SlideShare una empresa de Scribd logo

AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS Security

Amazon Web Services
Amazon Web Services

Morning Security keynote by Steven Schmidt

TecnologíaEmpresariales
1 de 72
Descargar para leer sin conexión
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. AWS Security Stephen E. Schmidt, Directeur de la Sécurité
Different customer viewpoints on security PR exec keep out of the news CEO protect shareholder value CI{S}O preserve the confidentiality, integrity and availability of data
Security is Our No.1 Priority Comprehensive Security Capabilities to Support Virtually Any Workload PEOPLE & PROCEDURES NETWORK SECURITY PHYSICAL SECURITY PLATFORM SECURITY
SECURITY IS SHARED
WHAT NEEDS TO BE DONE TO KEEP THE SYSTEM SAFE
WHAT WE DO WHAT YOU HAVE TO DO
EVERY CUSTOMER HAS ACCESS TO THE SAME SECURITY CAPABILITIES CHOOSE WHAT’S RIGHT FOR YOUR BUSINESS
“Based on our experience, I believe that we can be even more secure in the AWS cloud than in our own data centers” Tom Soderstrom – CTO – NASA JPL
AWS SECURITY OFFERS MORE VISIBILITY AUDITABILITY CONTROL
MORE VISIBILITY
CAN YOU MAP YOUR NETWORK? WHAT IS IN YOUR ENVIRONMENT RIGHT NOW?
TRUSTED ADVISOR
MORE AUDITABILITY
SECURITY CONTROL OBJECTIVES 1. SECURITY ORGANIZATION 2. AMAZON USER ACCESS 3. LOGICAL SECURITY 4. SECURE DATA HANDLING 5. PHYSICAL SECURITY AND ENV. SAFEGUARDS 6. CHANGE MANAGEMENT 7. DATA INTEGRITY, AVAILABILITY AND REDUNDANCY 8. INCIDENT HANDLING
AWS CLOUDTRAIL
You are making API calls... On a growing set of services around the world… CloudTrail is continuously recording API calls… And delivering log files to you
Security Analysis Use log files as an input into log management and analysis solutions to perform security analysis and to detect user behavior patterns. Track Changes to AWS Resources Track creation, modification, and deletion of AWS resources such as Amazon EC2 instances, Amazon VPC security groups and Amazon EBS volumes. Troubleshoot Operational Issues Quickly identify the most recent changes made to resources in your environment. Compliance Aid Easier to demonstrate compliance with internal policies and regulatory standards.
‣  CloudTrail records API calls and delivers a log file to your S3 bucket. ‣  Typically, delivers an event within 15 minutes of the API call. ‣  Log files are delivered approximately every 5 minutes. ‣  Multiple partners offer integrated solutions to analyze log files.
LOGS OBTAINED, RETAINED, ANALYZED
PROTECT YOUR LOGS WITH IAM ARCHIVE YOUR LOGS
MORE CONTROL
Defense in Depth Multi level security •  Physical security of the data centers •  Network security •  System security •  Data security DATA
AWS Security Delivers More Control & Granularity Customize the implementation based on your business needs AWS CloudHSM Defense in depth Rapid scale for security Automated checks with AWS Trusted Advisor Fine grained access controls Server side encryption Multi-factor authentication Dedicated instances Direct connection, Storage Gateway HSM-based key storage AWS IAM Amazon VPC AWS Direct Connect AWS Storage Gateway
AWS STAFF ACCESS ‣  Staff vetting ‣  Staff has no logical access to customer instances ‣  Staff control-plane access limited & monitored Bastion hosts, Least privileged model, Zoned data center access ‣  Business needs ‣  Separate PAMS
LEAST PRIVILEGE PRINCIPLE CONFINE ROLES ONLY TO THE MATERIAL REQUIRED TO DO SPECIFIC WORK
MORE CONTROL ON IDENTITY & ACCESS
USE AWS IAM IDENTITY & ACCESS MANAGEMENT
CONTROL WHO CAN DO WHAT WITH YOUR AWS ACCOUNT
AWS IAM: Recent Innovations Securely control access to AWS services and resources •  Delegation –  Roles for Amazon EC2 –  Cross-account access •  Powerful integrated permissions –  Resource level permissions: Amazon EC2, Amazon RDS, Amazon DynamoDB, AWS CloudFormation –  Access control policy variables –  Policy Simulator –  Enhanced IAM support: Amazon SWF, Amazon EMR, AWS Storage Gateway, AWS CloudFormation, Amazon Redshift, Elastic Beanstalk •  Federation –  Web Identity Federation –  AD and Shibboleth examples –  Partner integrations –  Case study: Expedia •  Strong authentication –  MFA-protected API access –  Password policies •  Enhanced documentation and videos
