 [Rob Wright](/author/robert-wright), Senior News DirectorJune 20, 2025 4 Min Read  Source: Peachaya Tanomsup via Alamy Stock Photo [](https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/cloud-security/aws-enhances-cloud-security-better-visibility)[](http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/cloud-security/aws-enhances-cloud-security-better-visibility)[](http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/cloud-security/aws-enhances-cloud-security-better-visibility)[](https://www.reddit.com/submit?url=https://www.darkreading.com/cloud-security/aws-enhances-cloud-security-better-visibility&title=AWS%20Enhances%20Cloud%20Security%20With%20Better%20Visibility%20Features)[](mailto:?subject=AWS Enhances Cloud Security With Better Visibility Features&body=I%20thought%20the%20following%20from%20Dark%20Reading%20might%20interest%20you.%0D%0A%0D%0A%20AWS%20Enhances%20Cloud%20Security%20With%20Better%20Visibility%20Features%0D%0Ahttps%3A%2F%2Fwww.darkreading.com%2Fcloud-security%2Faws-enhances-cloud-security-better-visibility) AWS RE:INFORCE 2025 — Philadelphia — This week at its re:Inforce 2025 conference, Amazon Web Services unveiled a range of security enhancements to AWS Security Hub, AWS Shield and Amazon GuardDuty to help customers strengthen their defenses and obtain better contextualization around impending threats. The cloud giant also rolled out additional capabilities for identity and access management while announcing a milestone for multi-factor authentication adoption.In the conference’s opening keynote, AWS CISO Amy Herzog announced the company had reached 100% multi-factor authentication enforcement for management and standalone accounts with root access. The milestone comes after several years of [MFA promotion](https://www.techtarget.com/searchsecurity/news/252523179/AWS-issues-MFA-call-to-action-at-reInforce-2022) and mandatory rollouts from the company. The company also added support for FIDO 2 passkeys. ‘MFA is the single best security practice that you can implement to protect your accounts from unauthorized access — period,’ she said in [her keynote](https://www.youtube.com/watch?v=3Qj7rypkzGg).Expanding IAM Access Analyzer—————————–To help organizations embrace the principle of least privilege and building access policies that have fine-grained permissions, AWS announced a new feature for its IAM Access Analyzer tool called ‘internal access findings.’ [IAM Access Analyzer,](https://www.techtarget.com/searchaws/news/252476539/AWS-security-faces-challenges-after-a-decade-of-dominance) initially introduced in 2019, automatically develops policies for organizations based on [AWS CloudTrail](https://www.techtarget.com/searchsecurity/definition/AWS-CloudTrail) log data about what services and actions are being used. The internal access findings feature gives organizations the ability to see exactly who has access to critical AWS resources. Powered by automated reasoning, the feature automatically checks permissions every day and issues notifications about newly created permissions. Related:[Orca Security Gets AI-Powered Remediation From Opus Deal](/cloud-security/orca-security-ai-powered-remediation-opus) ‘With all of your access information now in one simple dashboard, you can monitor internal and external access in one view, making it much easier to spot and fix security issues,’ Herzog said.Hart Rossman, vice president of global security services at AWS, tells Dark Reading that automated reasoning is a key underpinning of IAM Access Analyzer. ‘It’s like having a mathematician in your pocket, continually evaluating the correctness of your identity infrastructure,’ he says.The increased visibility into identity infrastructure and access activity is also crucial for any organization, Rossman says. ‘From an incident response perspective, whether or not identity was the reason for a security issue, the first thing you want to do is validate your identity infrastructure.’Revamped AWS Security Hub————————-The company released a preview of the new version of [AWS Security Hub](https://www.techtarget.com/searchaws/blog/AWS-Cloud-Cover/AWS-month-in-review-Security-Hub-goes-live-at-AWS-security-conference), a centralized tool for posture management that aggregates signals from various AWS security products and services. The new hub offers enhanced contextualization and correlation around the massive amount of security signals organizations have to sift through, AWS said. Related:[Fortra Expands SSE Capabilities With Lookout’s Cloud Security Business](/cloud-security/fortra-expands-sse-lookout-cloud-business) * The hub’s ‘exposure summary’ feature analyzes the signals and automatically generates findings about security weaknesses and exposures and prioritizes them for users.* The ‘security summary’ feature identifies potential gaps in organizations’ security posture. For example, it can collect data from Amazon Inspector regarding vulnerabilities and generate findings about flaws that require mitigation.* The ‘resources summary’ generates an inventory of all customer resources under Security Hub so organizations can see what assets have security weaknesses and how severe they are.Rod Wallace, general manager of vulnerability management at AWS, says the objective is provide additional context around security signals and automatically generate findings that customers’ security teams can use for quicker and more effective responses. ‘Analytics is cool, but that’s not solving the security issue,’ he says. ‘You really want people on the response side and the sort of higher level security functions and not spending all their time on the tier 1 stuff. ‘Related:[AuthZEN Aims to Harmonize Fractured Authorization Controls](/cloud-security/authzen-aims-harmonize-fractured-authorization-controls)Enhancements to AWS Shield, Amazon GuardDuty——————————————–The cloud giant extended threat detection capabilities to container-based applications, which can be a challenge for security teams to defend. Multi-stage attacks on containerized applications can exploit vulnerabilities in the container frameworks and use privilege escalation and lateral movement within Amazon Elastic Kubernetes Service (EKS) clusters. Amazon GuardDuty now covers such threats targeting EKS clusters by automatically correlating data and signals — from EKS audit logs and runtime activity to AWS API activity — to identify threat activity in containers that might otherwise go undetected.