"Your enterprise cloud requires oversight and continuous management that can be more effectively addressed through security and compliance automation. In this session, learn how to ensure your cloud is compliant with standards critical to your business, and how you can replace outdated processes and tools that slow down delivery of new (and secure) code. We will look closely at issues that can make your environment vulnerable, like dead accounts and other inappropriate access-enabling risks, and misconfigurations that can create unwanted access points. Our session explains how security and compliance automation is used to eradicate these types of issues and many more by leveraging Amazon Simple Notification Service (SNS) and AWS Lambda workflows, integrations with DevOps tools and more.
This session is brought to you by AWS Summit New York City sponsor, Evident.io."
28. Q: HOW LONG DOES IT TAKE TO MANUALLY
VALIDATE AND RECORD A CONTROL CHECK?
29. LET’S DO SOME COMPLIANCE MATH
PCI DSS:
4 Accounts
12 Testable Controls
2,813 control checks
X 2.5 minutes per
117.2 hours 10 weeks!
NIST 800-53:
1 Account
35 Testable Controls
9,534 control checks
X 2.5 minutes per
397 hours or
Automation is a MUST
30. Isn’t it time to eliminate
the massive spreadsheets?