SlideShare una empresa de Scribd logo

AWS Symposium Shared Responsibility Model Deep Dive

Descargar como PPTX, PDF
Amazon Web Services
Amazon Web Services

The AWS Shared Responsibility Model (SRM) varies somewhat according to the type of AWS service involved, from infrastructure to container to abstracted services. In this session we will move beyond the “hypervisor up/down” summary of the SRM and explore how the SRM works for services beyond EC2.

TecnologíaEmpresariales
1 de 18
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Shared Responsibility Model Deep Dive Mark Ryland Chief Solutions Architect / Worldwide Public Sector Team markry@amazon.com Garret Grajek ggrajek@secureauth.com Rishi Bhargava rishi@mcafee.com
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Shared Responsibility Model • SRM key to understanding and operationalizing security in the cloud • Traditional “hypervisor up/down” division of responsibilities: a good starting place • Today let’s add additional concepts and nuances
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Service Types • Infrastructure services • Container services • Abstracted services – Source: “AWS Security Best Practices,” Nov 2013, p7
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Infrastructure services • Rich control of an “on-prem-like” capability • Separate control plane and data plane – Caveat: in some sense all services are “container” services: API driven external configuration and control • E.g.: Amazon Elastic Cloud Compute (EC2), Amazon Elastic Block Store (EBS), Amazon Virtual Private Cloud (VPC), etc.
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Container services • Joint control with service layer over an on-prem- like capability • Separate control plane and data plane – Typically services deployed on EC2 • E.g.: Amazon Relational Database Service (RDS), Elastic mapReduce (EMR), Redshift, Elastic Beanstalk, OpsWorks, Elastic Load Balancing, etc. – Level and type of co-administration vary from service to service
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Abstracted services • Network endpoints that responds to commands • Typically: unified control plane and data plane (although logically distinct operations) • E.g.: – Simple Storage Service (S3), Glacier, DynamoDB, SQS/SNS, CloudWatch, CloudFormation (unified control/data planes) – Route 53, CloudFront (distinct control/data planes)
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Varying Responsibility Surface Area Infrastructure services Container services Abstracted services Configuration plus operation Configuration
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Three More Dimensions of the SRM • Type of service – Infrastructure, container, abstracted • Security configurability – How many relevant knobs and dials? • Breadth of cross-service security impact – Will configuration impact be broad, or primarily local? • Potential for integration with on-prem security systems – Greater versus lesser potential for integration
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Four Dimensions: Matrix Service type Abstract Container Infra Security configurability Low Medium High X-service impact Low Medium High Integration potential Low Medium High Increasing responsibility
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Example #1: EC2 • Foundational infrastructure service • Lots and lots of security-related features; configuration and operation requirements • Major impact across services • Rich integration possible with on- prem security/management at OS and/or app level Service type Infra Security config High X-service impact High Integration potential High
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #2: S3 • Powerful abstract service • Lots and lots of security-related features • Very foundational, used by many other services and apps • Some indirect integration via IAM; logs can be integrated with security tools Service type Abstract Security config High X-service impact High Integration potential Medium
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #3: RDS • Popular service managing relational database engines – AWS is the OS and engine admin, customer is the database admin • Significant number of security- related features • Cross-service impact typically low • Can be integrated with broader database security tools Service type Container Security config Medium X-service impact Low ? Integration potential High
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #4: DynamoDB • NoSQL database increasingly used across AWS solutions • Richly integrated with IAM – Row and column-level access control via IAM policies, policy variables • Some integration with security- related solutions via IAM – E.g., SAML, Web Identity Federation Service type Abstract Security config High X-service impact Low Integration potential Medium
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #5: Elastic MapReduce • Managed Hadoop offering • Customer and EMR service are co-administrators of instances • Significant number of security knobs/dials • Generally, low cross-service impact – Unless utilized within Data Pipeline Service type Container Security config Medium X-service impact Low ? Integration potential Low
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #6: CloudWatch • Foundational service, but… • Primarily read-only data (not counting alerts) • Not a lot of security knobs/dials • Low integration with security- related solutions – High integration potential with management solutions Service type Abstract Security config Low X-service impact Low Integration potential Low
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #7: CloudTrail • Critical security-related service • Primarily read-only data • Not a lot of security knobs/dials • High degree of important integration with security-related solutions Service type Abstract Security config Low X-service impact High Integration potential High
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #8: IAM • Most critical security-related “service” • Operationally easy; config options rich, powerful, complex • High degree of important integration with security-related solutions Service type Abstract Security config High X-service impact High Integration potential High
AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Thank you! Mark Ryland Chief Solutions Architect / Worldwide Public Sector Team markry@amazon.com Garret Grajek ggrajek@secureauth.com

