SlideShare una empresa de Scribd logo

Ryan Smith's talk from the AWS Chicago user group May 22 - Security

Descargar como PPTX, PDF
AWS Chicago
AWS Chicago

“Taking Control of your Half of the Shared Responsibility Model with AWS’ Native Security Tools” – Ryan Smith, Product Owner at Armor // @ryancsmith2222

Tecnología
1 de 23
CONFIDENTIAL DO NOT DISTRIBUTE TAKING CONTROL OF YOUR SHARED RESPONSIBILITY WITH AWS NATIVE SECURITY TOOLS RYAN SMITH @RYANCSMITH222 2 Product Owner MAY 22, 2017
CONFIDENTIAL DO NOT DISTRIBUTE Agenda 01 Security in AWS 101 02 Overview of the Tools 03 AWS Security in Action 2
CONFIDENTIAL DO NOT DISTRIBUTE SECURITY IN AWS 101 3
CONFIDENTIAL DO NOT DISTRIBUTE 2017 Cyber Security Challenges 40% 910BN Record breaches in the last 10 years. 3.8M RECORD BREACHES https://www.bloomberg.com/news/articles/2017-01-19/data- breaches-hit-record-in-2016-as-dnc-wendy-s-co-hacked INCREASE IN HACKS 2015-2016 $4M Per Ponemon Institute. Cost of Breaches: http://www-03.ibm.com/security/data-breach/ $4M AVERAGE COST OF DATA BREACH Healthcare companies lose an average of $355 per each stolen record AVERAGE HEALTHCARE LOSS $355 Of the large organizations that were breached over 70% were deemed to be “compliant” while the breach occurred COMPLIANCE IMPACT >70% 3.8M 910BN 99 Days Dwell “Sophisticated intelligence integration, automation, and threat hunting should be the end-state goal for organizations facing significant business risks and exposure to cyber attacks. “ Per Mandiant M-Trends 2017 report 4
CONFIDENTIAL DO NOT DISTRIBUTE 5 https://aws.amazon.com/compliance/shared-responsibility-model/ That means the biggest threat to your cloud is “you don’t know what you don’t know.” Top Strategic Predictions for 2016 and Beyond – Gartner 2016 95%OF CLOUD SECURITY FAILURES THROUGH 2020 WILL BE THE CUSTOMERS FAULT. http://www.gartner.com/newsroom/id/3143718 Security in AWS is a Shared Responsibility
CONFIDENTIAL DO NOT DISTRIBUTE Models of Security There are 3 general models of security that are good to follow in AWS:  Non-Repudiation – you should never be able to deny that you did something in a cloud environment.  AAA Model – Authentication checks IAM for login user roles; Authorizations is your permissions for your IAM roles; Accounting is the audit trail of activity in the platform – this is CloudTrail.  CIA Framework/Triad Model – Confidentiality (data encryption, IAM, 2FA). Availability (redundancy, HA clusters, availability zones). Integrity (file permissions, version and access control, checksum, certificate managers, encryption, etc. 6
CONFIDENTIAL DO NOT DISTRIBUTE Trends in How AWS Does Security There are a couple of trends in how AWS is approaching security:  Security is at the Forefront – look at how big the security category is in their tooling; announcements at ReInvent of Amazon GuardDuty and SF Summits this year with AWS Firewall Manager and AWS Secrets Manager point to AWS seeing security as market driver and differentiator  Security in the Model of the Cloud – AWS will focus on services that are simple to enable, deploy, and build into your consumption billing constructs.  Tools will Remain Frameworks – They will look at security and compliance problems as infrastructure-as-code solutions. Developers, partners, and customers will be able to use these infrastructure-as-code frameworks to have security-as-code and compliance- as-code. 7
CONFIDENTIAL DO NOT DISTRIBUTE OVERVIEW OF THE TOOLS 8
CONFIDENTIAL DO NOT DISTRIBUTE 9 Armor Diagram v.2 Amazon Macie
CONFIDENTIAL DO NOT DISTRIBUTE Amazon GuardDuty 10
CONFIDENTIAL DO NOT DISTRIBUTE  43 Findings; Various Types: • Persistence • Recon • Cryptocurrency • Trojan • Unauthorized Access  2 Recommended Remediation Paths • Compromised Instance • Compromised Credentials Amazon GuardDuty 11
CONFIDENTIAL DO NOT DISTRIBUTE AWS WAF (Web Application Firewall) 12
CONFIDENTIAL DO NOT DISTRIBUTE AWS WAF (Web Application Firewall) 13
CONFIDENTIAL DO NOT DISTRIBUTE AWS Firewall Manager 14
CONFIDENTIAL DO NOT DISTRIBUTE Amazon Inspector 15
CONFIDENTIAL DO NOT DISTRIBUTE Amazon Inspector 16
CONFIDENTIAL DO NOT DISTRIBUTE AWS Secrets Manager 17
CONFIDENTIAL DO NOT DISTRIBUTE AWS SECURITY IN ACTION 18
CONFIDENTIAL DO NOT DISTRIBUTE 19 Armor Diagram v.2 Securing Your S3 Buckets with AWS Config
CONFIDENTIAL DO NOT DISTRIBUTE 20 Armor Diagram v.2 Amazon Inspector for Vulnerability Management
CONFIDENTIAL DO NOT DISTRIBUTE 21 Armor Diagram v.2 SaaS and PrivateLink
CONFIDENTIAL DO NOT DISTRIBUTE Continuous Feedback Loop Incident Context Incident Response Playbooks and Orchestration Countermeasures CONTINOUS RESPONSE REAL-TIME VISIBILITY Armor Management Portal (AMP) API Toolset 22 Local Network [any device or appliance] Armor Services Host [applications, OS, DBs] Cloud Native [Cloudtrail, etc.] [FIM, IDS, VS, AM] DATA SOURCES REDUNDANT / LIGHTWEIGHT AGENT Armor Agent and Collector Services Metadata/Segmentation Long-Term Logging Log Ingestion/ Datalake PROTECTION / DETECTION Correlation Machine Learning Behavior Analytics THREAT INTELLIGENCE 3rd Party Threat Feeds Armor Threat Feeds and Hunting Community Insights The Spartan Platform Armor Diagram v.2 Armor Anywhere How Armor Uses AWS’ Native Tooling to Provide Security
CONFIDENTIAL DO NOT DISTRIBUTE THANK YOU