ACCESS TO SERVICE APIs
Amazon DynamoDB Fine Grained Access Control Directly and securely access application data in Amazon DynamoDB Specify access permissions at table, item and attribute levels With Web Identity Federation, completely remove the need for proxy servers to perform authorization
MORE CONTROL OF YOUR DATA
MFA DELETE PROTECTION
YOUR DATA STAYS WHERE YOU PUT IT
USE MULTIPLE AZs AMAZON S3 AMAZON DYNAMODB AMAZON RDS MULTI-AZ AMAZON EBS SNAPSHOTS
DATA ENCRYPTION CHOOSE WHAT’S RIGHT FOR YOU: Automated – AWS manages encryption Enabled – user manages encryption using AWS Client-side – user manages encryption using their own mean
AWS CloudHSM Managed and monitored by AWS, but you control the keys Increase performance for applications that use HSMs for key storage or encryption Comply with stringent regulatory and contractual requirements for key protection EC2 Instance AWS CloudHSM AWS CloudHSM
ENCRYPT YOUR DATA AWS CLOUDHSM AMAZON S3 SSE AMAZON GLACIER AMAZON REDSHIFT AMAZON RDS …
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. Axway, Cloud and Security David FIGINI, VP Cloud Managed Services EMEA
•  11,000 customers •  100 countries •  332,5M € revenue in 2013 •  1,700+ employees •  HQ in Phoenix, AZ USA •  Offices in 19 countries Governing the flow of data DATA FLOW GOVERNANCE
Axway Cloud and AWS •  Start Quickly •  Everywhere •  No initial cost •  Pay per use •  Scale up and down •  No commitment •  Repeatable •  Reliable •  Secure VPC (Virtual Private Cloud) – Privatization for Cloud components. Data centers (zones) - Tier IV and compliant with all major third-party certifications. Storage – 99.999999999 durability Database – Multizone configuration Elastic Load Balancers – Zone independence VPN – AWS Direct Connect provides dedicated private networking for increased bandwidth and reliability. EC2 Instances – Elastic computing Cloud Formation – Reliable delivery from Web Services Applications – Designed for no single points of failure and non- repudiation. All services are monitored through a centralized location utilizing, SES, SNS, Cloud Watch, Nagios, etc.
Axway Cloud threat mitigation Architecture and Datacenter Vulnerabilities Service Platform Availability Information Confidentiality and Integrity Loss Decrease in Functional Performance Human Activities • Multi AZ Auto-Scaling groups Very High Availability • Solution deployed by Axway OS Patch management • Data encryption at rest and for communications • Backup policy based on snapshots Data loss and confidentiality • Access to environments is centralized and all activity is trackedHuman activity • Security and monitoring tools (Ossec, syslog, Nagios, CloudWatch, …) • Splunk to receive, process and present security events Real time monitoring
Axway Cloud security architecture •  SOC1 Type 2 certification achieved in March •  ISO27001 Beginning of 2015 Management Solution Access Control Axway data center Amazon Route 53 Axway workforce VPN Elastic Load Balancing Supervision Monitoring & Security tools VPC peering Solution Elastic Load Balancing VPC peering Monitoring & Security data Acce ss CloudWatch Amazon SES Auto Scaling group AZ #1 AZ #2 Auto Scaling group AZ #1 AZ #2 CloudTrail
•  Axway governs the flow of data in the Cloud •  Axway Cloud is based on a strong AWS partnership •  Security = AWS + Axway + Processes+ People Takeaways from Axway
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. Axway, Cloud and Security David FIGINI, VP Cloud Managed Services EMEA Merci !
MORE AUDITABILITY MORE VISIBILITY MORE CONTROL
IDC Survey Attitudes and Perceptions Around Security and Cloud Services Nearly 60% of organizations agreed that CSPs [Cloud Service Providers] provide better security than their own IT organization Source: IDC 2013 U.S. Cloud Security Survey Doc #242836, September 2013
AWS.AMAZON.COM/SECURITY
AWS SECURITY WHITEPAPERS RISK & COMPLIANCE AUDITING SECURITY CHECKLIST SECURITY PROCESSES SECURITY BEST PRACTICES
AWS MARKETPLACE SECURITY SOLUTIONS
© 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. AWS Security Stephen E. Schmidt, Directeur de la Sécurité Merci !

