AWS Marketplace Vendor Insights – Simplify Third-Party Software Risk Assessments It helps you to ensure that the third-party software continuously meets your industry standards by compiling security and compliance information, such as data privacy and residency, application security, and access control, in one consolidated dashboard.

As a security engineer, you may now complete third-party software risk assessment in a few days instead of months. You can now:

• Quickly discover products in AWS Marketplace that meet your security and certification standards by searching for and accessing Vendor Insights profiles.
• Access and download current and validated information, with evidence gathered from the vendors’ security tools and audit reports. Reports are available for download on AWS Artifact third-party reports (now available in preview).
• Monitor your software’s security posture post-procurement and receive notifications for security and compliance events.

New for Amazon SageMaker – Perform Shadow Tests to Compare Inference Performance Between ML Model Variants
You can create shadow tests using the new SageMaker Inference Console and APIs. Shadow testing gives you a fully managed experience for setup, monitoring, viewing, and acting on the results of shadow tests. If you have existing workflows built around SageMaker endpoints, you can also deploy a model in shadow mode using the existing SageMaker Inference APIs. You can monitor the progress of the shadow test and performance metrics such as latency and error rate through a live dashboard.

Next Generation SageMaker Notebooks – Now with Built-in Data Preparation, Real-Time Collaboration, and Notebook Automation
The next generation of Amazon SageMaker Notebooks will increase efficiency across the ML development workflow. You can now improve data quality in minutes with the built-in data preparation capability, edit the same notebooks with your teams in real-time, and automatically convert notebook code to production-ready jobs.

SageMaker Studio now offers shared spaces that give data science and ML teams a workspace where they can read, edit, and run notebooks together in real time to streamline collaboration and communication during the development process. Shared spaces provide a shared Amazon EFS directory that you can utilize to share files within a shared space.

You can now select a notebook and automate it as a job that can run in a production environment without the need to manage the underlying infrastructure. When you create a SageMaker Notebook Job, SageMaker Studio takes a snapshot of the entire notebook, packages its dependencies in a container, builds the infrastructure, runs the notebook as an automated job on a schedule you define, and deprovisions the infrastructure upon job completion.

Introducing Support for Real-Time and Batch Inference in Amazon SageMaker Data Wrangler
To build machine learning models, machine learning engineers need to develop a data transformation pipeline to prepare the data. The process of designing this pipeline is time-consuming and requires a cross-team collaboration between machine learning engineers, data engineers, and data scientists to implement the data preparation pipeline into a production environment.

The main objective of Amazon SageMaker Data Wrangler is to make it easy to do data preparation and data processing workloads. With SageMaker Data Wrangler, customers can simplify the process of data preparation and all of the necessary steps of data preparation workflow on a single visual interface. SageMaker Data Wrangler reduces the time to rapidly prototype and deploy data processing workloads to production, so customers can easily integrate with MLOps production environments.

Additional Data Connectors for Amazon AppFlow
AWS announced the addition of 22 new data connectors for Amazon AppFlow, including:

1. Marketing connectors (e.g., Facebook Ads, Google Ads, Instagram Ads, LinkedIn Ads).
2. Connectors for customer service and engagement (e.g., MailChimp, SendGrid, Zendesk Sell or Chat, and more).
3. Business operations (Stripe, QuickBooks Online, and GitHub).

In total, Amazon AppFlow now supports over 50 integrations with various different SaaS applications and AWS services.

Redesigned UI for Amazon SageMaker Studio
The redesigned UI makes it easier for you to discover and get started with the ML tools in SageMaker Studio. One highlight of the new UI includes a redesigned navigation menu with links to SageMaker capabilities that follow the typical ML development workflow from preparing data to building, training, and deploying ML models.

Schedule a meeting with our AWS cloud solution experts and accelerate your cloud journey with Idexcel.

Amazon QuickSight Q is powered by machine learning (ML), providing self-service analytics by allowing you to query your data using plain language and therefore eliminating the need to fiddle with dashboards, controls, and calculations. With last year’s announcement of QuickSight Q, you can ask simple questions like “who had the highest sales in EMEA in 2021” and get your answers (with relevant visualizations like graphs, maps, or tables) in seconds. Automated data preparation utilizes machine learning to infer semantic information about data and adds it to datasets as metadata about the columns (fields), making it faster for you to prepare data to support natural language questions.