Recomendados

Making application threat intelligence practical - DEM06 - AWS reInforce 2019
Making application threat intelligence practical - DEM06 - AWS reInforce 2019 Making application threat intelligence practical - DEM06 - AWS reInforce 2019
Making application threat intelligence practical - DEM06 - AWS reInforce 2019 Amazon Web Services
 
Lacework AWS Security Week Presentation
Lacework AWS Security Week PresentationLacework AWS Security Week Presentation
Lacework AWS Security Week PresentationLacework
 
Codeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCodeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCloudLock
 
Unified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS SummitUnified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS SummitAmazon Web Services
 
Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Ammar Hasayen
 
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockBe A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockCloudLock
 
Lacework Protection for AWS S3 Buckets
Lacework Protection for AWS S3 BucketsLacework Protection for AWS S3 Buckets
Lacework Protection for AWS S3 BucketsLacework
 
Modern Workplace Deep Dive infographic
Modern Workplace Deep Dive infographicModern Workplace Deep Dive infographic
Modern Workplace Deep Dive infographicAmmar Hasayen
 

Recomendados

Making application threat intelligence practical - DEM06 - AWS reInforce 2019
Making application threat intelligence practical - DEM06 - AWS reInforce 2019 Making application threat intelligence practical - DEM06 - AWS reInforce 2019
Making application threat intelligence practical - DEM06 - AWS reInforce 2019 Amazon Web Services
 
Lacework AWS Security Week Presentation
Lacework AWS Security Week PresentationLacework AWS Security Week Presentation
Lacework AWS Security Week PresentationLacework
 
Codeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCodeless Security for the Apps You Buy & Build on AWS
Codeless Security for the Apps You Buy & Build on AWSCloudLock
 
Unified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS SummitUnified Security through Armor and AWS - DEM04 - Chicago AWS Summit
Unified Security through Armor and AWS - DEM04 - Chicago AWS SummitAmazon Web Services
 
Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Windows Advance Threats - BSides Amman 2019
Windows Advance Threats - BSides Amman 2019Ammar Hasayen
 
