CloudSecurity

ICYMI: May 2026 @AWS Security

7 min read
Share X / Twitter LinkedIn Reddit WhatsApp


Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts, new service capabilities, code samples, and workshops.

AWS Security Blog posts

This month’s AWS Security Blog posts covered AI security, network protection, identity management, compliance frameworks, and supply chain security. Read on for practical guidance on securing agentic AI workflows, filtering network traffic by category, defending against supply chain attacks, and more.

AI Security

Security posture improvement in the AI era

Author: Celeste Bishop | Published: May 1, 2026

Learn to use the Security Health Improvement Program (SHIP) to strengthen security fundamentals across 10 core use cases for confident AI adoption.

Enabling AI sovereignty on AWS

Author: Stéphane Israël | Published: May 12, 2026

Learn how AWS delivers control and choice across the AI stack to help customers meet digital and AI sovereignty requirements.

The AWS AI Security Framework: Securing AI with the right controls, at the right layers, at the right phases

Authors: Riggs Goodman III, Christopher Rae | May 15, 2026

A structured framework that helps security leaders align the right security controls to the right AI use case, at the right layer, at the right deployment phase.

Why Policy in Amazon Bedrock AgentCore chose Cedar for securing agentic workflows

Authors: Liana Hadarean, Jean-Baptiste Tristan | May 20, 2026

Learn how Cedar’s deterministic authorization, automated reasoning, and formal verification capabilities secure agentic AI tool invocations through Amazon Bedrock AgentCore Gateway.

Infrastructure security

Securing open proxies in your AWS environment

Author: Dodd Mitchell | Published: May 4, 2026

Learn to identify and secure open proxies in your AWS environment to prevent abuse, protect your IP reputation, and control costs.

Introducing AI traffic analysis dashboards for AWS WAF

Authors: Christopher Jen, Eitav Arditti, Kaustubh Phatak | Published: May 5, 2026

A new dashboard providing visibility into AI bot and agent activity including bot identification, intent classification, and access pattern analysis.

Simplifying policy management with URL and Domain Category filtering on AWS Network Firewall

Authors: Lawton Pittenger, Sofía Aluma-Santos, Eric Fortenbery, Mostafa Elkhouly | May 28, 2026

Learn to use AWS Network Firewall’s URL and domain category filtering to control access to website categories like AI services, manage exceptions for approved domains, and monitor traffic patterns with Amazon CloudWatch Logs Insights.

Why and how to migrate to a Transit Gateway-attached AWS Network Firewall

Authors: Frank Phillis, Lawton Pittenger | May 28, 2026

Learn to migrate your centralized AWS Network Firewall deployment to a AWS Transit Gateway-attached model, eliminating the inspection Amazon VPC and enabling flexible cost allocation.

Identity

Regional routing for AWS access portals: Implementing custom vanity domains for IAM Identity Center

Authors: Georgi Baghdasaryan, Laura Reith, Sowjanya Rajavaram | May 14, 2026

Learn to build a custom vanity domain with latency-based routing and automated failover for IAM Identity Center multi-Region access portals.

Automating identity lifecycle and security with AWS Directory Service APIs

Authors: Ali Alzand, Kevin Sookhan | May 21, 2026

Learn to use the new AWS Directory Service Data APIs with Amazon GuardDuty and AWS Step Functions to automate identity lifecycle management and respond to security threats.

Governance and compliance

Announcing the ISO 31000:2018 Risk Management on AWS compliance guide

Authors: Jesse McMahan, Akanksha Chaturvedi, Mayur Jadhav, Juan Rodriguez, Sana Rahman | Published: May 1, 2026

A compliance guide providing practical guidance for establishing a risk management program using ISO 31000:2018 principles in AWS environments.

New compliance guide available: ISO/IEC 42001:2023 on AWS

Authors: Abdul Javid, Amber Welch, Muhammad Sharief, Jonathan Jenkyn, Satish Uppalapati | Published: May 6, 2026

A compliance guide providing practical guidance for designing and operating an Artificial Intelligence Management System (AIMS) using AWS services.

Introducing the updated AWS User Guide to Governance, Risk, and Compliance for Responsible AI Adoption

Authors: Krish De, Stephen James Martin, Brenda Fong, Kelvin Leung | May 13, 2026

An updated guide providing FSI customers practical considerations for responsible AI adoption across governance, risk management, compliance, data management, and AI agent management.

Governing infrastructure as code using pattern-based policy as code

Authors: Guptaji Teegela, Paul Keastead | May 19, 2026

Learn to use Open Policy Agent (OPA) in CI/CD pipelines to validate AWS infrastructure changes before deployment using recurring control patterns.

Import historical data from AWS CloudTrail Lake to Amazon CloudWatch

Authors: Isaiah Salinas, Erik Weber|Published: May 6, 2026

Learn to import historical data from AWS CloudTrail Lake into Amazon CloudWatch for centralized log analysis.

Data protection

Automating post-quantum cryptography readiness using AWS Config

Author: Pravin Nair | May 14, 2026

Learn to use the PQC Readiness Scanner to inventory your ALB, NLB, and Amazon API Gateway endpoints and continuously monitor their TLS configurations for post-quantum cryptography readiness.

Threat detection and response

Detecting and preventing crypto mining in your AWS environment

Authors: Jason Palmer, Nadia Mahmood | May 13, 2026

Learn to use Amazon GuardDuty to identify and mitigate cryptocurrency mining threats in your AWS environment with a multi-layered defense strategy.

