF

AWS WAF introduced support for 8 additional languages within the audio captcha; Newly added languages include Spanish, German, French, Portuguese, Italian, Turkish, Dutch, and Arabic.

The service also introduced a new form of captcha puzzle called Grid Captcha. This improves user pass through rates thus improving the overall user experience.

Admins can now deactivate or rotate any captcha API keys if they suspect any suspicious activity before they can be misused.
 

Wrapping Up

I must say that the month of February brought some good improvements into the AWS security services arsenal that's definitely going to help organizations stay on top of their security game!

Within this article I've highlighted some of the major service announcements and feature introductions that were noteworthy. There may have been some announcements that I didn't cover in this month's announcement, therefore feel free to mention what you think was important in the comment section.

Stay Tuned for the next edition of "What's New With AWS Security"!

Thank you for reading. I hope you found this useful.