- AWS has managed to enforce MFA for 100% of root users
- Performance is a great progress for AWS Cloud platform
- Several major security notifications were made at Re: Informce
Amazon Web Services (AWS) says it has managed to get 100% of root users to enforce multi-factor approval across all account types.
The news represents a significant milestone in security position, with AWS fully fulfilling its previous obligation to enforce the use of MFA for control and standalone accounts with rode access.
Chief Information Security Officer Amy Herzog published the milestone announcement on the company’s AWS RE: Informce Conference and said, “I am so happy to say that we now have 100 percent MFA enforcement for root users.”
AWS continues voluntary obligations
As an achievement on your own, this is greater, but what makes it even more impressive is that 100% MFA Root -User Account -Milbele is part of AWS ‘voluntary obligations for cyber security and infrastructure security agency (CISA) secure by the Design Initiative.
Multifactor approval has become an important part of most organizations’ security structure that offers a phishing-resistant verification method that can stop an attacker in their tracks, even though they have got their hands on a stolen username and password.
However, this was not the only significant security announcement made at Re: Informce – as AWS also announced some significant new features that have been added to platform identity and access management hub. Within Access Analyzer, you can now check which users have access to critical resources on a central dashboard.
AWS Security Hub now offers messages and signals ranked by their significance to help security teams tackle the most pressing problems first.
“For example, the Security Hub can combine the multi-trusses detected by Guardduty expanded threat detection with other signals such as vulnerabilities, and prioritize critical security questions and help you simplify your overall cloud security operations throughout your organization,” Herzog said.
In addition, Guardduty Extended Threat Detection now offers support for container -based applications running at Amazon Elastic Kubernetes Service.
AWS Shield has also been increased with a new network security director looking for incorrect configuration on the network that could be utilized during a distributed attack attack or SQL injection.
