Amazon Web Services
AWS is a subsidiary of Amazon that provides on-demand cloud computing platforms and APIs to individuals, companies, and governments, on a metered pay-as-you-go basis. In aggregate, these cloud computing web services provide a set of primitive abstract technical infrastructure and distributed computing building blocks and tools.
Location(s)
AWS has 31 zones(s) in 22 countries:
- Europe
- North America
- South America
- Central America
- Asia
- Africa
- Russia
- Pacific
Elastic Compute Cloud
Secure and resizable compute capacity in the cloud
896 CPU
35.2 TB of RAM
16 GPU
Instance types
Lightsail
Virtual servers, storage, databases, and networking for a low, predictable price.
16 CPU
68.7 GB of RAM
Instance types
Simple Storage Service
Object storage built to store and retrieve any amount of data from anywhere
Glacier
Long-term, secure, durable object storage for data archiving
Workspace
![BSI C5 Type 1](/static/img/certs/bsi-c5-1.png)
BSI C5 Type 1
Specifies minimum requirements for secure cloud computing and is primarily intended for professional cloud providers, their auditors and customers.
![BSI C5 Type 2](/static/img/certs/bsi-c5-2.png)
BSI C5 Type 2
Specifies minimum requirements for secure cloud computing and is primarily intended for professional cloud providers, their auditors and customers.
![CCCS](/static/img/certs/cccs.png)
CCCS
Comprehensive evaluation and analysis of cyber threats and vulnerabilities in Canada's digital landscape.
![CJIS Security Policy](/static/img/certs/cjis.png)
CJIS Security Policy
Guidelines and standards established by the FBI to ensure the security and protection of criminal justice information systems.
![CMMC](/static/img/certs/cmmc.png)
CMMC
Designed to protect sensitive unclassified information that is shared by the DoD with its contractors and subcontractors.
![CPSTIC](/static/img/certs/cptstic.png)
CPSTIC
Sandards and guidelines for information security in public administrations and organizations within Spain.
![DCCS](/static/img/certs/dccs.png)
DCCS
Security model by which DoD will leverage cloud computing along with the security controls and requirements necessary for using cloud-based solutions.
![DESC Security Standard](/static/img/certs/desc-csp.png)
DESC Security Standard
Requirements and guidance for CSPs and those organizations using any cloud services
![DFARS](/static/img/certs/dfars.png)
DFARS
Cybersecurity requirements for contractors handling controlled unclassified information within the US DoD supply chain.
![ENS](/static/img/certs/ens.png)
ENS
Set of security standards and requirements established by the Spanish government to ensure the protection of information and assets.
![FedRAMP](/static/img/certs/fedramp.png)
FedRAMP
Cost-effective, risk-based approach for the adoption and use of cloud services by the federal government.
![FERPA](/static/img/certs/ferpa.png)
FERPA
Federal law that affords parents the right to have access to their children’s education records
![FIPS](/static/img/certs/fips.png)
FIPS
US and Canadian government standard that specifies the security requirements for cryptographic modules.
![FISC guidelines](/static/img/certs/fisc.png)
FISC guidelines
Set of security standards and best practice to enhance the security of their information systems.
![FISMA](/static/img/certs/fisma.png)
FISMA
Framework of guidelines and security standards to protect government information and operations.
![HDS](/static/img/certs/hds.png)
HDS
Strengthen the protection of personal health data and build an environment of trust around eHealth and patient monitoring.
![HIPAA](/static/img/certs/hipaa.png)
HIPAA
Federal law that required the creation of national standards to protect sensitive patient health information from being disclosed without the patient’s consent or knowledge.
![HITRUST](/static/img/certs/hitrust.png)
HITRUST
Set of security and privacy controls and standards designed to safeguard healthcare information and manage risk within the healthcare industry.
![IAR](/static/img/certs/iar.png)
IAR
Provide management and technical information security controls for entities to establish, implement, maintain, and continuously improve information assurance.
![ISO 27001:2022](/static/img/certs/iso27001-2022.png)
ISO 27001:2022
Code of practice for information security controls based on ISO/IEC 27002 for cloud services
![ISO 27015:2017](/static/img/certs/iso27017-2015.png)
ISO 27015:2017
Code of practice for information security controls based on ISO/IEC 27002 for cloud services
![ISO 27018:2019](/static/img/certs/iso27018-2019.png)
ISO 27018:2019
Code of practice for protection of personally identifiable information (PII) in public clouds acting as PII processors
![ITAR](/static/img/certs/itar.png)
ITAR
Regulations to prevent the unauthorized export of defense and military-related technology and data, ensuring compliance with U.S. export control laws.
![K-ISMS](/static/img/certs/k-isms.png)
K-ISMS
Certification program in South Korea for organizations to ensure robust information security practices.
![MPA](/static/img/certs/mpa.png)
MPA
Protect intellectual property, prevent piracy, and secure sensitive content throughout the production, distribution, and exhibition processes.
![NHS DSPT](/static/img/certs/nhs-dspt.png)
NHS DSPT
Self-assessment tool that allows organisations to measure their performance against the National Data Guardian’s security standards
![NIST 800-53](/static/img/certs/nist-800-35.png)
NIST 800-53
Catalog of security and privacy controls for all U.S. federal information systems except those related to national security.
![OSPAR](/static/img/certs/ospar.png)
OSPAR
Evaluates the security and compliance practices of external service providers, ensuring they meet required standards and regulations for handling sensitive data and services.
![PASF](/static/img/certs/pasf.png)
PASF
Specific security standards and protocols to safeguard sensitive information, evidence and assets.
![PCI-DSS](/static/img/certs/pci-dss.png)
PCI-DSS
Information security standard for organizations that handle branded credit cards from the major card schemes
![Pinakes](/static/img/certs/pinakes.png)
Pinakes
Rating framework intended to manage and monitor the cybersecurity controls of service providers that Spanish financial entities.
![PIPEDA](/static/img/certs/pipeda.png)
PIPEDA
Governs how private sector organizations collect, use, and disclose personal information in the course of commercial activities
![PiTuKri](/static/img/certs/pitukri.png)
PiTuKri
Evaluates the effectiveness of controls and processes according to international assurance standards.
![SEC Rules 17a-4 18a-6](/static/img/certs/secrule17a-18a6.png)
SEC Rules 17a-4 18a-6
Mandate specific recordkeeping and retention requirements for broker-dealers and investment advisers