From AWS Security Blog · 19 stories
Amazon Bedrock Expands Features for AI Model Management and Deployment
Amazon Bedrock introduced various updates, including resource-based policies for multi-tenant AI agents, managed entitlements for model access, the AG-UI protocol for UI design, and support for new AI models like NVIDIA Nemotron and OpenAI's models in AWS GovCloud (US). These enhancements aim to streamline model management, improve security and compliance, and enhance user interactions, benefitting SaaS providers, enterprise users, and government agencies.
AWS expands AI and agent capabilities at NY Summit 2026
AWS announced several new AI and agent capabilities during its New York Summit 2026. Key updates include the Amazon Bedrock AgentCore enhancements, AWS Continuum for proactive AI-native security, and the Agentic CX designer for Amazon Connect. These innovations aim to streamline AI development, security, and customer experience processes.
AWS Network Firewall introduces container attribute-based rules for EKS and ECS
AWS Network Firewall now supports container attribute-based rules for Amazon EKS and ECS, enhancing security for traffic in Kubernetes environments. This feature allows users to define firewall rules based on container attributes instead of transient IP addresses, addressing challenges in dynamic container workloads.
AWS CIRT updates Threat Technique Catalog, focusing on container security
The AWS Customer Incident Response Team updated the Threat Technique Catalog, adding five new entries focused on container security, organization-level trust, and compute hijacking. This update provides essential insights into recent security threats, particularly around AWS Elastic Kubernetes Service, helping organizations mitigate risks in their cloud environments.
AWS adds resource-based policies for console access control from specific networks
AWS introduced resource-based policies and resource control policies to restrict AWS Management Console access to specific networks. This change allows organizations to enforce network-based restrictions for compliance and security purposes, significantly enhancing AWS account security.
AWS emphasizes egress controls to prevent data exfiltration in cloud workloads
Amazon Web Services (AWS) highlights the importance of egress controls to prevent data exfiltration in cloud environments. With traditional threats and emerging AI architectures posing risks, proper egress monitoring is necessary to detect unauthorized data flows and secure workloads.
Kiro CLI simplifies AWS security investigations with AI assistance
Kiro has introduced Kiro CLI, an AI-powered tool that assists security teams in investigating AWS incidents. It streamlines the process by providing AWS CLI command suggestions and explanations, significantly reducing the time required for investigations.
AWS Releases Spring 2026 SOC Reports with 188 Services, Now in OSCAL Format
AWS has released its Spring 2026 System and Organization Controls (SOC) 1, 2, and 3 reports, covering 188 services. The SOC 1 and 2 reports are available in both PDF and OSCAL formats for the first time, enhancing automation and efficiency in compliance workflows. These reports provide AWS customers with assurance spanning April 2025 to March 2026, reflecting AWS's ongoing commitment to meeting cloud service compliance standards.
AWS Launches Continuum for Automated Security Vulnerability Management
AWS introduced Continuum for code vulnerabilities, designed to automate the security lifecycle from discovery to resolution. It aims to prioritize vulnerabilities using contextual data and machine reasoning, addressing the increasing backlog of threats facing enterprises.
AWS security maturity roadmap provides phased improvement strategy
A new maturity roadmap for AWS security operations introduces a six-phase process aimed at improving security practices. By integrating AWS Security Hub and Amazon GuardDuty, organizations can enhance their threat detection and overall security posture.
Amazon Cognito enhances services with high-throughput, encryption, and replication features
Amazon Cognito has introduced high-throughput performance, customer-managed keys, and multi-Region replication capabilities. These enhancements support modern applications and improve data security and business continuity.
AWS Shield Advanced introduces DDoS attack flow logs for enhanced visibility
AWS Shield Advanced now includes attack flow logs that capture traffic metadata during DDoS attacks. This enables better analysis of attack traffic, showing the origins and mitigating actions taken, integrating seamlessly with existing monitoring tools.
Amazon Cognito introduces Lambda trigger for federated sign-in customization
Amazon Cognito has launched an inbound federation Lambda trigger, allowing developers to programmatically manage federated authentication flows. This feature enables customization of user attributes received from external identity providers before they are mapped in the Cognito user pool, addressing challenges in identity federation.
AWS KMS launches GetKeyLastUsage API for key management
AWS has introduced the GetKeyLastUsage API, allowing users to check when KMS keys were last utilized. This tool simplifies auditing and reduces reliance on AWS CloudTrail logs, enhancing key management efficiency and compliance tracking.
AWS Network Firewall Supports Transit Gateway Attachment for Cost Optimization
AWS Network Firewall now allows attachment to Transit Gateway, streamlining traffic routing without needing a central inspection VPC. This simplifies network architecture and enables flexible cost allocation for traffic inspection, making it more efficient for AWS users.
AWS Network Firewall introduces URL and Domain Category filtering for easier policy management
AWS Network Firewall now enables URL and domain category filtering, allowing security teams to manage access via predefined categories rather than individual domains. This update simplifies policy management and ensures domain lists stay current automatically, particularly benefiting organizations overseeing rapidly changing areas like AI services.
AWS Workload Credentials Provider enables cross-account secret retrieval
AWS introduced features in the Workload Credentials Provider for cross-account secret retrieval and latency reduction via prefetching. This allows faster access to secrets, improving application performance across multiple AWS accounts.
Guide on Detecting and Preventing Subdomain Takeovers
This article outlines how to identify and prevent subdomain takeovers, a tactic where threat actors exploit dangling DNS records. It stresses the importance of managing DNS configurations to mitigate risks associated with this security vulnerability.
Using Amazon Cognito and Verified Permissions for Access Control in B2C Apps
Developers can implement fine-grained access control in B2C applications using Amazon Cognito and Amazon Verified Permissions. This framework aids in managing user authentication and authorization efficiently, minimizing development efforts while enhancing security.