Recomendados

Shared Responsibility In Action
Shared Responsibility In ActionShared Responsibility In Action
Shared Responsibility In ActionMark Nunnikhoven
 
Amazon AWS Shared Security Model
Amazon AWS Shared Security Model Amazon AWS Shared Security Model
Amazon AWS Shared Security Model James Mascarenhas
 
Shared Responsibility Deep Dive
Shared Responsibility Deep DiveShared Responsibility Deep Dive
Shared Responsibility Deep DiveAmazon Web Services
 
Shared Responsibility In Action
Shared Responsibility In ActionShared Responsibility In Action
Shared Responsibility In ActionMark Nunnikhoven
 
The AWS Shared Responsibility Model: Presented by Amazon Web Services
The AWS Shared Responsibility Model: Presented by Amazon Web ServicesThe AWS Shared Responsibility Model: Presented by Amazon Web Services
The AWS Shared Responsibility Model: Presented by Amazon Web ServicesAlert Logic
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelAmazon Web Services
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 

Recomendados

Shared Responsibility In Action
Shared Responsibility In ActionShared Responsibility In Action
Shared Responsibility In ActionMark Nunnikhoven
 
Amazon AWS Shared Security Model
Amazon AWS Shared Security Model Amazon AWS Shared Security Model
Amazon AWS Shared Security Model James Mascarenhas
 
Shared Responsibility Deep Dive
Shared Responsibility Deep DiveShared Responsibility Deep Dive
Shared Responsibility Deep DiveAmazon Web Services
 
Shared Responsibility In Action
Shared Responsibility In ActionShared Responsibility In Action
Shared Responsibility In ActionMark Nunnikhoven
 
The AWS Shared Responsibility Model: Presented by Amazon Web Services
The AWS Shared Responsibility Model: Presented by Amazon Web ServicesThe AWS Shared Responsibility Model: Presented by Amazon Web Services
The AWS Shared Responsibility Model: Presented by Amazon Web ServicesAlert Logic
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelAmazon Web Services
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 
Security in the Cloud - AWS Symposium 2014 - Washington D.C.
Security in the Cloud - AWS Symposium 2014 - Washington D.C. Security in the Cloud - AWS Symposium 2014 - Washington D.C.
Security in the Cloud - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
The AWS Shared Responsibility Model in Practice - Nirav Kothari, AWS
The AWS Shared Responsibility Model in Practice - Nirav Kothari, AWSThe AWS Shared Responsibility Model in Practice - Nirav Kothari, AWS
The AWS Shared Responsibility Model in Practice - Nirav Kothari, AWSAlert Logic
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAlert Logic
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”Amazon Web Services
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice Alert Logic
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWSPolarSeven Pty Ltd
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWSAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWSAmazon Web Services
 
Einführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web DayEinführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web DayAWS Germany
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAmazon Web Services
 
Crypto-Options on AWS | Security Roadshow Dublin
Crypto-Options on AWS | Security Roadshow DublinCrypto-Options on AWS | Security Roadshow Dublin
Crypto-Options on AWS | Security Roadshow DublinAmazon Web Services
 
