What's New With AWS Security? | November Edition

If you're also like me, then you must have also had a tough time understanding and keeping up with all the new services and updates that AWS provides for its security services.

I am going to be starting this first edition of a series that will focus on consolidating the most important and noteworthy updates in the realm of AWS security so that you have a single place to keep yourself up-to-date.

Without further ado, let's get stuck right into this month's noteworthy updates and releases on AWS security.

Announcement Date: 02/11/2023

1. AWS IAM action last accessed information for more than 60 additional services
2. IAM Access Analyzer policy generation now extends coverage to over 200 AWS services

Announcement Date: 09/11/2023

1. Amazon GuardDuty introduces new machine learning capability to enhance threat detection for Amazon EKS detections

Announcement Date: 10/11/2023

1. Amazon CloudFront announces unified security dashboard

Announcement Date: 14/11/2023

1. Announcing new dashboards in AWS Web Application Firewall

Announcement Date: 15/11/2023

1. AWS Audit Manager launches its first GRC integration with MetricStream
2. AWS CloudTrail Lake announces new pricing option optimized for flexible retention

Announcement Date: 16/11/2023

1. AWS Managed Microsoft AD adds support for One Identity Active Roles
2. New organization-wide IAM condition keys to restrict AWS service-to-service requests
3. AWS IAM Identity Center enhances the multi-factor authentication (MFA) defaults for new IAM Identity Center instances

Announcement Date: 17/11/2023

1. AWS IAM Identity Center provides new account instance for faster evaluation and adoption of AWS managed applications
2. AWS IAM Identity Center now provides new APIs to automate access to applications

Announcement Date: 20/11/2023

1. Announcing AWS IAM Identity Center APIs for visibility into workforce access to AWS
2. Amazon Verified Permissions now supports batch authorization

Announcement Date: 21/11/2023

1. Amazon Verified Permissions now provides an enhanced visual mode for schema editing

Announcement Date: 26/11/2023

1. AWS Analytics simplify users’ data access across services with IAM Identity Center
2. Amazon Detective introduces finding group summaries using generative AI
3. Amazon Detective now supports log retrieval from Amazon Security Lake
4. Amazon Detective announces investigations for IAM
5. Amazon Detective supports security investigations for Amazon GuardDuty ECS Runtime Monitoring
6. Introducing Amazon GuardDuty ECS Runtime Monitoring, including AWS Fargate
7. AWS Secrets Manager now supports batch retrieval of secrets
8. IAM Access Analyzer introduces custom policy checks powered by automated reasoning
9. AWS Config now supports periodic recording: Efficiently scale your change tracking
10. New from AWS: You can now customize security controls in AWS Security Hub
11. IAM Access Analyzer now simplifies inspecting unused access to guide you toward least privilege
12. Amazon GuardDuty now supports runtime monitoring for Amazon EC2 (Preview)
13. Amazon Inspector expands AWS Lambda code scanning with generative AI powered remediation
14. AWS Config launches generative AI-powered natural language querying (Preview)
15. Announcing new central configuration capabilities in AWS Security Hub
16. Amazon Inspector agentless vulnerability assessments for Amazon EC2 now in preview
17. Announcing major dashboard enhancements in AWS Security Hub
18. Announcing new finding enrichment in AWS Security Hub
19. Request a Cyber Insurance Quote from an AWS Cyber Insurance Competency Partner
20. AWS Built-in Competency Partner software automates Installation for customers
21. Amazon Inspector enhances container image security by integrating with developer tools

 

Noteworthy Updates To Services:

 

1. AWS IAM

• AWS IAM now provides last accessed information more an additional 60 services!
• AWS IAM expands its policy generation to identify actions of over 200 AWS services!  

2. AWS Security Hub

1. Customize certain specifics such as password policies, retention frequencies and other attributes without abandoning the use of managed controls
2. Setup delegated administrators for all regions at once and configure CSPM capabilities such as standards and controls on all or some accounts globally without needing to configure them on an account or region basis
3. Custom dashboard and widget capabilities
4. New data enrichment adds resource tag, a new application tag, and account name tag into every finding ingested into Security Hub for findings from services such as Amazon GuardDuty, Amazon Inspector, and AWS IAM Access Analyzer.  

3. Amazon Inspector

1. Amazon Inspector enables generative AI powered remediation for findings with automated reasoning
2. Amazon Inspector now integrates with Jenkins and TeamCity for container image assessments. Once activated Amazon Inspector monitors your environment for known vulnerabilities within EC2 instances, container images in Amazon Elastic Container Registry, CI/CD tools and Lambda functions.
3. Enable Amazon Inspector hybrid scan mode for agentless vulnerability assessments on your EC2 instances (Preview Feature)  

4. Amazon Detective

1. Group summaries with the use of generative AI to automatically analyze and provide insights into findings in natural language
2. Amazon Detective integrates with Amazon Security Lake to enable querying and log retrieval from Security Lake. This helps you get additional information from AWS CloudTrails and Amazon VPC Flow logs within the security lake when conducting investigations within Amazon Detective
3. Automatically investigate AWS IAM entities for IOCs
4. Amazon Detective now provides enhanced visualization and additional context for Amazon GuardDuty Elastic Container Service Runtime Monitoring findings  

5. Amazon GuardDuty

1. Amazon GuardDuty Introduces new machine learning capabilities to detect threats within Amazon Kubernetes Service clusters
2. Amazon GuardDuty now supports Amazon Elastic Container Service workloads including AWS Fargate
3. Amazon GuardDuty now supports runtime monitoring for EC2 workloads while giving visibility into operating system-level activities and container-level context into threats that are detected (Preview Feature)

 

Wrapping Up

I've highlighted some of the major service announcements and feature introductions that were noteworthy. There may have been some announcements that I didn't cover in this month's announcement, therefore feel free to mention what you think was important in the comment section.

Stay Tuned for the next edition of "What's New With AWS Security?"!

Thank you for reading. I hope you found this useful.

Comments

[Lakindu Hewawasam]

Finally, it's been hard keepin up with all the announcements :)