Recomendados

A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionA Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals Christopher Caplan
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack SecurityAmazon Web Services
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”Amazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAlert Logic
 
Stop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually MatterStop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually MatterAmazon Web Services
 

Recomendados

A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionA Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals Christopher Caplan
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack SecurityAmazon Web Services
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”Amazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAlert Logic
 
Stop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually MatterStop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually MatterAmazon Web Services
 
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Amazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeCSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeAlert Logic
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security FundamentalsAmazon Web Services
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practicesSundeep Roxx
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security FundamentalsAmazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security FundamentalsAmazon Web Services
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
 
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
AWS Storage Stage of Union
AWS Storage Stage of UnionAWS Storage Stage of Union
AWS Storage Stage of UnionAmazon Web Services
 
How to Use Positive and Negative Security Models and Virtual Patching Techniq...
How to Use Positive and Negative Security Models and Virtual Patching Techniq...How to Use Positive and Negative Security Models and Virtual Patching Techniq...
How to Use Positive and Negative Security Models and Virtual Patching Techniq...Amazon Web Services
 
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Amazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAmazon Web Services
 
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Amazon Web Services
 
How to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsHow to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsAleksandr Maklakov
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAmazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 

Más contenido relacionado

La actualidad más candente

Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Amazon Web Services
 
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeCSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practicesSundeep Roxx
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
 
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
How to Use Positive and Negative Security Models and Virtual Patching Techniq...
How to Use Positive and Negative Security Models and Virtual Patching Techniq...How to Use Positive and Negative Security Models and Virtual Patching Techniq...
How to Use Positive and Negative Security Models and Virtual Patching Techniq...Amazon Web Services
 
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Amazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Amazon Web Services
 
How to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsHow to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsAleksandr Maklakov
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAmazon Web Services
 

La actualidad más candente (20)

Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in PracticeCSS17: Dallas - The AWS Shared Responsibility Model in Practice
CSS17: Dallas - The AWS Shared Responsibility Model in Practice
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security Fundamentals
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practices
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security Fundamentals
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
 
AWS Security Fundamentals
AWS Security FundamentalsAWS Security Fundamentals
AWS Security Fundamentals
 
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat ResponseIncident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat Response
 
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
 
AWS Storage Stage of Union
AWS Storage Stage of UnionAWS Storage Stage of Union
AWS Storage Stage of Union
 
How to Use Positive and Negative Security Models and Virtual Patching Techniq...
How to Use Positive and Negative Security Models and Virtual Patching Techniq...How to Use Positive and Negative Security Models and Virtual Patching Techniq...
How to Use Positive and Negative Security Models and Virtual Patching Techniq...
 
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best Practices
 
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
 
How to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsHow to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startups
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & Compliance
 

Similar a AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS Security

Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudAmazon Web Services
 
AWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAmazon Web Services
 
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...Amazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Protecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and FeaturesProtecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and FeaturesAmazon Web Services
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAmazon Web Services
 
Architecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlayArchitecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlayAmazon Web Services
 
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013Amazon Web Services
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAmazon Web Services
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWSAmazon Web Services
 
Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security ShakedownAmazon Web Services
 
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Amazon Web Services
 

Similar a AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS Security (20)

Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel Cloud
 
AWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation Security
 
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
Protecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and FeaturesProtecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and Features
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
 
Understanding AWS Security
Understanding AWS Security Understanding AWS Security
Understanding AWS Security
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Architecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlayArchitecting for Greater Security - London Summit Enteprise Track RePlay
Architecting for Greater Security - London Summit Enteprise Track RePlay
 
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & Compliance
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWS
 
Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security Shakedown
 
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
 

Más de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Más de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Último

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 

Último (20)

Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 

AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS Security

  • 1. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. AWS Security Stephen E. Schmidt, Directeur de la Sécurité
  • 2. Different customer viewpoints on security PR exec keep out of the news CEO protect shareholder value CI{S}O preserve the confidentiality, integrity and availability of data
  • 3. Security is Our No.1 Priority Comprehensive Security Capabilities to Support Virtually Any Workload PEOPLE & PROCEDURES NETWORK SECURITY PHYSICAL SECURITY PLATFORM SECURITY
  • 5. WHAT NEEDS TO BE DONE TO KEEP THE SYSTEM SAFE
  • 7. EVERY CUSTOMER HAS ACCESS TO THE SAME SECURITY CAPABILITIES CHOOSE WHAT’S RIGHT FOR YOUR BUSINESS
  • 8. “Based on our experience, I believe that we can be even more secure in the AWS cloud than in our own data centers” Tom Soderstrom – CTO – NASA JPL
  • 9. AWS SECURITY OFFERS MORE VISIBILITY AUDITABILITY CONTROL
  • 11. CAN YOU MAP YOUR NETWORK? WHAT IS IN YOUR ENVIRONMENT RIGHT NOW?
  • 12.
  • 13.
  • 15.
  • 16.
  • 17.
  • 19.
  • 20. SECURITY CONTROL OBJECTIVES 1. SECURITY ORGANIZATION 2. AMAZON USER ACCESS 3. LOGICAL SECURITY 4. SECURE DATA HANDLING 5. PHYSICAL SECURITY AND ENV. SAFEGUARDS 6. CHANGE MANAGEMENT 7. DATA INTEGRITY, AVAILABILITY AND REDUNDANCY 8. INCIDENT HANDLING
  • 21.
  • 23. You are making API calls... On a growing set of services around the world… CloudTrail is continuously recording API calls… And delivering log files to you
  • 24. Security Analysis Use log files as an input into log management and analysis solutions to perform security analysis and to detect user behavior patterns. Track Changes to AWS Resources Track creation, modification, and deletion of AWS resources such as Amazon EC2 instances, Amazon VPC security groups and Amazon EBS volumes. Troubleshoot Operational Issues Quickly identify the most recent changes made to resources in your environment. Compliance Aid Easier to demonstrate compliance with internal policies and regulatory standards.
  • 25. ‣  CloudTrail records API calls and delivers a log file to your S3 bucket. ‣  Typically, delivers an event within 15 minutes of the API call. ‣  Log files are delivered approximately every 5 minutes. ‣  Multiple partners offer integrated solutions to analyze log files.
  • 27.
  • 28.
  • 29. PROTECT YOUR LOGS WITH IAM ARCHIVE YOUR LOGS
  • 30.
  • 31.
  • 33. Defense in Depth Multi level security •  Physical security of the data centers •  Network security •  System security •  Data security DATA
  • 34. AWS Security Delivers More Control & Granularity Customize the implementation based on your business needs AWS CloudHSM Defense in depth Rapid scale for security Automated checks with AWS Trusted Advisor Fine grained access controls Server side encryption Multi-factor authentication Dedicated instances Direct connection, Storage Gateway HSM-based key storage AWS IAM Amazon VPC AWS Direct Connect AWS Storage Gateway
  • 35. AWS STAFF ACCESS ‣  Staff vetting ‣  Staff has no logical access to customer instances ‣  Staff control-plane access limited & monitored Bastion hosts, Least privileged model, Zoned data center access ‣  Business needs ‣  Separate PAMS
  • 36.
  • 37.
  • 38.
  • 39.
  • 40.
  • 41.
  • 42.
  • 43. LEAST PRIVILEGE PRINCIPLE CONFINE ROLES ONLY TO THE MATERIAL REQUIRED TO DO SPECIFIC WORK
  • 45. USE AWS IAM IDENTITY & ACCESS MANAGEMENT
  • 46. CONTROL WHO CAN DO WHAT WITH YOUR AWS ACCOUNT
  • 47.
  • 48. AWS IAM: Recent Innovations Securely control access to AWS services and resources •  Delegation –  Roles for Amazon EC2 –  Cross-account access •  Powerful integrated permissions –  Resource level permissions: Amazon EC2, Amazon RDS, Amazon DynamoDB, AWS CloudFormation –  Access control policy variables –  Policy Simulator –  Enhanced IAM support: Amazon SWF, Amazon EMR, AWS Storage Gateway, AWS CloudFormation, Amazon Redshift, Elastic Beanstalk •  Federation –  Web Identity Federation –  AD and Shibboleth examples –  Partner integrations –  Case study: Expedia •  Strong authentication –  MFA-protected API access –  Password policies •  Enhanced documentation and videos
