SlideShare una empresa de Scribd logo

CloudPassage Best Practices for Automatic Security Scaling

Amazon Web Services
Amazon Web Services

Organizations that are transitioning from a traditional data center to an on-demand IT environment, such as AWS, are quickly finding that automating and scaling legacy security services for comprehensive workload security can be challenging. In light of these challenges, it is necessary to deploy a security solution that employs the same versatility and elasticity as the cloud workloads it is meant to protect. CloudPassage® Halo® provides virtually instant visibility and continuous protection for servers in any combination of data centers, private clouds and public clouds like AWS. Join Xero and CloudPassage to learn about best practices for migrating your security workloads to the cloud. Join us to learn: - Best practices for maintaining workload security - How you can align cloud security deployment methods with on-premises deployment methods - Key considerations for architecting your infrastructure to scale quickly and securely Who should attend: CTOs, CIOs, CISOs, Directors and Managers of Security, IT Administers, IT Architects and IT Security Engineers

Tecnología
1 de 37
Securing Your Data on AWS
$6.53M 56% 70% Your Data and IP Are Your Most Valuable Assets https://www.csid.com/resources/stats/data-breaches/ Increase in theft of hard intellectual property http://www.pwc.com/gx/en/issues/cyber- security/information-security-survey.html Of consumers indicated they’d avoid businesses following a security breach https://www.csid.com/resources/stats/data-breaches/ Average cost of a data breach
In June 2015, IDC released a report which found that most customers can be more secure in AWS than their on-premises environment. How? AWS Can Be More Secure than Your Existing Environment Automating logging and monitoring Simplifying resource access Making it easy to encrypt properly Enforcing strong authentication
AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Identity & Access Control Network Security Customer Applications & Content You get to define your controls ON the Cloud AWS takes care of the security OF the Cloud You Inventory & Config Data Encryption AWS and You Share Responsibility for Security
The AWS infrastructure is protected by extensive network and security monitoring systems:  Network access is monitored by AWS security managers daily  AWS CloudTrail lets you monitor and record all API calls  Amazon Inspector automatically assesses applications for vulnerabilities Constantly Monitored
The AWS infrastructure footprint protects your data from costly downtime  33 Availability Zones in 12 regions for multi-synchronous geographic redundancy  Retain control of where your data resides for compliance with regulatory requirements  Mitigate the risk of DDoS attacks using services like AutoScaling, Amazon Route 53 Highly Available
AWS enables you to improve your security using many of your existing tools and practices  Integrate your existing Active Directory  Use dedicated connections as a secure, low-latency extension of your data center  Provide and manage your own encryption keys if you choose Integrated with Your Existing Resources
Key AWS Certifications and Assurance Programs
Best Practices for Automatic Security Scaling Ram Krishnan, Chief Product Officer CloudPassage
Transformation of Enterprise IT Delivery Traditional IT delivery Agile IT delivery Data Center Data Center, SDDC or Private Cloud Public, Hybrid or Multi-Cloud
Transformation of Enterprise IT Delivery Traditional IT delivery  Data center & perimeter orientation  Total ownership, visibility & control  Applications on dedicated hardware  Hardware security appliances  Everything “behind the firewall”  Low rate of change Agile IT delivery  Cloud orientation degrades perimeters  Shared responsibility, less visibility & control  Virtual, abstracted, transient workloads  Workloads widely distributed  Large, flat, shared networks  High rate of change
J DF M A M J J A S O N Analysis and design Coding & implementation Quality testing Staging and release R1 Transformation of Application Delivery
J DF M A M J J A S O N Transformation of Application Delivery Quality testing Staging and release Analysis and design Coding and implementation
Traditional Security Tools Don’t Work Anymore Cloud Security Spotlight Report / April 2016 Q: How well do your traditional network security tools / appliances work in public cloud environments? Not at all 11.28% Other 2.12% Not sure 24.96% They work just fine 14.01% Somewhat (but not a complete solution) 47.63% 59% traditional tools work somewhat or not at all
Agile IT Delivery Requires a New, Agile Security Approach
What Does “Agile Security” Mean? 1. Workload centric 2. Policy driven 3. Automated and integrated with toolchains 4. Attack surface reduction focus 5. Context-aware and works anywhere 6. Security platforms with deep APIs