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockBe A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLock
Be A Hero: Combat Cloud Security Threats with Google Apps Unlimited & CloudLockCloudLock
 
Lacework Protection for AWS S3 Buckets
Lacework Protection for AWS S3 BucketsLacework Protection for AWS S3 Buckets
Lacework Protection for AWS S3 BucketsLacework
 
Modern Workplace Deep Dive infographic
Modern Workplace Deep Dive infographicModern Workplace Deep Dive infographic
Modern Workplace Deep Dive infographicAmmar Hasayen
 
VGTU Intro to Threats 2015
VGTU Intro to Threats 2015VGTU Intro to Threats 2015
VGTU Intro to Threats 2015slicklash
 
Cyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton NeidelCyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton NeidelAntonNeidel
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
SSL Pinning
SSL PinningSSL Pinning
SSL Pinningyarden hanan
 
This World of Ours
This World of OursThis World of Ours
This World of Oursslicklash
 
Lacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework
 
Lacework for AWS Security Overview
Lacework for AWS Security OverviewLacework for AWS Security Overview
Lacework for AWS Security OverviewLacework
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
 
Defence in Depth for your data in the cloud
Defence in Depth for your data in the cloudDefence in Depth for your data in the cloud
Defence in Depth for your data in the cloudAmazon Web Services
 
(SACON) Wayne Tufek - chapter three - sabsa
(SACON) Wayne Tufek - chapter three - sabsa(SACON) Wayne Tufek - chapter three - sabsa
(SACON) Wayne Tufek - chapter three - sabsaPriyanka Aash
 
Lacework slides from AWS Meetups
Lacework slides from AWS MeetupsLacework slides from AWS Meetups
Lacework slides from AWS MeetupsJohn Varghese
 
M365 Gurgaon 2020 - How to manage sensitive and personal data in M365
M365 Gurgaon 2020 - How to manage sensitive and personal data in M365M365 Gurgaon 2020 - How to manage sensitive and personal data in M365
M365 Gurgaon 2020 - How to manage sensitive and personal data in M365Sébastien Paulet
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...AlgoSec
 
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security ModelAlert Logic
 
Internship brochure
Internship brochureInternship brochure
Internship brochureFixNix Inc.,
 
CipherCloud's Solutions for Salesforce Chatter
CipherCloud's Solutions for Salesforce ChatterCipherCloud's Solutions for Salesforce Chatter
CipherCloud's Solutions for Salesforce ChatterCipherCloud
 
Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017
Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017
Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017Amazon Web Services
 
Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning CrowdStrike
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITYSylvain Martinez
 
Security in cloud
Security in cloudSecurity in cloud
Security in cloudvikash4225
 
Beginners guide to aws security monitoring
Beginners guide to aws security monitoringBeginners guide to aws security monitoring
Beginners guide to aws security monitoringrahuldesh
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security SuperheroAmazon Web Services
 

Más contenido relacionado

La actualidad más candente

VGTU Intro to Threats 2015
VGTU Intro to Threats 2015VGTU Intro to Threats 2015
VGTU Intro to Threats 2015slicklash
 
Cyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton NeidelCyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton NeidelAntonNeidel
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOpsAlert Logic
 
This World of Ours
This World of OursThis World of Ours
This World of Oursslicklash
 
Lacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework
 
Lacework for AWS Security Overview
Lacework for AWS Security OverviewLacework for AWS Security Overview
Lacework for AWS Security OverviewLacework
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityCloudLock
 
Defence in Depth for your data in the cloud
Defence in Depth for your data in the cloudDefence in Depth for your data in the cloud
Defence in Depth for your data in the cloudAmazon Web Services
 
(SACON) Wayne Tufek - chapter three - sabsa
(SACON) Wayne Tufek - chapter three - sabsa(SACON) Wayne Tufek - chapter three - sabsa
(SACON) Wayne Tufek - chapter three - sabsaPriyanka Aash
 
Lacework slides from AWS Meetups
Lacework slides from AWS MeetupsLacework slides from AWS Meetups
Lacework slides from AWS MeetupsJohn Varghese
 
M365 Gurgaon 2020 - How to manage sensitive and personal data in M365
M365 Gurgaon 2020 - How to manage sensitive and personal data in M365M365 Gurgaon 2020 - How to manage sensitive and personal data in M365
M365 Gurgaon 2020 - How to manage sensitive and personal data in M365Sébastien Paulet
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...AlgoSec
 