Navigating the AWS Compliance Framework | AWS Security Roadshow Dublin
Navigating the AWS Compliance Framework | AWS Security Roadshow DublinNavigating the AWS Compliance Framework | AWS Security Roadshow Dublin
Navigating the AWS Compliance Framework | AWS Security Roadshow DublinAmazon Web Services
 
Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...
Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...
Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...Amazon Web Services
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSAmazon Web Services
 
How to Develop and Deploy Web-Scale Applications on AWS
How to Develop and Deploy Web-Scale Applications on AWSHow to Develop and Deploy Web-Scale Applications on AWS
How to Develop and Deploy Web-Scale Applications on AWSDatabarracks
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services SecurityJason Chan
 

Más contenido relacionado

La actualidad más candente

Security in the Cloud - AWS Symposium 2014 - Washington D.C.
Security in the Cloud - AWS Symposium 2014 - Washington D.C. Security in the Cloud - AWS Symposium 2014 - Washington D.C.
Security in the Cloud - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeAlert Logic
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
The AWS Shared Responsibility Model in Practice - Nirav Kothari, AWS
The AWS Shared Responsibility Model in Practice - Nirav Kothari, AWSThe AWS Shared Responsibility Model in Practice - Nirav Kothari, AWS
The AWS Shared Responsibility Model in Practice - Nirav Kothari, AWSAlert Logic
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAlert Logic
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”Amazon Web Services
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice Alert Logic
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWSAmazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
Einführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web DayEinführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web DayAWS Germany
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAmazon Web Services
 
Crypto-Options on AWS | Security Roadshow Dublin
Crypto-Options on AWS | Security Roadshow DublinCrypto-Options on AWS | Security Roadshow Dublin
Crypto-Options on AWS | Security Roadshow DublinAmazon Web Services
 
Navigating the AWS Compliance Framework | AWS Security Roadshow Dublin
Navigating the AWS Compliance Framework | AWS Security Roadshow DublinNavigating the AWS Compliance Framework | AWS Security Roadshow Dublin
Navigating the AWS Compliance Framework | AWS Security Roadshow DublinAmazon Web Services
 
Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...
Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...
Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...Amazon Web Services
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSAmazon Web Services
 

La actualidad más candente (20)

Security in the Cloud - AWS Symposium 2014 - Washington D.C.
Security in the Cloud - AWS Symposium 2014 - Washington D.C. Security in the Cloud - AWS Symposium 2014 - Washington D.C.
Security in the Cloud - AWS Symposium 2014 - Washington D.C.
 
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in PracticeThe AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
The AWS Shared Responsibility Model in Practice - Nirav Kothari, AWS
The AWS Shared Responsibility Model in Practice - Nirav Kothari, AWSThe AWS Shared Responsibility Model in Practice - Nirav Kothari, AWS
The AWS Shared Responsibility Model in Practice - Nirav Kothari, AWS
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in Practice
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWS
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWS
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
Einführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web DayEinführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web Day
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & Compliance
 
Crypto-Options on AWS | Security Roadshow Dublin
Crypto-Options on AWS | Security Roadshow DublinCrypto-Options on AWS | Security Roadshow Dublin
Crypto-Options on AWS | Security Roadshow Dublin
 
Navigating the AWS Compliance Framework | AWS Security Roadshow Dublin
Navigating the AWS Compliance Framework | AWS Security Roadshow DublinNavigating the AWS Compliance Framework | AWS Security Roadshow Dublin
Navigating the AWS Compliance Framework | AWS Security Roadshow Dublin
 
Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...
Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...
Account Separation and Mandatory Access Control on AWS | Security Roadshow Du...
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWS
 

Destacado

How to Develop and Deploy Web-Scale Applications on AWS
How to Develop and Deploy Web-Scale Applications on AWSHow to Develop and Deploy Web-Scale Applications on AWS
How to Develop and Deploy Web-Scale Applications on AWSDatabarracks
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services SecurityJason Chan
 
AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day Amazon Web Services
 
High Availability Websites: part one
High Availability Websites: part oneHigh Availability Websites: part one
High Availability Websites: part oneAmazon Web Services
 
Data Science at Netflix with Amazon EMR (BDT306) | AWS re:Invent 2013
Data Science at Netflix with Amazon EMR (BDT306) | AWS re:Invent 2013Data Science at Netflix with Amazon EMR (BDT306) | AWS re:Invent 2013
Data Science at Netflix with Amazon EMR (BDT306) | AWS re:Invent 2013Amazon Web Services
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPAAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS SecurityAmazon Web Services
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesAmazon Web Services
 
Shared Responsibility in Accountability
Shared Responsibility in Accountability Shared Responsibility in Accountability
Shared Responsibility in Accountability EduSkills OECD
 
AWS Journey through the AWS Cloud: Disaster Recovery
AWS Journey through the AWS Cloud: Disaster RecoveryAWS Journey through the AWS Cloud: Disaster Recovery
AWS Journey through the AWS Cloud: Disaster RecoveryAmazon Web Services
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
Automating Compliance in the Cloud
Automating Compliance in the CloudAutomating Compliance in the Cloud
Automating Compliance in the CloudAmazon Web Services
 
Establishing a Scalable, Resilient Web Architecture | AWS Public Sector Summi...
Establishing a Scalable, Resilient Web Architecture | AWS Public Sector Summi...Establishing a Scalable, Resilient Web Architecture | AWS Public Sector Summi...
Establishing a Scalable, Resilient Web Architecture | AWS Public Sector Summi...Amazon Web Services
 
Shared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account StructuresShared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account StructuresAmazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
 
High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...
High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...
High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...Amazon Web Services
 

Destacado (20)

How to Develop and Deploy Web-Scale Applications on AWS
How to Develop and Deploy Web-Scale Applications on AWSHow to Develop and Deploy Web-Scale Applications on AWS
How to Develop and Deploy Web-Scale Applications on AWS
 
Amazon Web Services Security
Amazon Web Services SecurityAmazon Web Services Security
Amazon Web Services Security
 
AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day
 
High Availability Websites: part one
High Availability Websites: part oneHigh Availability Websites: part one
High Availability Websites: part one
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
 
Data Science at Netflix with Amazon EMR (BDT306) | AWS re:Invent 2013
Data Science at Netflix with Amazon EMR (BDT306) | AWS re:Invent 2013Data Science at Netflix with Amazon EMR (BDT306) | AWS re:Invent 2013
Data Science at Netflix with Amazon EMR (BDT306) | AWS re:Invent 2013
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS Security
 
Trends in AML Compliance
Trends in AML ComplianceTrends in AML Compliance
Trends in AML Compliance
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS Security
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar Series
 
Shared Responsibility in Accountability
Shared Responsibility in Accountability Shared Responsibility in Accountability
Shared Responsibility in Accountability
 
AWS Journey through the AWS Cloud: Disaster Recovery
AWS Journey through the AWS Cloud: Disaster RecoveryAWS Journey through the AWS Cloud: Disaster Recovery
AWS Journey through the AWS Cloud: Disaster Recovery
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in Practice
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Automating Compliance in the Cloud
Automating Compliance in the CloudAutomating Compliance in the Cloud
Automating Compliance in the Cloud
 
Establishing a Scalable, Resilient Web Architecture | AWS Public Sector Summi...
Establishing a Scalable, Resilient Web Architecture | AWS Public Sector Summi...Establishing a Scalable, Resilient Web Architecture | AWS Public Sector Summi...
Establishing a Scalable, Resilient Web Architecture | AWS Public Sector Summi...
 
Shared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account StructuresShared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account Structures
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
 
High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...
High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...
High Availability Application Architectures in Amazon VPC (ARC202) | AWS re:I...
 