Where Is Your Greatest Security Risk? User administration Application code & data Application framework VM guest OS Virtualization stack Compute/storage HW Network Infrastructure Physical Environment Customer responsibility Data Center Colo IaaS Provider responsibility Gartner, 2016
Where Is Your Greatest Security Risk? User administration Application code & data Application framework VM guest OS Virtualization stack Compute/storage HW Network Infrastructure Physical Environment Customer responsibility Data Center Colo IaaS Risk Medium Medium-high High High Very low Very low Very low Very low Provider responsibility Gartner, 2016
Where Is Your Greatest Security Risk? User administration Application code & data Application framework VM guest OS Virtualization stack Compute/storage HW Network Infrastructure Physical Environment Customer responsibility Data Center Colo IaaS Provider responsibility Risk Medium Medium-high High High Very low Very low Very low Very low Gartner, 2016
Containers Containers Public Clouds Data Centers & Private Clouds Infrastructure Orchestration SOC & GRC SystemsSecurity orchestration enginePortal Rest API Servers Servers
Top Enterprise Challenges Addressed by Halo Workload Protection Fast Microsegmentation Compromise Detection Automated Compliance Security at DevOps Speed Security for AWS EC2
Cloud Security at Xero Aaron McKeown, Lead Security Architect Xero
Beautiful Cloud Based Accounting Software Connecting people with the right numbers anytime, anywhere, on any device
1,450+ staff globally $474M raised in capital $202M sub revenue FY16 23M+ businesses have interacted on the Xero platform $1TR incoming and outgoing transactions in past 12 mths 450M incoming and outgoing transactions in past 12 mths All figures shown are in NZD
700,000+subscribers globally 2009 2010 2011 2012 2013 2014 2015 2016
Improving data protection Eliminating scheduled downtime Maintaining and improving security Support the next wave of growth Reducing our cost to serve Public Cloud Migration
Skills are scarce Regional representation and recommendations Application architecture has to change Automation is key Need to focus on visibility Third party commercial models need to change Key Challenges
Repeatable and automated build and management of security systems Accelerated pace of security innovation On-demand security infrastructure that works at any scale Key Principles
VPN connectivity Host based security Web application security and delivery Shared key management services Security operations and consulting services Secure bastion access Proxy services Security as a Service
Multi-factor Authentication  Further secure AWS with: – Password + MFA or access key + MFA  Secure ALL systems with MFA  Enable MFA enhanced features  Use multiple MFA systems
 AWS CloudTrail, AWS Config and the AWS Console provide a lot of great information  Can be hard to find the needle in the haystack…  Use Netflix Security Monkey to provide a “Single Pane of Glass” Configuration Drift Management
Host Security Automation Host Security Automation  Monitor, Detect and Defend at the Host level  Elasticity and Automation are key  Integrate, visibility is important  Use “Defense in Depth” model, protect every layer  Use an agile approach from deployment through to operations
AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Identity & Access Control Network Security Xero Applications & Content Security ON the Cloud Security OF the Cloud Xero + Partner Ecosystem Inventory & Config Data Encryption The New Paradigm of Shared Responsibility
Key Learnings Security by Design - What's that? Communication is Key - Who are your spokespeople? Measure and Test, Monitor Everything Welcome to the cloud - "Where's my span port"?
Repeatable and automated build and management of security systems Accelerated pace of security innovation On-demand security infrastructure that works at any scale Final Takeaways
Q & A

Recomendados

Getting Started with Amazon WorkSpaces
Getting Started with Amazon WorkSpaces Getting Started with Amazon WorkSpaces
Getting Started with Amazon WorkSpacesAmazon Web Services
 
Vancouver keynote - AWS Innovate - Sam Elmalak
Vancouver keynote - AWS Innovate - Sam ElmalakVancouver keynote - AWS Innovate - Sam Elmalak
Vancouver keynote - AWS Innovate - Sam ElmalakAmazon Web Services
 
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...Amazon Web Services
 
Running Microsoft Enterprise Workloads on Amazon Web Services
Running Microsoft Enterprise Workloads on Amazon Web ServicesRunning Microsoft Enterprise Workloads on Amazon Web Services
Running Microsoft Enterprise Workloads on Amazon Web ServicesAmazon Web Services
 
Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Amazon Web Services
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWSAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
 