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security ModelAlert Logic
 
Internship brochure
Internship brochureInternship brochure
Internship brochureFixNix Inc.,
 
CipherCloud's Solutions for Salesforce Chatter
CipherCloud's Solutions for Salesforce ChatterCipherCloud's Solutions for Salesforce Chatter
CipherCloud's Solutions for Salesforce ChatterCipherCloud
 
Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017
Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017
Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017Amazon Web Services
 
Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning CrowdStrike
 
Security in cloud
Security in cloudSecurity in cloud
Security in cloudvikash4225
 

La actualidad más candente (20)

VGTU Intro to Threats 2015
VGTU Intro to Threats 2015VGTU Intro to Threats 2015
VGTU Intro to Threats 2015
 
Cyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton NeidelCyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
Cyber Security at Microsoft - Henkel Keynote Speaker Anton Neidel
 
The Intersection of Security & DevOps
The Intersection of Security & DevOpsThe Intersection of Security & DevOps
The Intersection of Security & DevOps
 
SSL Pinning
SSL PinningSSL Pinning
SSL Pinning
 
This World of Ours
This World of OursThis World of Ours
This World of Ours
 
Lacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud ScaleLacework Overview: Security Redefined for Cloud Scale
Lacework Overview: Security Redefined for Cloud Scale
 
Lacework for AWS Security Overview
Lacework for AWS Security OverviewLacework for AWS Security Overview
Lacework for AWS Security Overview
 
Stop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS SecurityStop Hackers with Integrated CASB & IDaaS Security
Stop Hackers with Integrated CASB & IDaaS Security
 
Defence in Depth for your data in the cloud
Defence in Depth for your data in the cloudDefence in Depth for your data in the cloud
Defence in Depth for your data in the cloud
 
(SACON) Wayne Tufek - chapter three - sabsa
(SACON) Wayne Tufek - chapter three - sabsa(SACON) Wayne Tufek - chapter three - sabsa
(SACON) Wayne Tufek - chapter three - sabsa
 
Lacework slides from AWS Meetups
Lacework slides from AWS MeetupsLacework slides from AWS Meetups
Lacework slides from AWS Meetups
 
M365 Gurgaon 2020 - How to manage sensitive and personal data in M365
M365 Gurgaon 2020 - How to manage sensitive and personal data in M365M365 Gurgaon 2020 - How to manage sensitive and personal data in M365
M365 Gurgaon 2020 - How to manage sensitive and personal data in M365
 
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
2020 09-30 overcoming the challenges of managing a hybrid environment - aws a...
 
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
 
Internship brochure
Internship brochureInternship brochure
Internship brochure
 
CipherCloud's Solutions for Salesforce Chatter
CipherCloud's Solutions for Salesforce ChatterCipherCloud's Solutions for Salesforce Chatter
CipherCloud's Solutions for Salesforce Chatter
 
Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017
Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017
Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017
 
Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning Battling Unknown Malware with Machine Learning
Battling Unknown Malware with Machine Learning
 
OFFICE 365 SECURITY
OFFICE 365 SECURITYOFFICE 365 SECURITY
OFFICE 365 SECURITY
 
Security in cloud
Security in cloudSecurity in cloud
Security in cloud
 

Similar a Ryan Smith's talk from the AWS Chicago user group May 22 - Security

Beginners guide to aws security monitoring
Beginners guide to aws security monitoringBeginners guide to aws security monitoring
Beginners guide to aws security monitoringrahuldesh
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security SuperheroAmazon Web Services
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Amazon Web Services
 
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentExtend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentImperva
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachCA Technologies
 
The 3 Recommendations for Cloud Security
The 3 Recommendations for Cloud SecurityThe 3 Recommendations for Cloud Security
The 3 Recommendations for Cloud SecurityVAST
 
AWS Cloud Governance & Security through Automation - Atlanta AWS Builders
AWS Cloud Governance & Security through Automation - Atlanta AWS BuildersAWS Cloud Governance & Security through Automation - Atlanta AWS Builders
AWS Cloud Governance & Security through Automation - Atlanta AWS BuildersJames Strong
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Cynthia Hsieh
 