  • 50. Amazon DynamoDB Fine Grained Access Control Directly and securely access application data in Amazon DynamoDB Specify access permissions at table, item and attribute levels With Web Identity Federation, completely remove the need for proxy servers to perform authorization
  • 53.
  • 54. YOUR DATA STAYS WHERE YOU PUT IT
  • 55.
  • 56. USE MULTIPLE AZs AMAZON S3 AMAZON DYNAMODB AMAZON RDS MULTI-AZ AMAZON EBS SNAPSHOTS
  • 57. DATA ENCRYPTION CHOOSE WHAT’S RIGHT FOR YOU: Automated – AWS manages encryption Enabled – user manages encryption using AWS Client-side – user manages encryption using their own mean
  • 58. AWS CloudHSM Managed and monitored by AWS, but you control the keys Increase performance for applications that use HSMs for key storage or encryption Comply with stringent regulatory and contractual requirements for key protection EC2 Instance AWS CloudHSM AWS CloudHSM
  • 59. ENCRYPT YOUR DATA AWS CLOUDHSM AMAZON S3 SSE AMAZON GLACIER AMAZON REDSHIFT AMAZON RDS …
  • 60. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. Axway, Cloud and Security David FIGINI, VP Cloud Managed Services EMEA
  • 61. •  11,000 customers •  100 countries •  332,5M € revenue in 2013 •  1,700+ employees •  HQ in Phoenix, AZ USA •  Offices in 19 countries Governing the flow of data DATA FLOW GOVERNANCE
  • 62. Axway Cloud and AWS •  Start Quickly •  Everywhere •  No initial cost •  Pay per use •  Scale up and down •  No commitment •  Repeatable •  Reliable •  Secure VPC (Virtual Private Cloud) – Privatization for Cloud components. Data centers (zones) - Tier IV and compliant with all major third-party certifications. Storage – 99.999999999 durability Database – Multizone configuration Elastic Load Balancers – Zone independence VPN – AWS Direct Connect provides dedicated private networking for increased bandwidth and reliability. EC2 Instances – Elastic computing Cloud Formation – Reliable delivery from Web Services Applications – Designed for no single points of failure and non- repudiation. All services are monitored through a centralized location utilizing, SES, SNS, Cloud Watch, Nagios, etc.
  • 63. Axway Cloud threat mitigation Architecture and Datacenter Vulnerabilities Service Platform Availability Information Confidentiality and Integrity Loss Decrease in Functional Performance Human Activities • Multi AZ Auto-Scaling groups Very High Availability • Solution deployed by Axway OS Patch management • Data encryption at rest and for communications • Backup policy based on snapshots Data loss and confidentiality • Access to environments is centralized and all activity is trackedHuman activity • Security and monitoring tools (Ossec, syslog, Nagios, CloudWatch, …) • Splunk to receive, process and present security events Real time monitoring
  • 64. Axway Cloud security architecture •  SOC1 Type 2 certification achieved in March •  ISO27001 Beginning of 2015 Management Solution Access Control Axway data center Amazon Route 53 Axway workforce VPN Elastic Load Balancing Supervision Monitoring & Security tools VPC peering Solution Elastic Load Balancing VPC peering Monitoring & Security data Acce ss CloudWatch Amazon SES Auto Scaling group AZ #1 AZ #2 Auto Scaling group AZ #1 AZ #2 CloudTrail
  • 65. •  Axway governs the flow of data in the Cloud •  Axway Cloud is based on a strong AWS partnership •  Security = AWS + Axway + Processes+ People Takeaways from Axway
  • 66. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. Axway, Cloud and Security David FIGINI, VP Cloud Managed Services EMEA Merci !
  • 68. IDC Survey Attitudes and Perceptions Around Security and Cloud Services Nearly 60% of organizations agreed that CSPs [Cloud Service Providers] provide better security than their own IT organization Source: IDC 2013 U.S. Cloud Security Survey Doc #242836, September 2013
  • 70. AWS SECURITY WHITEPAPERS RISK & COMPLIANCE AUDITING SECURITY CHECKLIST SECURITY PROCESSES SECURITY BEST PRACTICES
  • 72. © 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express consent of Amazon.com, Inc. AWS Security Stephen E. Schmidt, Directeur de la Sécurité Merci !