Similar a AWS Symposium Shared Responsibility Model Deep Dive

Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...Amazon Web Services
 
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...Amazon Web Services
 
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Amazon Web Services
 
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...Amazon Web Services
 
Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...Amazon Web Services
 
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...Amazon Web Services
 
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C. Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Amazon Web Services
 
Hybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationHybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationAmazon Web Services
 
How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...Amazon Web Services
 
Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014Amazon Web Services
 
AWS Public Sector Symposium 2014 Canberra | Getting Started with AWS for Gove...
AWS Public Sector Symposium 2014 Canberra | Getting Started with AWS for Gove...AWS Public Sector Symposium 2014 Canberra | Getting Started with AWS for Gove...
AWS Public Sector Symposium 2014 Canberra | Getting Started with AWS for Gove...Amazon Web Services
 
AWS Service Drill Downs - AWS Symposium 2014 - Washington D.C.
AWS Service Drill Downs - AWS Symposium 2014 - Washington D.C. AWS Service Drill Downs - AWS Symposium 2014 - Washington D.C.
AWS Service Drill Downs - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudCloudHesive
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Amazon Web Services
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingAmazon Web Services
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingAmazon Web Services
 
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Amazon Web Services
 

Similar a AWS Symposium Shared Responsibility Model Deep Dive (20)

Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
Leveraging the Cloud to Strengthen Democracy: A Case Study - AWS Washington D...
 
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
Leveraging the Cloud to Strengthen Democracy: NDI Case Study - AWS Washington...
 
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
 
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
Updating Security Operations for the Cloud - AWS Symposium 2014 - Washington ...
 
Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...Running the Business of Education in the Cloud: How Central IT Leverages the ...
Running the Business of Education in the Cloud: How Central IT Leverages the ...
 
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
 
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C. Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
Welcome to the AWS Cloud - AWS Symposium 2014 - Washington D.C.
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
Bringing Governance to an Existing Cloud at NASA’s Jet Propulsion Laboratory ...
 
Hybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationHybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your Organization
 
How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...How Public Sector Entities are Advancing Their Security and Governance Capabi...
How Public Sector Entities are Advancing Their Security and Governance Capabi...
 
Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014Big Data on AWS - AWS Washington D.C. Symposium 2014
Big Data on AWS - AWS Washington D.C. Symposium 2014
 
AWS Public Sector Symposium 2014 Canberra | Getting Started with AWS for Gove...
AWS Public Sector Symposium 2014 Canberra | Getting Started with AWS for Gove...AWS Public Sector Symposium 2014 Canberra | Getting Started with AWS for Gove...
AWS Public Sector Symposium 2014 Canberra | Getting Started with AWS for Gove...
 
AWS Service Drill Downs - AWS Symposium 2014 - Washington D.C.
AWS Service Drill Downs - AWS Symposium 2014 - Washington D.C. AWS Service Drill Downs - AWS Symposium 2014 - Washington D.C.
AWS Service Drill Downs - AWS Symposium 2014 - Washington D.C.
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
 
Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud Computing
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud Computing
 
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
 

Más de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Más de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Último

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 

Último (20)

