Highlights:

  • The most notable announcement was that passkeys are now supported by AWS Identity and Access Management as a second authentication factor, making cross-device sign-ins simpler and more secure.
  • With new AI-powered natural language query generation, AWS Cloudtrail Lake—Amazon’s managed service that lets businesses store, access, and analyze AWS activity events—has received an AI boost.

AWS reassured security commitment at the annual re: Inforce conference. Amazon Web Services Inc. disclosed a series of latest AI-powered features and enhanced security provisions.

According to reports, the seven major reasons why security will always remain Amazon’s highest priority are all associated with the new features. Getting the fundamentals right, integrating security into everyone’s work, and demanding security as a prerequisite for innovation are some of the justifications.

The most notable announcement was that passkeys are now supported by AWS Identity and Access Management (IAM) as a second authentication factor, making cross-device sign-ins simpler and more secure. Passkeys are a kind of authentication credential based on the WebAuthentication standard that enable users to log in to websites and services without entering a password.

Using passkeys for multifactor authentication and support for built-in authenticators like Windows Hello facial recognition on PCs and Touch ID on Apple MacBooks, IAM now enables users to securely access their AWS accounts. To sign in to AWS, passkeys can be generated using a hardware security key or by a passkey provider of choice using a fingerprint, face, or device PIN. Passkeys can be synchronized between devices.

With new AI-powered natural language query generation, AWS Cloudtrail Lake—Amazon’s managed service that lets businesses store, access, and analyze AWS activity events—has received an AI boost. Without needing to create intricate SQL queries, customers may utilize this capability to examine AWS activity events in CloudTrail Lake and pose inquiries.

AWS Audit Management is also getting more focus on AI. It has recently released an updated version of the generative AI best practices framework that gives insights into how a client is using generative AI on Amazon SageMaker and Amazon Bedrock. The AWS framework encompasses 110 controls covering governance, data security, privacy, incident management, and business continuity planning.

AWS IAM Access Analyzer now provides underutilized access recommendations for the least privilege, among other new features. Using the service, users may now warn and streamline developers’ refinement of unnecessary permissions by using the step-by-step recommendations from the IAM Access Analyzer. To proactively identify non-conformant updates to policies that provide public access or access to crucial AWS resources before their deployments, IAM Access Analyzer has significantly expanded its customer policy inspections.

Furthermore, Amazon GuardDuty Malware Protection is now supported by AWS on Amazon S3, enabling customers to check newly uploaded files to S3 buckets for possible malware, viruses, and other questionable uploads. Finally, users can now quickly integrate network services like firewalls, intrusion detection and prevention systems, and other appliances into their international networks due to a new capability in the AWS Cloud WAN service insertion feature.