Recomendados

Getting Started with Amazon WorkSpaces
Getting Started with Amazon WorkSpaces Getting Started with Amazon WorkSpaces
Getting Started with Amazon WorkSpacesAmazon Web Services
 
Vancouver keynote - AWS Innovate - Sam Elmalak
Vancouver keynote - AWS Innovate - Sam ElmalakVancouver keynote - AWS Innovate - Sam Elmalak
Vancouver keynote - AWS Innovate - Sam ElmalakAmazon Web Services
 
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...Amazon Web Services
 
Running Microsoft Enterprise Workloads on Amazon Web Services
Running Microsoft Enterprise Workloads on Amazon Web ServicesRunning Microsoft Enterprise Workloads on Amazon Web Services
Running Microsoft Enterprise Workloads on Amazon Web ServicesAmazon Web Services
 
Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Amazon Web Services
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWSAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
SEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseSEC304 Advanced Techniques for DDoS Mitigation and Web Application Defense
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
 
Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Amazon Web Services
 
Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Amazon Web Services
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWSAmazon Web Services
 
AWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
AWS Enterprise Summit Netherlands - Starting Your Journey in the CloudAWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
AWS Enterprise Summit Netherlands - Starting Your Journey in the CloudAmazon Web Services
 
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Amazon Web Services
 
Optimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSOptimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Werner Vogels
Werner Vogels Werner Vogels
Werner Vogels Amazon Web Services
 
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...Amazon Web Services
 
(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the CloudAmazon Web Services
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...Amazon Web Services
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
 
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010Amazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
Protecting Your Data in AWS
Protecting Your Data in AWS Protecting Your Data in AWS
Protecting Your Data in AWSAmazon Web Services
 
Well-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionWell-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionAmazon Web Services
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security OperationsAmazon Web Services
 
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon Web Services
 
Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your Applications Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your ApplicationsAmazon Web Services
 
IAM Recommended Practices
IAM Recommended PracticesIAM Recommended Practices
IAM Recommended PracticesAmazon Web Services
 
Ambi belén presentació_competic2
Ambi belén presentació_competic2Ambi belén presentació_competic2
Ambi belén presentació_competic2María Belén Ambi González
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...CloudPassage
 

Más contenido relacionado

La actualidad más candente

Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Amazon Web Services
 
Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Amazon Web Services
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWSAmazon Web Services
 
AWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
AWS Enterprise Summit Netherlands - Starting Your Journey in the CloudAWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
AWS Enterprise Summit Netherlands - Starting Your Journey in the CloudAmazon Web Services
 
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Amazon Web Services
 
Optimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSOptimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSAmazon Web Services
 
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...Amazon Web Services
 
(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the CloudAmazon Web Services
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...Amazon Web Services
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
 
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010Amazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
Well-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionWell-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionAmazon Web Services
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security OperationsAmazon Web Services
 
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon Web Services
 
Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your Applications Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your ApplicationsAmazon Web Services
 

La actualidad más candente (20)

Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...
 
Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS
 
AWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
AWS Enterprise Summit Netherlands - Starting Your Journey in the CloudAWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
AWS Enterprise Summit Netherlands - Starting Your Journey in the Cloud
 
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
Deep Dive- Log analytics with Amazon Elasticsearch Service - AWS Summit Tel A...
 
Optimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSOptimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWS
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Werner Vogels
Werner Vogels Werner Vogels
Werner Vogels
 
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
 
(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
 
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
Amazon.com migrating internal it apps to AWS - AWS Enterprise Tour - SF - 2010
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
 
Protecting Your Data in AWS
Protecting Your Data in AWS Protecting Your Data in AWS
Protecting Your Data in AWS
 
Well-Architected for Security: Advanced Session
Well-Architected for Security: Advanced SessionWell-Architected for Security: Advanced Session
Well-Architected for Security: Advanced Session
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at ScaleAmazon EC2 Systems Manager for Hybrid Cloud Management at Scale
Amazon EC2 Systems Manager for Hybrid Cloud Management at Scale
 
Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your Applications Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your Applications
 
IAM Recommended Practices
IAM Recommended PracticesIAM Recommended Practices
IAM Recommended Practices
 

Destacado

Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...CloudPassage
 
Winning and Losing with Grace: Jitterbugs Culture Code
Winning and Losing with Grace: Jitterbugs Culture CodeWinning and Losing with Grace: Jitterbugs Culture Code
Winning and Losing with Grace: Jitterbugs Culture CodeEric Tachibana
 