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

AWS Symposium Shared Responsibility Model Deep Dive

  • 1. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Shared Responsibility Model Deep Dive Mark Ryland Chief Solutions Architect / Worldwide Public Sector Team markry@amazon.com Garret Grajek ggrajek@secureauth.com Rishi Bhargava rishi@mcafee.com
  • 2. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Shared Responsibility Model • SRM key to understanding and operationalizing security in the cloud • Traditional “hypervisor up/down” division of responsibilities: a good starting place • Today let’s add additional concepts and nuances
  • 3. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Service Types • Infrastructure services • Container services • Abstracted services – Source: “AWS Security Best Practices,” Nov 2013, p7
  • 4. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Infrastructure services • Rich control of an “on-prem-like” capability • Separate control plane and data plane – Caveat: in some sense all services are “container” services: API driven external configuration and control • E.g.: Amazon Elastic Cloud Compute (EC2), Amazon Elastic Block Store (EBS), Amazon Virtual Private Cloud (VPC), etc.
  • 5. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Container services • Joint control with service layer over an on-prem- like capability • Separate control plane and data plane – Typically services deployed on EC2 • E.g.: Amazon Relational Database Service (RDS), Elastic mapReduce (EMR), Redshift, Elastic Beanstalk, OpsWorks, Elastic Load Balancing, etc. – Level and type of co-administration vary from service to service
  • 6. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Abstracted services • Network endpoints that responds to commands • Typically: unified control plane and data plane (although logically distinct operations) • E.g.: – Simple Storage Service (S3), Glacier, DynamoDB, SQS/SNS, CloudWatch, CloudFormation (unified control/data planes) – Route 53, CloudFront (distinct control/data planes)
  • 7. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Varying Responsibility Surface Area Infrastructure services Container services Abstracted services Configuration plus operation Configuration
  • 8. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Three More Dimensions of the SRM • Type of service – Infrastructure, container, abstracted • Security configurability – How many relevant knobs and dials? • Breadth of cross-service security impact – Will configuration impact be broad, or primarily local? • Potential for integration with on-prem security systems – Greater versus lesser potential for integration
  • 9. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Four Dimensions: Matrix Service type Abstract Container Infra Security configurability Low Medium High X-service impact Low Medium High Integration potential Low Medium High Increasing responsibility
  • 10. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Example #1: EC2 • Foundational infrastructure service • Lots and lots of security-related features; configuration and operation requirements • Major impact across services • Rich integration possible with on- prem security/management at OS and/or app level Service type Infra Security config High X-service impact High Integration potential High
  • 11. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #2: S3 • Powerful abstract service • Lots and lots of security-related features • Very foundational, used by many other services and apps • Some indirect integration via IAM; logs can be integrated with security tools Service type Abstract Security config High X-service impact High Integration potential Medium
  • 12. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #3: RDS • Popular service managing relational database engines – AWS is the OS and engine admin, customer is the database admin • Significant number of security- related features • Cross-service impact typically low • Can be integrated with broader database security tools Service type Container Security config Medium X-service impact Low ? Integration potential High
  • 13. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #4: DynamoDB • NoSQL database increasingly used across AWS solutions • Richly integrated with IAM – Row and column-level access control via IAM policies, policy variables • Some integration with security- related solutions via IAM – E.g., SAML, Web Identity Federation Service type Abstract Security config High X-service impact Low Integration potential Medium
  • 14. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #5: Elastic MapReduce • Managed Hadoop offering • Customer and EMR service are co-administrators of instances • Significant number of security knobs/dials • Generally, low cross-service impact – Unless utilized within Data Pipeline Service type Container Security config Medium X-service impact Low ? Integration potential Low
  • 15. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #6: CloudWatch • Foundational service, but… • Primarily read-only data (not counting alerts) • Not a lot of security knobs/dials • Low integration with security- related solutions – High integration potential with management solutions Service type Abstract Security config Low X-service impact Low Integration potential Low
  • 16. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #7: CloudTrail • Critical security-related service • Primarily read-only data • Not a lot of security knobs/dials • High degree of important integration with security-related solutions Service type Abstract Security config Low X-service impact High Integration potential High
  • 17. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 #8: IAM • Most critical security-related “service” • Operationally easy; config options rich, powerful, complex • High degree of important integration with security-related solutions Service type Abstract Security config High X-service impact High Integration potential High
  • 18. AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 AWS Government, Education, and Nonprofits Symposium Washington, DC | June 24, 2014 - June 26, 2014 Thank you! Mark Ryland Chief Solutions Architect / Worldwide Public Sector Team markry@amazon.com Garret Grajek ggrajek@secureauth.com