A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...
A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...
A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...Amazon Web Services
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...Marcela Cárdenas Hidalgo
 
AWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAmazon Web Services
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero Amazon Web Services
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAlienVault
 
Secure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on SecuritySecure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on SecurityAmazon Web Services
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAmazon Web Services
 

Similar a Ryan Smith's talk from the AWS Chicago user group May 22 - Security (20)

Beginners guide to aws security monitoring
Beginners guide to aws security monitoringBeginners guide to aws security monitoring
Beginners guide to aws security monitoring
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero
 
Implementing Governance as Code
Implementing Governance as CodeImplementing Governance as Code
Implementing Governance as Code
 
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
Secure & Automate AWS Deployments with Next-Generation Security from Palo Alt...
 
Extend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS EnvironmentExtend Enterprise Application-level Security to Your AWS Environment
Extend Enterprise Application-level Security to Your AWS Environment
 
Protecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data BreachProtecting the Software-Defined Data Center from Data Breach
Protecting the Software-Defined Data Center from Data Breach
 
The 3 Recommendations for Cloud Security
The 3 Recommendations for Cloud SecurityThe 3 Recommendations for Cloud Security
The 3 Recommendations for Cloud Security
 
AWS Cloud Governance & Security through Automation - Atlanta AWS Builders
AWS Cloud Governance & Security through Automation - Atlanta AWS BuildersAWS Cloud Governance & Security through Automation - Atlanta AWS Builders
AWS Cloud Governance & Security through Automation - Atlanta AWS Builders
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020
 
A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...
A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...
A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...
Oas un llamado a la accion para proteger a ciudadanos-Sector Privado y Gobi...
 
Oas un llamado a la accion
Oas un llamado a la accionOas un llamado a la accion
Oas un llamado a la accion
 
AWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation Security
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero
 
AWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & ResponseAWS Security Best Practices for Effective Threat Detection & Response
AWS Security Best Practices for Effective Threat Detection & Response
 
Secure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on SecuritySecure & Automate AWS Deployments with Next-Generation on Security
Secure & Automate AWS Deployments with Next-Generation on Security
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
 

Más de AWS Chicago

AWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user groupAWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user groupAWS Chicago
 
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...AWS Chicago
 
WilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptxWilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptxAWS Chicago
 
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdfSuresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdfAWS Chicago
 
Streamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha DwivedulaStreamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha DwivedulaAWS Chicago
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxAWS Chicago
 
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptxSaurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptxAWS Chicago
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfAWS Chicago
 
Ross Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptxRoss Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptxAWS Chicago
 
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdfrobsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdfAWS Chicago
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfAWS Chicago
 
Mohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptxMohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptxAWS Chicago
 
Nick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptxNick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptxAWS Chicago
 
Pat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdfPat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdfAWS Chicago
 
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...AWS Chicago
 
MichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptxMichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptxAWS Chicago
 
Michal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdfMichal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdfAWS Chicago
 
Kamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptxKamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptxAWS Chicago
 
John Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptxJohn Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptxAWS Chicago
 
JuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptxJuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptxAWS Chicago
 

Más de AWS Chicago (20)

AWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user groupAWS reInvent 2023 recaps from Chicago AWS user group
AWS reInvent 2023 recaps from Chicago AWS user group
 
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
Chicago AWS Solutions Architect Mehdy Haghy recaps the new AI/ML releases and...
 
WilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptxWilliamCollins_Road-to-Transit-Gateway.pptx
WilliamCollins_Road-to-Transit-Gateway.pptx
 
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdfSuresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
Suresh Poopandi_Generative AI On AWS-MidWestCommunityDay-Final.pdf
 
Streamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha DwivedulaStreamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
Streamlined Entitlements with AWS Lake Formation - Anusha Dwivedula
 
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptxSteve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
Steve Seaney_AWS Control Tower - 2023 Midwest Community Day - Final.pptx
 
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptxSaurabh_Shanbhag - Building_SaaS_on_AWS.pptx
Saurabh_Shanbhag - Building_SaaS_on_AWS.pptx
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdf
 
Ross Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptxRoss Stuart_Using ML to Solve Lifes Problems.pptx
Ross Stuart_Using ML to Solve Lifes Problems.pptx
 
