Security Benchmarks are distributed free of charge in PDF format to propagate their worldwide use and adoption as user-originated, de facto standards. The CIS Security Benchmarks are the only consensus-based, best-practice security configuration guides both developed and accepted by government, business, industry, and academia.
CSA Cloud Security alliance
- Introduction to AWS Security Processes (June 2016) PDF
- Physical and operational security processes for network and infrastructure under AWS’ management.
- Overview of AWS Security – Analytics, Mobile, and Applications Services (June 2016) PDF
- Security aspects of Amazon EMR, Amazon Kinesis, AWS Data Pipeline, AWS IAM, Amazon CloudWatch, AWS CloudHSM, and more.
- Overview of AWS Security – Application Services (June 2016) PDF
- Security aspects of Amazon CloudSearch, Amazon SES, Amazon SNS, Amazon SQS, Amazon SWF, and more.
- Overview of AWS Security – Compute Services (June 2016) PDF
- Security aspects of the hypervisor usage, instance isolation, and auto scaling.
- Overview of AWS Security – Database Services (June 2016) PDF
- Security aspects of Amazon DynamoDB, Amazon RDS, encryption, and network isolation.
- Overview of AWS Security – Network Security (August 2016) PDF
- Security aspects of the network architecture, access points, transmission protection, and fault-tolerant design.
- Overview of AWS Security – Storage Services (June 2016) PDF
- Security aspects of storage, including data access, data transfer, durability, and access logs.
- Security at Scale: Governance in AWS (October 2015) PDF
- Using governance-enabling features to drive greater security.
- Security at Scale: Logging in AWS (October 2015) PDF
- Overview of common compliance requirements related to logging.
- Cross-Domain Solutions on AWS (December 2016) PDF
- Best practices for deploying a cross-domain solution using AWS services.
- Whitepaper on EU Data Protection (December 2016) PDF
- Meeting EU compliance requirements when using AWS services.
- Secure Content Delivery with Amazon Cloudfront (November 2016) PDF
- Maintaining security while using the Amazon CDN.
- AWS Key Management Service Cryptographic Details (August 2016) PDF
- Detailed description of cryptographic operations when using AWS Key Management Service.
- Introduction to Auditing the Use of AWS (October 2015) PDF
- Shared security model, tools, and appoaches for auditing security.
- Family Educational Rights and Privacy Act (FERPA) Compliance on AWS (May 2015) PDF
- Considerations when using AWS services in FERPA compliance environments.
- Single Sign-On: Integrating AWS, OpenLDAP, and Shibboleth (April 2015) PDF
- Integrating AWS IAM and LDAP for single sign-on solution.
- Using Windows Active Directory Federation Services (ADFS) for Single Sign-On to EC2 (March 2010) PDF
- Single sign-on for hybrid environment.