Universal design of learning
Universal design of learningUniversal design of learning
Universal design of learningMissTerrell
 
Vincze Veronika: A Szeged Korpusz és Treebank
Vincze Veronika: A Szeged Korpusz és Treebank Vincze Veronika: A Szeged Korpusz és Treebank
Vincze Veronika: A Szeged Korpusz és Treebank Zoltan Varju
 
ICAN 2015 Undergraduate Essay- Madayese J O
ICAN 2015 Undergraduate Essay- Madayese J OICAN 2015 Undergraduate Essay- Madayese J O
ICAN 2015 Undergraduate Essay- Madayese J OJohn Oluwashola Madayese
 
How to make mathematical eContent travel well
How to make mathematical eContent travel wellHow to make mathematical eContent travel well
How to make mathematical eContent travel wellOlga Caprotti
 
Andrew rusling 21 experiments to increase velocity
Andrew rusling 21 experiments to increase velocityAndrew rusling 21 experiments to increase velocity
Andrew rusling 21 experiments to increase velocityScrum Australia Pty Ltd
 
Apresentação Denken (Atualizada) - Média Resolução
Apresentação Denken (Atualizada) - Média ResoluçãoApresentação Denken (Atualizada) - Média Resolução
Apresentação Denken (Atualizada) - Média ResoluçãoDenken
 
Social Media and Email Stats from Six Countries
Social Media and Email Stats from Six CountriesSocial Media and Email Stats from Six Countries
Social Media and Email Stats from Six CountriesKyle Lacy
 
Britain's infrastructure: Public satisfaction and priorities
Britain's infrastructure: Public satisfaction and prioritiesBritain's infrastructure: Public satisfaction and priorities
Britain's infrastructure: Public satisfaction and prioritiesIpsos UK
 
What to do When Everyone Wants to be Your Partner - Sandy Campbell
What to do When Everyone Wants to be Your Partner - Sandy CampbellWhat to do When Everyone Wants to be Your Partner - Sandy Campbell
What to do When Everyone Wants to be Your Partner - Sandy CampbellHELIGLIASA
 
Supply Chain Metrics That Matter - A Focus on Chemical Companies - 28 May 2015
Supply Chain Metrics That Matter - A Focus on Chemical Companies - 28 May 2015Supply Chain Metrics That Matter - A Focus on Chemical Companies - 28 May 2015
Supply Chain Metrics That Matter - A Focus on Chemical Companies - 28 May 2015Lora Cecere
 
Large-scale computational design and selection of polymers for solar cells
Large-scale computational design and selection of polymers for solar cellsLarge-scale computational design and selection of polymers for solar cells
Large-scale computational design and selection of polymers for solar cellsbaoilleach
 
Generos literarios
Generos literariosGeneros literarios
Generos literariosLuis Gil Gil
 
Campus Recruitment_Company Profile_Mindtree
Campus Recruitment_Company Profile_MindtreeCampus Recruitment_Company Profile_Mindtree
Campus Recruitment_Company Profile_MindtreeMikola Andrejeu
 
Sindrome de hellp.a propósito de un caso en el hospital virgen del rocio.
Sindrome de hellp.a propósito de un caso en el hospital virgen del rocio.Sindrome de hellp.a propósito de un caso en el hospital virgen del rocio.
Sindrome de hellp.a propósito de un caso en el hospital virgen del rocio.UDmatronas Virgen del Rocio
 

Destacado (20)

Ambi belén presentació_competic2
Ambi belén presentació_competic2Ambi belén presentació_competic2
Ambi belén presentació_competic2
 
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...Best Practices for Workload Security: Securing Servers in Modern Data Center ...
Best Practices for Workload Security: Securing Servers in Modern Data Center ...
 