AWS Supply Chain is a new cloud-based application that helps supply chain leaders mitigate risks and lower costs to increase supply chain resilience. AWS Supply Chain unifies supply chain data, provides ML-powered actionable insights, and offers built-in contextual collaboration, all of which help you increase customer service levels by reducing stockouts and help you lower costs from overstock.

Amazon DataZone is a new data management service that makes it faster and easier for customers to catalog, discover, share, and govern data stored across AWS, on-premises, and third-party sources. “To unlock the full power, the full value of data, we need to make it easy for the right people and applications to find, access, and share the right data when they need it — and to keep data safe and secure,” AWS CEO Adam Selipsky said on his keynote session. DataZone enables you to set data free throughout the organization safely by making it easy for admins and data stewards to manage and govern access to data. DataZone provides a data catalog accessible through a web portal where users within an organization can find data that can be used for analytics, business intelligence, and machine learning.

Amazon Security Lake is a purpose-built service that automates the central management of security data sources into a purpose-built data lake stored in the account. This service helps security teams to analyze security data easily and have a complete understanding of the organization’s security posture. Security Lake has adopted the Open Cybersecurity Schema Framework (OCSF), an open standard that helps to normalize and combine the security data from various data sources including on-prem infrastructure, Firewalls, AWS CloudTrail, Amazon Route53, Amazon VPC Flow Logs, etc… Amazon Security Lake supports integrating data sources from third-party security solutions and custom data that has OCSF security data.

VPC Lattice – For modern applications that follow distributed architecture, troubleshooting the communication issues between various components/services is a challenge and time-consuming unless the communication configurations are under control and tracking. AWS VPC Lattice is a new capability of Amazon Virtual Private Cloud (Amazon VPC) that gives us a consistent way to connect, secure, and monitor communication between the services that are distributed. Policies for traffic management, network access, and monitoring can be defined in the VPC Lattice to connect applications in a simple and consistent way across AWS compute services (instances, containers, and serverless functions). VPC Lattice handles service-to-service networking, security, and monitoring requirements.

Schedule a meeting with our AWS cloud solution experts and accelerate your cloud journey with Idexcel.

Amazon Inspector Now Scans AWS Lambda Functions for Vulnerabilities: Amazon Inspector, a vulnerability management service that continually scans workloads across Amazon Elastic Compute Cloud (Amazon EC2) instances & container images in Amazon Elastic Container Registry (Amazon ECR) now supports scanning AWS Lambda functions and Lambda layers. Customers who had to assess the lambda functions against common vulnerabilities had to use AWS and third-party tools. This increased the complexity of keeping all their workloads secure. As new vulnerabilities can appear at any time, it is very important for the security of your applications that the workloads are continuously monitored and rescanned in near real-time as new vulnerabilities are published.

Protect Sensitive Data with Amazon CloudWatch Logs: Safeguard sensitive data that are ingested by CloudWatch Logs by using CloudWatch Logs data protection policies. When sensitive information is logged, CloudWatch Logs data protection will automatically mask it per your configured policy. This is designed so that none of the downstream services that consume these logs can see the unmasked data. These policies let you audit and mask sensitive log data. If data protection for a log group is enabled, then sensitive data that matches the data identifiers is masked. A user who has the logs Unmask IAM permission can view unmasked data for validation. Each managed data identifier is designed to detect a specific type of sensitive data, such as credit card numbers, AWS secret access keys, or passport numbers for a particular country or region. We can configure it to use these identifiers to analyze logs ingested by the log group and take actions when they are detected.

AWS Backup – Protect and Restore Your CloudFormation Stacks: AWS Backup now supports attaching an AWS CloudFormation stack to the data protection policies for the applications managed using infrastructure as code (IaC). With this, all stateful and stateless components supported by AWS Backup are backed up around the same time. As the application managed with CloudFormation is updated, AWS Backup automatically keeps track of changes and updates the data protection policies for us. This gives users a single recovery point that can be used to recover the application stack or the individual resources and helps to prove compliance with the data protection policies.

Schedule a meeting with our AWS cloud solution experts and accelerate your cloud journey with Idexcel.