Well-architected best practices for software supply chain security

Authors: Trevor Schiavone, Desiree Brunner | May 26, 2026

Learn to apply AWS Well-Architected Framework security best practices to defend against software supply chain attacks like Shai-Hulud using temporary credentials, centralized dependency management, artifact signing, and continuous scanning.

AWS Security Hub Extended: Why enterprise security products should sell themselves

Author: Michael Fuller | May 20, 2026

A thought leadership piece on how AWS Security Hub Extended enables frictionless, pay-as-you-go adoption of curated partner security solutions alongside AWS-native services.

Application Security

Five ways to use Kiro and Amazon Q to strengthen your security posture

Author: Roger Nem | Published: May 5, 2026

Learn to use Kiro and Amazon Q Developer for security finding triage, infrastructure remediation, security reviews, and service control policies (SCP) development.

AWS Security Agent full repository code scanning feature now available in preview

Authors: Ayush Singh, Daniele Bonadiman | May 12, 2026

Learn to use AWS Security Agent’s full repository code review to perform deep, context-aware security analysis of your entire code base.

Training and enablement

Complimentary virtual training: Get hands-on with AWS Security services

Author: Ashley Nelson | Published: May 11, 2026

Security Activation Days are free 3–6 hour virtual workshops providing hands-on practice with AWS security services guided by specialists.

May Security Bulletins

Investigations of reported security vulnerabilities affecting Amazon and AWS services, software, and products.

AWS Samples

This month brings 8 new AWS samples spanning application security, data protection, infrastructure security, governance, and AI security. From AI-powered security agents on Amazon Bedrock AgentCore to centralized AWS Config monitoring at scale, these repositories help you implement security best practices across your AWS environment.

Application Security

Schedule AWS Security Agent penetration test

Learn to deploy a AWS CloudFormation template that uses Amazon EventBridge and AWS Step Functions to schedule recurring AWS Security Agent penetration tests with Amazon Simple Notification Service

(SNS) notifications on completion.

Security review assistant

Learn to deploy a multi-agent system on Amazon Bedrock AgentCore that automates Deliverable Security Reviews by combining architecture analysis, IaC code review, ASH vulnerability scanning, and compliance assessment into a single pipeline.

AWS Security Agent Recorder

Learn to use a cross-browser extension that records the unique domains your web app contacts and auto-fills them into the AWS Security Agent penetration test configuration.

Data Protection

KMS access audit

Learn to resolve and report who can use your AWS Key Management Service (KMS) keys across IAM policies, key policies, and grants, with IAM Identity Center resolution to identify the humans behind SSO roles.

Infrastructure security

Building a conversational AI agent for AWS WAF analysis with AgentCore

Learn to deploy an AI-powered agent using Amazon Bedrock AgentCore and Strands SDK that investigates AWS WAF security incidents, detects bypasses, and generates security reports through natural language.

Governance

Centralized AWS Config CI monitoring with Amazon CloudWatch

Learn to centrally monitor AWS Config Configuration Item recording across all accounts in an AWS Organization using CloudWatch Cross-Account Observability, with dashboards showing top resource types, per-account volume, and conformance pack compliance.

CloudFormation Guard security analyzer

Learn to deploy an AI agent powered by Amazon Bedrock AgentCore that scans CloudFormation resource documentation, identifies security-critical properties with risk levels, and generates ready-to-use cfn-guard 3.x rules for your CI/CD pipeline.

AI Security

Guarded user-controlled attested runtime deployment (Guardian Platform)

Learn to deploy LLM models securely in consumer AWS accounts while protecting model weights using AWS Nitro TPM attestation, KMS envelope encryption, and Zero Operator Access with immutable AMIs.

AWS Labs

This month brings 1 new AWS Labs repository focused on governance, helping research institutions deploy secure, tagged infrastructure with self-service access and multi-account controls.

ResearchStack on AWS

Learn to deploy research computing infrastructure on AWS in minutes — Amazon EC2, S3, EFS, Amazon SageMaker AI, and ParallelCluster — with built-in security, cost tracking, and governance using CloudFormation templates and optional AWS Service Catalog.

Conclusion

May 2026 shows AI security maturing from model-level controls to full-stack protection of agentic workflows. The posts and samples provide patterns for policy-based authorization with Cedar, network traffic filtering by category, and cross-account compliance monitoring. The security bulletins address vulnerabilities in SDKs, drivers, and developer tooling. Each resource includes deployment steps or runnable code so you can validate in your own environment before adopting. Subscribe to the AWS Security Blog RSS feed to receive updates as they publish, and revisit this digest monthly for a consolidated view of what changed and what to act on.

If you have feedback about this post, submit comments in the Comments section below.

Rodolfo Brenes

Rodolfo is a Principal Solutions Architect focused on Cloud Governance and Compliance. With over 18 years of experience, he currently leads a technical field community in AWS helping customers scale and improve their security and governance frameworks. Besides work, Rodolfo enjoys video games, playing with his four cats, and won’t say no to a good outdoor adventure.

Anna Brinkmann

Anna has 18 years of experience in the technical content space and has spent the last 6 years managing the AWS Security Blog. Outside of work, she enjoys spending time with her family.



Source link

Share X / Twitter LinkedIn Reddit WhatsApp

Related Articles

All CloudSecurity →