Winning and Losing with Grace: Jitterbugs Culture Code
Winning and Losing with Grace: Jitterbugs Culture CodeWinning and Losing with Grace: Jitterbugs Culture Code
Winning and Losing with Grace: Jitterbugs Culture Code
 
Fall Home Prep
Fall Home PrepFall Home Prep
Fall Home Prep
 
Universal design of learning
Universal design of learningUniversal design of learning
Universal design of learning
 
Vincze Veronika: A Szeged Korpusz és Treebank
Vincze Veronika: A Szeged Korpusz és Treebank Vincze Veronika: A Szeged Korpusz és Treebank
Vincze Veronika: A Szeged Korpusz és Treebank
 
Open Lecture Wil van der Aalst
Open Lecture Wil van der AalstOpen Lecture Wil van der Aalst
Open Lecture Wil van der Aalst
 
ICAN 2015 Undergraduate Essay- Madayese J O
ICAN 2015 Undergraduate Essay- Madayese J OICAN 2015 Undergraduate Essay- Madayese J O
ICAN 2015 Undergraduate Essay- Madayese J O
 
How to make mathematical eContent travel well
How to make mathematical eContent travel wellHow to make mathematical eContent travel well
How to make mathematical eContent travel well
 
Andrew rusling 21 experiments to increase velocity
Andrew rusling 21 experiments to increase velocityAndrew rusling 21 experiments to increase velocity
Andrew rusling 21 experiments to increase velocity
 
Apresentação Denken (Atualizada) - Média Resolução
Apresentação Denken (Atualizada) - Média ResoluçãoApresentação Denken (Atualizada) - Média Resolução
Apresentação Denken (Atualizada) - Média Resolução
 
Social Media and Email Stats from Six Countries
Social Media and Email Stats from Six CountriesSocial Media and Email Stats from Six Countries
Social Media and Email Stats from Six Countries
 
Britain's infrastructure: Public satisfaction and priorities
Britain's infrastructure: Public satisfaction and prioritiesBritain's infrastructure: Public satisfaction and priorities
Britain's infrastructure: Public satisfaction and priorities
 
What to do When Everyone Wants to be Your Partner - Sandy Campbell
What to do When Everyone Wants to be Your Partner - Sandy CampbellWhat to do When Everyone Wants to be Your Partner - Sandy Campbell
What to do When Everyone Wants to be Your Partner - Sandy Campbell
 
Supply Chain Metrics That Matter - A Focus on Chemical Companies - 28 May 2015
Supply Chain Metrics That Matter - A Focus on Chemical Companies - 28 May 2015Supply Chain Metrics That Matter - A Focus on Chemical Companies - 28 May 2015
Supply Chain Metrics That Matter - A Focus on Chemical Companies - 28 May 2015
 
Large-scale computational design and selection of polymers for solar cells
Large-scale computational design and selection of polymers for solar cellsLarge-scale computational design and selection of polymers for solar cells
Large-scale computational design and selection of polymers for solar cells
 
Organizacijų atvėrimas per TGM
Organizacijų atvėrimas per TGMOrganizacijų atvėrimas per TGM
Organizacijų atvėrimas per TGM
 
Generos literarios
Generos literariosGeneros literarios
Generos literarios
 
Campus Recruitment_Company Profile_Mindtree
Campus Recruitment_Company Profile_MindtreeCampus Recruitment_Company Profile_Mindtree
Campus Recruitment_Company Profile_Mindtree
 
Sindrome de hellp.a propósito de un caso en el hospital virgen del rocio.
Sindrome de hellp.a propósito de un caso en el hospital virgen del rocio.Sindrome de hellp.a propósito de un caso en el hospital virgen del rocio.
Sindrome de hellp.a propósito de un caso en el hospital virgen del rocio.
 

Similar a CloudPassage Best Practices for Automatic Security Scaling

Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security OperationsEvident.io
 
Check Point Software Technologies: Secure Your AWS Workloads
Check Point Software Technologies: Secure Your AWS Workloads Check Point Software Technologies: Secure Your AWS Workloads
Check Point Software Technologies: Secure Your AWS WorkloadsAmazon Web Services
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & ComplianceAmazon Web Services
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Amazon Web Services
 
Fortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure WorkloadsFortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure WorkloadsAmazon Web Services
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSAmazon Web Services
 
AWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAmazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Automate the Provisioning of Secure Developer Environments on AWS PPT
Automate the Provisioning of Secure Developer Environments on AWS PPT Automate the Provisioning of Secure Developer Environments on AWS PPT
Automate the Provisioning of Secure Developer Environments on AWS PPTAmazon Web Services
 
Barracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSBarracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSAmazon Web Services
 
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudFireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudAmazon Web Services
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security SuperheroAmazon Web Services
 
