SEC01-BP08 Evaluate and implement new security services and features regularly - AWS Well-Architected Framework (2023-04-10)

SEC01-BP08 Evaluate and implement new security services and features regularly

Evaluate and implement security services and features from AWS and AWS Partners that allow you to evolve the security posture of your workload. The AWS Security Blog highlights new AWS services and features, implementation guides, and general security guidance. What's New with AWS? is a great way to stay up to date with all new AWS features, services, and announcements.

Level of risk exposed if this best practice is not established: Low

Implementation guidance

  • Plan regular reviews: Create a calendar of review activities that includes compliance requirements, evaluation of new AWS security features and services, and staying up-to-date with industry news.

  • Discover AWS services and features: Discover the security features that are available for the services that you are using, and review new features as they are released.

  • Define AWS service on-boarding process: Define processes for onboarding of new AWS services. Include how you evaluate new AWS services for functionality, and the compliance requirements for your workload.

  • Test new services and features: Test new services and features as they are released in a non-production environment that closely replicates your production one.

  • Implement other defense mechanisms: Implement automated mechanisms to defend your workload, explore the options available.

Resources

Related videos: