AWS CISO: Pay Attention to How AI Uses Your Data
Amazon Web Services CISO Chris Betz explains why generative AI is both a time-saving tool as well as a double-edged sword.
Amazon Web Services (AWS) is a cloud platform whose configurations, vulnerabilities, and security advisories can affect hosted data and systems.
Search across headline titles and summaries.
Background for this topic.
Amazon Web Services (AWS) is a cloud platform offering on-demand computing, storage, databases, networking, and managed services. Organizations use it to run applications and process data without operating the underlying physical infrastructure. Security reporting under this tag may concern AWS service flaws, its infrastructure, or weaknesses in customer-configured environments.
AWS follows a shared-responsibility model: AWS secures the cloud infrastructure, while customers must secure identities, data, configurations, and workloads. Material risks include overly broad IAM permissions or stolen credentials, publicly exposed storage or network services, and unpatched virtual machines, containers, or application interfaces. Effective defenses include least-privilege access, encryption, configuration review, timely patching, and centralized audit logging through services such as CloudTrail. Those logs and related telemetry support detection and investigation, while predefined procedures can revoke credentials, isolate workloads, and preserve evidence when an account or resource is compromised.
Amazon Web Services CISO Chris Betz explains why generative AI is both a time-saving tool as well as a double-edged sword.
Cybersecurity researchers have shared details of a now-patched security vulnerability in Amazon Web Services (AWS) Managed Workflows for Apache Airflow (MWAA) that could be potentially exploited by a malicious actor to hijack victims' sessions and achieve remote code execution on underlying instances
A bug exposed users of an AWS workflow management service to cookie tossing, but behind the scenes lies an even deeper issue that runs across all of the top cloud services.
Cybersecurity researchers have shed light on a tool referred to as AndroxGh0st that's used to target Laravel applications and steal sensitive data
The open-source tool from Permiso can help security teams identify threat actors lurking within their AWS and Azure environments.
Ex-Forcepoint CRO John DiLullo to Lead STG-Owned Skyhigh Security on Interim BasisAmazon Web Services hired Gee Rittenhouse to help organizations protect their data and applications in the cloud. Rittenhouse spent more than two years atop San Jose, California-based security service edge vendor Skyhigh and prior to that, more than three years leading Cisco's cybersecurity unit.