Security Innovations in the Cloud
Security Innovations in the CloudSecurity Innovations in the Cloud
Security Innovations in the CloudAmazon Web Services
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAmazon Web Services
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsViresh Suri
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigmfanc1985
 

Similar a CloudPassage Best Practices for Automatic Security Scaling (20)

Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 
Check Point Software Technologies: Secure Your AWS Workloads
Check Point Software Technologies: Secure Your AWS Workloads Check Point Software Technologies: Secure Your AWS Workloads
Check Point Software Technologies: Secure Your AWS Workloads
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & Compliance
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
 
Fortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure WorkloadsFortinet Automates Migration onto Layered Secure Workloads
Fortinet Automates Migration onto Layered Secure Workloads
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWS
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack Overview
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
AWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App Security
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
Automate the Provisioning of Secure Developer Environments on AWS PPT
Automate the Provisioning of Secure Developer Environments on AWS PPT Automate the Provisioning of Secure Developer Environments on AWS PPT
Automate the Provisioning of Secure Developer Environments on AWS PPT
 
Barracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSBarracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWS
 
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the CloudFireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the Cloud
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero
 
Security Innovations in the Cloud
Security Innovations in the CloudSecurity Innovations in the Cloud
Security Innovations in the Cloud
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the Cloud
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
 
Cloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentalsCloud computing and Cloud security fundamentals
Cloud computing and Cloud security fundamentals
 
Effectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing ParadigmEffectively and Securely Using the Cloud Computing Paradigm
Effectively and Securely Using the Cloud Computing Paradigm
 

Más de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Más de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Último

Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Último (20)

Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

CloudPassage Best Practices for Automatic Security Scaling

  • 2. $6.53M 56% 70% Your Data and IP Are Your Most Valuable Assets https://www.csid.com/resources/stats/data-breaches/ Increase in theft of hard intellectual property http://www.pwc.com/gx/en/issues/cyber- security/information-security-survey.html Of consumers indicated they’d avoid businesses following a security breach https://www.csid.com/resources/stats/data-breaches/ Average cost of a data breach
  • 3. In June 2015, IDC released a report which found that most customers can be more secure in AWS than their on-premises environment. How? AWS Can Be More Secure than Your Existing Environment Automating logging and monitoring Simplifying resource access Making it easy to encrypt properly Enforcing strong authentication
  • 4. AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Identity & Access Control Network Security Customer Applications & Content You get to define your controls ON the Cloud AWS takes care of the security OF the Cloud You Inventory & Config Data Encryption AWS and You Share Responsibility for Security
  • 5. The AWS infrastructure is protected by extensive network and security monitoring systems:  Network access is monitored by AWS security managers daily  AWS CloudTrail lets you monitor and record all API calls  Amazon Inspector automatically assesses applications for vulnerabilities Constantly Monitored
  • 6. The AWS infrastructure footprint protects your data from costly downtime  33 Availability Zones in 12 regions for multi-synchronous geographic redundancy  Retain control of where your data resides for compliance with regulatory requirements  Mitigate the risk of DDoS attacks using services like AutoScaling, Amazon Route 53 Highly Available
  • 7. AWS enables you to improve your security using many of your existing tools and practices  Integrate your existing Active Directory  Use dedicated connections as a secure, low-latency extension of your data center  Provide and manage your own encryption keys if you choose Integrated with Your Existing Resources
  • 8. Key AWS Certifications and Assurance Programs
  • 9. Best Practices for Automatic Security Scaling Ram Krishnan, Chief Product Officer CloudPassage
  • 10. Transformation of Enterprise IT Delivery Traditional IT delivery Agile IT delivery Data Center Data Center, SDDC or Private Cloud Public, Hybrid or Multi-Cloud
  • 11. Transformation of Enterprise IT Delivery Traditional IT delivery  Data center & perimeter orientation  Total ownership, visibility & control  Applications on dedicated hardware  Hardware security appliances  Everything “behind the firewall”  Low rate of change Agile IT delivery  Cloud orientation degrades perimeters  Shared responsibility, less visibility & control  Virtual, abstracted, transient workloads  Workloads widely distributed  Large, flat, shared networks  High rate of change
  • 12. J DF M A M J J A S O N Analysis and design Coding & implementation Quality testing Staging and release R1 Transformation of Application Delivery
  • 13. J DF M A M J J A S O N Transformation of Application Delivery Quality testing Staging and release Analysis and design Coding and implementation
  • 14. Traditional Security Tools Don’t Work Anymore Cloud Security Spotlight Report / April 2016 Q: How well do your traditional network security tools / appliances work in public cloud environments? Not at all 11.28% Other 2.12% Not sure 24.96% They work just fine 14.01% Somewhat (but not a complete solution) 47.63% 59% traditional tools work somewhat or not at all
  • 15. Agile IT Delivery Requires a New, Agile Security Approach
  • 16. What Does “Agile Security” Mean? 1. Workload centric 2. Policy driven 3. Automated and integrated with toolchains 4. Attack surface reduction focus 5. Context-aware and works anywhere 6. Security platforms with deep APIs
  • 17. Where Is Your Greatest Security Risk? User administration Application code & data Application framework VM guest OS Virtualization stack Compute/storage HW Network Infrastructure Physical Environment Customer responsibility Data Center Colo IaaS Provider responsibility Gartner, 2016
  • 18. Where Is Your Greatest Security Risk? User administration Application code & data Application framework VM guest OS Virtualization stack Compute/storage HW Network Infrastructure Physical Environment Customer responsibility Data Center Colo IaaS Risk Medium Medium-high High High Very low Very low Very low Very low Provider responsibility Gartner, 2016
  • 19. Where Is Your Greatest Security Risk? User administration Application code & data Application framework VM guest OS Virtualization stack Compute/storage HW Network Infrastructure Physical Environment Customer responsibility Data Center Colo IaaS Provider responsibility Risk Medium Medium-high High High Very low Very low Very low Very low Gartner, 2016
  • 20. Containers Containers Public Clouds Data Centers & Private Clouds Infrastructure Orchestration SOC & GRC SystemsSecurity orchestration enginePortal Rest API Servers Servers
  • 21. Top Enterprise Challenges Addressed by Halo Workload Protection Fast Microsegmentation Compromise Detection Automated Compliance Security at DevOps Speed Security for AWS EC2
  • 22. Cloud Security at Xero Aaron McKeown, Lead Security Architect Xero
  • 23. Beautiful Cloud Based Accounting Software Connecting people with the right numbers anytime, anywhere, on any device
  • 24. 1,450+ staff globally $474M raised in capital $202M sub revenue FY16 23M+ businesses have interacted on the Xero platform $1TR incoming and outgoing transactions in past 12 mths 450M incoming and outgoing transactions in past 12 mths All figures shown are in NZD
  • 25. 700,000+subscribers globally 2009 2010 2011 2012 2013 2014 2015 2016
  • 26. Improving data protection Eliminating scheduled downtime Maintaining and improving security Support the next wave of growth Reducing our cost to serve Public Cloud Migration
  • 27. Skills are scarce Regional representation and recommendations Application architecture has to change Automation is key Need to focus on visibility Third party commercial models need to change Key Challenges
  • 28. Repeatable and automated build and management of security systems Accelerated pace of security innovation On-demand security infrastructure that works at any scale Key Principles
  • 30. Multi-factor Authentication  Further secure AWS with: – Password + MFA or access key + MFA  Secure ALL systems with MFA  Enable MFA enhanced features  Use multiple MFA systems
  • 31.  AWS CloudTrail, AWS Config and the AWS Console provide a lot of great information  Can be hard to find the needle in the haystack…  Use Netflix Security Monkey to provide a “Single Pane of Glass” Configuration Drift Management
  • 32. Host Security Automation Host Security Automation  Monitor, Detect and Defend at the Host level  Elasticity and Automation are key  Integrate, visibility is important  Use “Defense in Depth” model, protect every layer  Use an agile approach from deployment through to operations
  • 33. AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Identity & Access Control Network Security Xero Applications & Content Security ON the Cloud Security OF the Cloud Xero + Partner Ecosystem Inventory & Config Data Encryption The New Paradigm of Shared Responsibility
  • 34. Key Learnings Security by Design - What's that? Communication is Key - Who are your spokespeople? Measure and Test, Monitor Everything Welcome to the cloud - "Where's my span port"?
  • 35. Repeatable and automated build and management of security systems Accelerated pace of security innovation On-demand security infrastructure that works at any scale Final Takeaways
  • 36.
  • 37. Q & A