1. e-Discovery & Forensics
1.1. Amazon Macie
1.1.1. Discover, classify and protect sensitive data in Amazon S3
1.2. Amazon Kendra (preview)
2. Logging & Monitoring
2.1. AWS CloudTrail
2.1.1. Trails
2.1.1.1. Creating a Trail for an organization
2.1.1.2. Managing CloudTrail Costs
2.1.2. Insights
2.2. Amazon GuardDuty
2.2.1. Continuous security monitoring
2.3. Amazon CloudWatch
2.3.1. Anomaly detection
2.3.2. Alarms
2.3.3. Logs
2.3.4. Metrics
2.3.5. Events
2.3.6. ServiceLens
2.3.6.1. Monitor and troubleshoot issues with microservice-based applications
2.3.7. Syncthetics
2.3.7.1. Monitor web applications using modular, light-weight canary tests
2.3.8. Contributer Insights
2.3.8.1. Amazon CloudWatch Contributor Insights allows you to easily view the top contributors impacting the performance of your systems and applications in real-time.
2.3.9. Sharing cross-account cross-region
2.4. Amazon Simple Notification Service
3. Security Operations and Automation
3.1. CloudCustodian.io
3.1.1. Opensource Cloud Security, Governance, and Management
3.2. asecure.cloud
3.2.1. A free repository of customizable AWS security configurations and best practices
3.3. External Vulnerability Scanner
3.3.1. External service for vulnerability scanning and cloud asset inventory (i.e. Nessus, Qualys)
3.4. AWS Config
3.4.1. Aggregated View
3.5. CloudFormation
3.5.1. Stacks
3.5.2. Stack Sets
3.5.3. Exports
3.6. Systems Manager
3.6.1. Compliance
3.6.2. Patch Manager
3.7. Amazon Inspector
3.7.1. Amazon Inspector enables you to analyze the behavior of your AWS resources and helps you identify potential security issues.
3.8. AWS SecurityHub
3.8.1. Compliance Standards
3.8.1.1. CIS AWS Foundations
3.8.2. Insights
3.8.3. Findings
3.8.4. Integrations
3.8.4.1. AWS Product Integrations
3.8.4.2. Third party Product Integrations
3.8.4.3. Custom Integrations
3.9. AWS Lambda
4. Governance and Compliance
4.1. AWS Organizations
4.1.1. Organize your accounts in business units
4.1.2. Policies
4.1.2.1. Tag Policies
4.1.2.2. Service Control Policies (SCPs)
4.2. AWS Artifact
4.2.1. Central resource for compliance-related information
4.3. Trusted Advisor
4.3.1. Cost Optimization
4.3.2. Performance
4.3.3. Security
4.3.4. Fault Tolerance
4.3.5. Service Limits
4.4. Control Tower
4.4.1. Guardrails
4.4.1.1. Mandatory Guardrails
4.4.1.2. Strongly Recommended Guardrails
4.4.1.3. Elective Guardrails
4.5. Compliance Resources
4.6. Data Privacy
5. Identity Source
6. Documented Information
6.1. Best Practices
6.1.1. CIS Benchmark for CIS Amazon Web Services Foundations Benchmark
6.1.2. AWS Security Best Practices
6.1.3. AWS Key Management Best Practices
6.2. Guidelines and Whitepapers
6.2.1. AWS Whitepapers & Guides
6.2.2. Overview of Security Processes
6.2.3. AWS Security Documentation
6.2.4. AWS Prescriptive Guidance
6.2.5. AWS Security Incident Response Guide
6.2.6. Automating Governance
6.2.7. Operational Resilience
6.3. Operational Checklists
6.3.1. Operational Checklists for AWS (Deprecated )
6.3.2. Auditing Security Checklist for Use of AWS
6.3.3. Governance at Scale Capability Checklist
7. Training and Education
7.1. Phase 0: AWS Cloud
7.1.1. What is Cloud Computing?
7.1.2. Overview of AWS
7.1.3. AWS Cloud Practitioner Essentials (Second Edition)
7.1.4. Cloud Computing with AWS
7.1.5. AWS Glossary
7.1.6. Job Roles in the Cloud
7.2. Phase 1: Security Fundamentals
7.2.1. How Should We All Think About Security
7.2.2. AWS Philosophy of Security
7.2.3. AWS Shared Responsibility Model
7.2.4. AWS Security Fundamentals (Second Edition)
7.2.5. Cloud Adoption Framework: Security Perspective
7.2.6. Security Pillar AWS Well-Architected Framework
7.3. Phase 2: Security Concepts and Best Practices
7.3.1. Authentication and Authorization with AWS Identity and Access Management
7.3.2. Protecting Your Instance with Security Groups
7.3.3. Differences Between Security Groups and NACLs
7.3.4. AWS Well-Architected Training
7.3.5. Well-Architected Security Labs (100)
7.3.6. Architecting on AWS
7.3.7. Well-Architected Security Labs (200)
7.3.8. Introduction to AWS Security Processes
7.3.9. Introduction to AWS Security by Design
7.3.10. AWS Key Management Best Practices
7.3.11. A Deep Dive into AWS Encryption Services
7.3.12. Best Practices for Choosing Identity Solutions for Applications
7.3.13. Security at Scale: Logging in AWS
7.3.14. Security Engineering on AWS
7.3.15. Well-Architected Security Labs (300)
7.3.16. AWS Security Best Practices
7.3.17. AWS Cloud Compliance
7.3.18. Amazon Web Services: Risk and Compliance
7.3.19. AWS Security Workshops
7.3.20. AWS Security Incident Response Guide
7.4. Phase 3: AWS Certified Security Speciality
7.4.1. Exam Readiness: AWS Certified Security – Specialty
7.4.2. AWS Certified Security - Specialty Exam Guide
7.4.3. Sample Questions
7.4.4. Timed practiced exam
7.4.5. AWS Certified Specialty – Security certification exam
7.4.5.1. recommended for those with at least two years of hands-on experience securing AWS workloads)
7.5. Phase 4: Additional Resources
7.5.1. Learning Library at aws.training
7.5.2. AWS User Group
7.5.3. AWS Events and Webinars
7.5.4. AWS Podcast
7.5.5. AWS Blog
7.5.6. What’s New with AWS
8. Incident Response
8.1. Amazon Detective
8.1.1. Analyze, investigate, and identify the root cause of security findings .
8.2. AWS Security Incident Response Guide
9. Network Administration
9.1. AWS Certificate Manager
9.2. AWS WAF and Shield
9.2.1. AWS WAF
9.2.2. AWS Shield
9.2.3. AWS Firewall Manager
9.3. Amazon VPC
9.3.1. Network ACLs
9.3.2. Security Groups
10. Identity and Access Management
10.1. AWS IAM
10.1.1. Access Management
10.1.1.1. Groups
10.1.1.2. Users
10.1.1.2.1. Security Credentials
10.1.1.2.2. Access Advisor
10.1.1.3. Roles
10.1.1.4. Policies
10.1.2. Access Reports
10.1.2.1. Access Analyzer
10.1.2.2. Credential Report
10.1.2.3. Organization Activity
10.1.2.4. Service Control Policies (SCP)
10.2. Resource Access Manager
10.3. AWS Single Sign-On
10.4. AWS Directory Service
10.5. AWS Key Management Service
10.5.1. Custom Key Stores