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdfrobsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
robsable_Enhancing DevOps Practices with CloudWatch APM FINAL.pdf
 
Sanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdfSanket_Nasre_Simplify Modernization.pdf
Sanket_Nasre_Simplify Modernization.pdf
 
Mohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptxMohamed Wali_AWS Security Reference Architecture.pptx
Mohamed Wali_AWS Security Reference Architecture.pptx
 
Nick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptxNick-Walter-HOB_Migrating_Dinosaurs.pptx
Nick-Walter-HOB_Migrating_Dinosaurs.pptx
 
Pat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdfPat_Davies_AWSCostOptimization_Final.pdf
Pat_Davies_AWSCostOptimization_Final.pdf
 
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
MARK GAMBLE_ASC For Really Remote Edge Computing - AWS Community Day Chicago ...
 
MichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptxMichaelSoule-UsingJupyterNotebooks.pptx
MichaelSoule-UsingJupyterNotebooks.pptx
 
Michal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdfMichal Brygidyn_CloudHackingScenarios.pdf
Michal Brygidyn_CloudHackingScenarios.pdf
 
Kamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptxKamil Kolodziejski_Structura-AWS.pptx
Kamil Kolodziejski_Structura-AWS.pptx
 
John Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptxJohn Merline AWS Certification FAQ.pptx
John Merline AWS Certification FAQ.pptx
 
JuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptxJuliaFMorgado_Breaking_bad_habits.pptx
JuliaFMorgado_Breaking_bad_habits.pptx
 

Último

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 

Último (20)

Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 

Ryan Smith's talk from the AWS Chicago user group May 22 - Security

  • 1. CONFIDENTIAL DO NOT DISTRIBUTE TAKING CONTROL OF YOUR SHARED RESPONSIBILITY WITH AWS NATIVE SECURITY TOOLS RYAN SMITH @RYANCSMITH222 2 Product Owner MAY 22, 2017
  • 2. CONFIDENTIAL DO NOT DISTRIBUTE Agenda 01 Security in AWS 101 02 Overview of the Tools 03 AWS Security in Action 2
  • 3. CONFIDENTIAL DO NOT DISTRIBUTE SECURITY IN AWS 101 3
  • 4. CONFIDENTIAL DO NOT DISTRIBUTE 2017 Cyber Security Challenges 40% 910BN Record breaches in the last 10 years. 3.8M RECORD BREACHES https://www.bloomberg.com/news/articles/2017-01-19/data- breaches-hit-record-in-2016-as-dnc-wendy-s-co-hacked INCREASE IN HACKS 2015-2016 $4M Per Ponemon Institute. Cost of Breaches: http://www-03.ibm.com/security/data-breach/ $4M AVERAGE COST OF DATA BREACH Healthcare companies lose an average of $355 per each stolen record AVERAGE HEALTHCARE LOSS $355 Of the large organizations that were breached over 70% were deemed to be “compliant” while the breach occurred COMPLIANCE IMPACT >70% 3.8M 910BN 99 Days Dwell “Sophisticated intelligence integration, automation, and threat hunting should be the end-state goal for organizations facing significant business risks and exposure to cyber attacks. “ Per Mandiant M-Trends 2017 report 4
  • 5. CONFIDENTIAL DO NOT DISTRIBUTE 5 https://aws.amazon.com/compliance/shared-responsibility-model/ That means the biggest threat to your cloud is “you don’t know what you don’t know.” Top Strategic Predictions for 2016 and Beyond – Gartner 2016 95%OF CLOUD SECURITY FAILURES THROUGH 2020 WILL BE THE CUSTOMERS FAULT. http://www.gartner.com/newsroom/id/3143718 Security in AWS is a Shared Responsibility
  • 6. CONFIDENTIAL DO NOT DISTRIBUTE Models of Security There are 3 general models of security that are good to follow in AWS:  Non-Repudiation – you should never be able to deny that you did something in a cloud environment.  AAA Model – Authentication checks IAM for login user roles; Authorizations is your permissions for your IAM roles; Accounting is the audit trail of activity in the platform – this is CloudTrail.  CIA Framework/Triad Model – Confidentiality (data encryption, IAM, 2FA). Availability (redundancy, HA clusters, availability zones). Integrity (file permissions, version and access control, checksum, certificate managers, encryption, etc. 6
  • 7. CONFIDENTIAL DO NOT DISTRIBUTE Trends in How AWS Does Security There are a couple of trends in how AWS is approaching security:  Security is at the Forefront – look at how big the security category is in their tooling; announcements at ReInvent of Amazon GuardDuty and SF Summits this year with AWS Firewall Manager and AWS Secrets Manager point to AWS seeing security as market driver and differentiator  Security in the Model of the Cloud – AWS will focus on services that are simple to enable, deploy, and build into your consumption billing constructs.  Tools will Remain Frameworks – They will look at security and compliance problems as infrastructure-as-code solutions. Developers, partners, and customers will be able to use these infrastructure-as-code frameworks to have security-as-code and compliance- as-code. 7
  • 8. CONFIDENTIAL DO NOT DISTRIBUTE OVERVIEW OF THE TOOLS 8
  • 9. CONFIDENTIAL DO NOT DISTRIBUTE 9 Armor Diagram v.2 Amazon Macie
  • 10. CONFIDENTIAL DO NOT DISTRIBUTE Amazon GuardDuty 10
  • 11. CONFIDENTIAL DO NOT DISTRIBUTE  43 Findings; Various Types: • Persistence • Recon • Cryptocurrency • Trojan • Unauthorized Access  2 Recommended Remediation Paths • Compromised Instance • Compromised Credentials Amazon GuardDuty 11
  • 12. CONFIDENTIAL DO NOT DISTRIBUTE AWS WAF (Web Application Firewall) 12
  • 13. CONFIDENTIAL DO NOT DISTRIBUTE AWS WAF (Web Application Firewall) 13
  • 14. CONFIDENTIAL DO NOT DISTRIBUTE AWS Firewall Manager 14
  • 15. CONFIDENTIAL DO NOT DISTRIBUTE Amazon Inspector 15
  • 16. CONFIDENTIAL DO NOT DISTRIBUTE Amazon Inspector 16
  • 17. CONFIDENTIAL DO NOT DISTRIBUTE AWS Secrets Manager 17
  • 18. CONFIDENTIAL DO NOT DISTRIBUTE AWS SECURITY IN ACTION 18
  • 19. CONFIDENTIAL DO NOT DISTRIBUTE 19 Armor Diagram v.2 Securing Your S3 Buckets with AWS Config
  • 20. CONFIDENTIAL DO NOT DISTRIBUTE 20 Armor Diagram v.2 Amazon Inspector for Vulnerability Management
  • 21. CONFIDENTIAL DO NOT DISTRIBUTE 21 Armor Diagram v.2 SaaS and PrivateLink
  • 22. CONFIDENTIAL DO NOT DISTRIBUTE Continuous Feedback Loop Incident Context Incident Response Playbooks and Orchestration Countermeasures CONTINOUS RESPONSE REAL-TIME VISIBILITY Armor Management Portal (AMP) API Toolset 22 Local Network [any device or appliance] Armor Services Host [applications, OS, DBs] Cloud Native [Cloudtrail, etc.] [FIM, IDS, VS, AM] DATA SOURCES REDUNDANT / LIGHTWEIGHT AGENT Armor Agent and Collector Services Metadata/Segmentation Long-Term Logging Log Ingestion/ Datalake PROTECTION / DETECTION Correlation Machine Learning Behavior Analytics THREAT INTELLIGENCE 3rd Party Threat Feeds Armor Threat Feeds and Hunting Community Insights The Spartan Platform Armor Diagram v.2 Armor Anywhere How Armor Uses AWS’ Native Tooling to Provide Security
  • 23. CONFIDENTIAL DO NOT DISTRIBUTE THANK YOU

Notas del editor

  1. There are 2 versions of the agenda slide. If you have a short list of items, then use this slide.     For help with using this PowerPoint template slide, contact Alfredo Ledesma at alfredo.ledesma@armor.com.  
  2. Use this slide to introduce a new section.
  3. Use this template for content-heavy slides.
  4. Use this template for content-heavy slides.
  5. Use this slide to introduce a new section.
  6. Use this template for slides with limited content. (The same template with different images can be found in the master slide deck.)
  7. Use this slide to introduce a new section.
  8. The “Thank You” slide should match the first slide.