[AWS Shield](https://www.techtarget.com/searchaws/tip/AWS-Shield-provides-DDoS-attack-protection-as-threats-mount) got a new network security director feature, which identifies misconfigurations and other security issues that can be exploited by distributed denial-of-service (DDoS) attacks and other network-focused threats. Now in preview, network security director identifies and analyzes organizations’ network resources, connections and configurations, and then prioritizes the resources that are most in need of remediation while generating specific recommendations for fixes.Rob Kennedy, vice president of network services at AWS, says network security director was created to quickly identify network weaknesses and misconfigurations for customers and enable them to make the conscious decisions about to protect their resources.’What we’ve heard from customers is ‘I have large environments and there are lots of different components, and it’s hard for me to know that everything is configured properly, ” he says. ‘That is what keeps people up at night.’ [](https://www.linkedin.com/sharing/share-offsite/?url=https://www.darkreading.com/cloud-security/aws-enhances-cloud-security-better-visibility)[](http://www.facebook.com/sharer/sharer.php?u=https://www.darkreading.com/cloud-security/aws-enhances-cloud-security-better-visibility)[](http://www.twitter.com/intent/tweet?url=https://www.darkreading.com/cloud-security/aws-enhances-cloud-security-better-visibility)[](https://www.reddit.com/submit?url=https://www.darkreading.com/cloud-security/aws-enhances-cloud-security-better-visibility&title=AWS%20Enhances%20Cloud%20Security%20With%20Better%20Visibility%20Features)[](mailto:?subject=AWS Enhances Cloud Security With Better Visibility Features&body=I%20thought%20the%20following%20from%20Dark%20Reading%20might%20interest%20you.%0D%0A%0D%0A%20AWS%20Enhances%20Cloud%20Security%20With%20Better%20Visibility%20Features%0D%0Ahttps%3A%2F%2Fwww.darkreading.com%2Fcloud-security%2Faws-enhances-cloud-security-better-visibility) About the Author—————- [Rob Wright](/author/robert-wright) Senior News Director, Dark Reading Rob Wright is a longtime reporter and senior news director for Informa TechTarget’s security team. He is based in the Boston area. [See more from Rob Wright](/author/robert-wright) Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox. [Subscribe](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_defa3135&ch=drwebbutton) More Insights Webinars* [The Rising Role of Machine Learning and Artificial Intelligence in Enterprise Security](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&pc=w_palo304&ch=SBX&cid=_upcoming_webinars_8.500001571&_mc=_upcoming_webinars_8.500001571)Jun 24, 2025* [Securing the Hybrid Workforce: Challenges and Solutions](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_okta40&ch=SBX&cid=_upcoming_webinars_8.500001569&_mc=_upcoming_webinars_8.500001569)Jun 25, 2025* [The State of Software Supply Chain Security: Priorities, Progress -& Persistent Gaps](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_bits18&ch=SBX&cid=_upcoming_webinars_8.500001567&_mc=_upcoming_webinars_8.500001567)Jun 26, 2025* [Think Like a Cybercriminal to Stop the Next Potential Attack](https://dr-resources.darkreading.com/c/pubRD.mpl?secure=1&sr=pp&_t=pp:&qf=w_cmdc03&ch=SBX&cid=_upcoming_webinars_8.500001572&_mc=_upcoming_webinars_8.500001572)Jul 22, 2025* [The DOGE-effect on Cyber: What’s happened and what’s next?](https://www.brighttalk.com/webcast/18975/628444?utm_source=brighttalk-darkreading&utm_medium=web&utm_campaign=curation04242025&cid=_upcoming_webinars_8.500001554&_mc=_upcoming_webinars_8.500001554)Jul 24, 2025[More Webinars](/resources?types=Webinar) Events* [-[Virtual Event-] Strategic Security for the Modern Enterprise](https://ve.informaengage.com/virtual-events/strategic-security-for-the-modern-enterprise/?ch=sbx&cid=_session_16.500334&_mc=_session_16.500334)Jun 26, 2025* [-[Virtual Event-] Anatomy of a Data Breach](https://ve.informaengage.com/virtual-events/an-anatomy-of-a-data-breach-and-what-to-do-if-it-happens-to-you/?ch=sbx&cid=_session_16.500333&_mc=_session_16.500333)Jun 18, 2025* [-[Conference-] Black Hat USA – August 2-7 – Learn More](https://www.blackhat.com/us-25/?_mc=we_bhas25_drcuration&cid=_session_16.500330)Aug 2, 2025[More Events](/events)You May Also Like*** ** * ** ***[Сloud SecurityKubernetes Pods Are Inheriting Too Many Permissions](https://www.darkreading.com/cloud-security/kubernetes-pods-inheriting-permissions) [Сloud SecurityCyberattackers Accessed HealthEquity Customer Info via Third Party](https://www.darkreading.com/cloud-security/cyberattackers-accessed-healthequity-customer-info-third-party) [Сloud SecurityPatch Now: ServiceNow Critical RCE Bugs Under Active Exploit](https://www.darkreading.com/cloud-security/patchnow-servicenow-critical-rce-bugs-active-exploit) [Сloud SecurityMultifactor Authentication Is Not Enough to Protect Cloud Data](https://www.darkreading.com/cloud-security/multi-factor-authentication-not-enough-to-protect-cloud-data)
Related Tags:
NAICS: 334 – Computer And Electronic Product Manufacturing
NAICS: 541 – Professional
Scientific
Technical Services
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 33 – Manufacturing – Metal
Electronics And Other
NAICS: 51 – Information
Blog: Dark Reading
Container and Resource Discovery
Obtain Capabilities: Vulnerabilities
Obtain Capabilities
Associated Indicators: