Cloud Security with Amazon Web Services

•Descargar como PPTX, PDF•

3 recomendaciones•1,283 vistas

Steve Riley, Sr. Technical Program Manager at Amazon Web Services, led this session at the RightScale User Conference 2010 in Santa Clara. Session Abstract: Moving to the cloud raises lots of questions, mostly about security. Amazon Web Services has built an infrastructure and established processes to mitigate common vulnerabilities and offer a safe compute and storage environment. In this session, we'll discuss common cloud security concerns, show how AWS protects its infrastructure from internal and external attack, and explain how you can take advantage of the security features of AWS in your own applications as you extend your enterprise into the cloud.

Tecnología

Securityin theAWS Cloud Steve Rileysteriley@amazon.com@steveriley@awscloud http://stvrly.wordpress.comhttp://aws.typepad.com

Amazon Web Services: 4 regions Amazon CloudFront: 16 edge locations

Amazon S3 Amazon SimpleDB Amazon RDS (multi AZ) Amazon EBS Amazon RDS (one AZ) Amazon EC2 ++ ++ ++

0 / 0 / 0 / 0 / 0 / 0 / 0 / 0 / 0 / 0 0 / / 0 / 0 / 0 / 0 0 / / zzz null zzz

Customer 1 Customer 2 Customern … Customer only SSH, ID/pw, X.509 Root/admin Customer 1virtual interfaces Customer 2virtual interfaces Customernvirtual interfaces … Customer only Inbound flows Default deny Hypervisor layer Customer 1securitygroups Customer 2securitygroups Customernsecurity groups … AWS firewall AWS admins only SSH via bastions Audits reviewed Physical interfaces

DDoS attacks MITM attacks IP spoofing Packet sniffing Port scanning

… Customer 1 Customer 2 Customern Customer only SSH, ID/pw, X.509 Root/admin control You … Customer 1virtual interfaces Customer 2virtual interfaces Customernvirtual interfaces Customer only Inbound flows Default deny Hypervisor layer … Customer 1securitygroups Customer 2securitygroups Customernsecurity groups AWS firewall AWS AWS admins only SSH via bastions Audits reviewed Physical interfaces

Web tier Application tier Database tier HTTP/HTTPS from Internet SSH/RDP management from corpnet SSH/RDP management from corpnet, vendor SSH/RDP management from corpnet

ec2-authorize WebSG -P tcp -p 80 -s 0.0.0.0/0 ec2-authorize WebSG -P tcp -p 443 -s 0.0.0.0/0 ec2-authorize WebSG-P tcp-p 22|3389-s CorpNet ec2-authorize AppSG -P prot-p AppPortRange -o WebSG ec2-authorize AppSG -P tcp -p 22|3389 -s CorpNet ec2-authorize DBSG-P prot -p DBPortRange-o AppSG ec2-authorize DBSG -P tcp -p 22|3389 -s CorpNet ec2-authorize DBSG -P tcp -p 22|3389 -s Vendor

ec2-authorize InspSG -P prot -p port -s 0.0.0.0/0 . . . ec2-authorize WebSG -P tcp -p 80 -o InspSG ec2-authorize WebSG -P tcp -p 443 -o InspSG ec2-authorize WebSG-P tcp-p 22|3389-s CorpNet ec2-authorize AppSG -P prot-p AppPortRange -o WebSG ec2-authorize AppSG -P tcp -p 22|3389 -s CorpNet ec2-authorize DBSG-P prot -p DBPortRange-o AppSG ec2-authorize DBSG -P tcp -p 22|3389 -s CorpNet ec2-authorize DBSG -P tcp -p 22|3389 -s Vendor

Your VPC AmazonWeb Services Cloud IPsec tunnel mode 128-bit AES, SHA-1, PFS, BGP Your corporate network

US-East, EU-WestUpcoming ,[object Object]

Subnet ACLsYour VPC AmazonWeb Services Cloud Your corporate network

Más contenido relacionado

La actualidad más candente

Advanced Security Masterclass - Tel Aviv Loft

Ian Massingham

Secure Content Delivery with AWS

Amazon Web Services

It is critical to maintain strong identity and access policies to prevent unexpected access to your AWS resources. It is equally important to track and alert on changes. In this webinar, you will learn about the different ways you can use AWS Identity and Access Management (IAM) to control access to your AWS services and integrate your existing authentication system with AWS IAM. We will cover how you can deploy and control your AWS infrastructure using code templates, including change management policies with AWS CloudFormation. In addition, we will explore different options for managing both your AWS access logs and your Amazon Elastic Compute Cloud (EC2) system logs using Amazon CloudWatch Logs. We will also cover how to use these logs to implement an audit and compliance validation process using services such as AWS Config, AWS CloudTrail, and Amazon Inspector. Learning Objectives: • Understand the AWS Shared Responsibility Model. • Understand AWS account and identity management options and configuration. • Learn the concept of infrastructure as code and change management using CloudFormation. • Learn how to audit and log your AWS service usage. • Learn about AWS services to add automatic compliance checks to your AWS infrastructure.

Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...

Amazon Web Services

Deep Dive: AWS CloudHSM (Classic)

Amazon Web Services

Aws(in)security - the devil is in the detail

Pawel Rzepa

AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.

Protecting Your Data with Encryption on AWS

Amazon Web Services

In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.

Creating Your Virtual Data Center: Amazon VPC Fundamentals and Connectivity O...

Amazon Web Services

High Performance MongoDB Clusters with Amazon EBS Provisioned IOPS

Amazon Web Services

AWS Security Best Practices (March 2017)

Julien SIMON

AWS provides several security capabilities and services to increase privacy and control infrastructure access. Built-in firewalls allow you to create private networks within AWS, and also control network access to your instances and subnets. Identity and access management capabilities enable you to define individual user accounts with permissions across AWS resources. AWS also provides tools and features that enable you to see exactly what’s happening in your AWS environment. In this session, you will gain an understanding of preventive and detective controls at the infrastructure level on AWS. We will cover Identity and Access Management as well as the security aspects of Amazon EC2, Virtual Private Cloud (VPC), Elastic Load Balancing (ELB), and CloudTrail.

Network Security and Access Control within AWS

Amazon Web Services

Re-architecting applications for the cloud can be disruptive to existing on-premises solutions. One way to ease this transition is to adopt a hybrid approach to cloud. This webinar will help you understand how to relate traditional on-premises storage infrastructures to the cloud, highlight use cases for easy wins, how to navigate architectural decisions and best practices for hybrid designs. Learning Objectives: Learn how to decide between object, file and block storage, the key benefits and differentiators for each, and when to apply them in hybrid models Who Should Attend: Application Developers, enterprise architects and storage and backup and managers familiar with traditional on-prem storage offerings

February 2016 Webinar Series - Use AWS Cloud Storage as the Foundation for Hy...

Amazon Web Services

Secure Content Delivery with AWS

Amazon Web Services

Data protection is more important than ever. Maintaining confidentiality and integrity of your data at scale does not have to be a burden. In this session we will discuss encryption options on AWS and how to leverage AWS Key Management Service (KMS) for data encryption. We will also cover how AWS KMS integrates with other AWS services. Speaker: Koorosh Lohrasbi, Solutions Architect, Amazon Web Services

Ubiquitous Encryption on AWS - Level 300

Amazon Web Services

Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. We will also share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting a A+ on SSL labs.

(STG205) Secure Content Delivery Using Amazon CloudFront

Amazon Web Services

AWS Elastic Beanstalk provides a number of simple, flexible interfaces for developing and deploying your applications. In this session, learn how ThoughtWorks leverage the Elastic Beanstalk API to continuously deliver their applications with smoke tests and blue-green deployments. Also learn how to deploy your apps with Git and eb, a powerful CLI that allows developers to create, configure, and manage Elastic Beanstalk applications and environments from the command line.

AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013

Amazon Web Services

Security best practices on AWS - Pop-up Loft TLV 2017

Amazon Web Services

AWS re:Invent 2016: Get the Most from AWS KMS: Architecting Applications for ...

Amazon Web Services

Under the AWS shared responsibility model, AWS provides a secure global infrastructure, including computing, storage, networking and database services, as well as a range of high level services. AWS provides a range of security services and features that AWS customers can use to secure their content and meet their own specific business requirements for security. In this presentation, we focus on advanced security best practices and recently introduced security services from AWS. See a recording of the webinar based on this presentation here: https://youtu.be/zU1x5SfKEzs

Advanced Security Best Practices Masterclass

Amazon Web Services

Advanced AWS Security Workshop

Amazon Web Services

Level 100: Get Started and Migrate Your Data to AWS Millions of customers are leveraging AWS for increased flexibility, scalability, and reliability. This "how-to" webinar will cover the basics of getting started with AWS and migrating your data to AWS. this session will also cover core AWS services, such as Amazon EC2 and Amazon S3, and provide demonstrations of how to set up and utilize those services to launch virtual machines in the cloud, backup and restore data. This session will also cover the storage options available today to upload/move your data to AWS. Reasons to attend: Learn how to create an AWS account and access its free services, to create and run a virtual machine in the cloud Understand how to create backup and restore an Amazon EC2 instance Store and share files online with Amazon S3 Learn how to manage costs and set up billing alerts Leverage the different storage options to migrate your data

Get Started and Migrate Your Data to AWS

Amazon Web Services

La actualidad más candente (20)

Advanced Security Masterclass - Tel Aviv Loft

Secure Content Delivery with AWS

Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...

Deep Dive: AWS CloudHSM (Classic)

Aws(in)security - the devil is in the detail

Protecting Your Data with Encryption on AWS

Creating Your Virtual Data Center: Amazon VPC Fundamentals and Connectivity O...

High Performance MongoDB Clusters with Amazon EBS Provisioned IOPS

AWS Security Best Practices (March 2017)

Network Security and Access Control within AWS

February 2016 Webinar Series - Use AWS Cloud Storage as the Foundation for Hy...

Secure Content Delivery with AWS

Ubiquitous Encryption on AWS - Level 300

(STG205) Secure Content Delivery Using Amazon CloudFront

AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013

Security best practices on AWS - Pop-up Loft TLV 2017

AWS re:Invent 2016: Get the Most from AWS KMS: Architecting Applications for ...

Advanced Security Best Practices Masterclass

Advanced AWS Security Workshop

Get Started and Migrate Your Data to AWS

Similar a Cloud Security with Amazon Web Services

Securing The AWS Cloud, Steve Riley, AWS Events, April 2010

Amazon Web Services

Security in the AWS Cloud - Steve Riley

Amazon Web Services

AWS IoT is a managed cloud platform that lets connected devices easily and securely interact with cloud applications and other devices. This webinar will introduce the best practices for IoT Security in the cloud and the access control mechanisms used by AWS IoT. These mechanisms can be used to not only securely build and provision devices, as well as integrate devices with other AWS services to create secure solutions. Learning Objectives: • Common IoT Thing Management Issues • Learn about AWS IoT Security and Access Control Mechanisms • Build Secure interactions with the AWS Cloud Who Should Attend: • Technical Decision Makers, Developers, Makers

Best Practices for IoT Security in the Cloud

Amazon Web Services

Best Practices of IoT in the Cloud

Amazon Web Services

Black Belt tips makes a comeback for the fifth consecutive year. How you used the AWS platform last year should be different to how you utilise it today. In this advanced technical session, learn about latest changes in compute, networking, and security. Understand how new architecture patterns will allow you to maximise performance efficiency, reliability, and security on AWS today. Speaker: Joshua Shanks, Solutions Architect AWS

Black Belt Tips for IT Operations

Amazon Web Services

In this introductory session, we cover how to secure your resources in the cloud for common AWS workloads such as Amazon EC2 computing, database, and serverless. We cover security best practices recommended by AWS for each workload using simple and effective identity and networking techniques. Learn how and why these controls do what they do, and come away with the ability to interpret and apply AWS identity and network access controls.

Securing Your Virtual Data Center in the Cloud (NET202) - AWS re:Invent 2018

Amazon Web Services

Aws Architecture Fundamentals

2nd Watch

Best Practices for IoT Security in the Cloud

Amazon Web Services

Security Overview

Amazon Web Services

Well-Architected for Security: Advanced Session

Amazon Web Services

As your use of the AWS platform matures and evolves you need to be continuously looking at ways to improve your security posture and take advantage of new security services and features. In this advanced technical session we will share architecture patterns for different workloads, IAM policy tips & tricks, how to implement security automation and for forensics. Be prepared for a technically deep session on AWS security. Speaker: Ben Potter, AWS Cloud Security Consultant, Amazon Web Services

Well-Architected for Security: Advanced Session

Amazon Web Services

AWS는 다양한 서비스 빌딩 블록을 이용하여, 고객의 요구에 따른 다양한 사물 인터넷(IoT) 서비스를 구축할 수 있습니다. 본 온라인 세미나에서는 AWS IoT 서비스의 주요 개념과 함께 일반적인 인터넷 기기 및 스마트 홈을 위한 IoT 서비스 구현 패턴을 알아봅니다. 이를 위해 데이터 상태 관리, 데이터 분석 및 자원 관리 등의 패턴을 통해 비용 효율적이고 확장 가능한 아키텍처를 살펴봅니다. AWS Lambda, API Gateway, DynamoDB 등 서버리스 빌딩 블록과 AWS IoT를 연계한 iRobot의 아카텍처 사례를 함께 살펴봄으로서 IoT 기반 서비스 구현 및 이전에 통찰력을 얻으실 수 있습니다.

서버리스 IoT 백엔드 개발 및 구현 사례 : 윤석찬 (AWS 테크에반젤리스트)

Amazon Web Services Korea

Landgate undertook transform this platform into an as-a-service offering for other land jurisdictions. How was this done? What is the security posture? What is the availability? What was the business impact? And why is it that inspecting Land Title certificates didn't result in people accidentally being shown pictures of Beyoncé. Come find out. Speaker: James Bromberger, Associate Director & National Cloud Lead - Ajilon. Level: 300

Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...

Amazon Web Services

(BAC404) Deploying High Availability and Disaster Recovery Architectures with...

Amazon Web Services

Most organizations today run their production workloads inside Amazon Virtual Private Cloud (Amazon VPC). This software-defined network structure provides the boundaries that are needed for the security that an organization and its customers require. For most organizations, the natural evolution in their architecture, security, and environment involves migrating from a single VPC to multiple VPCs in the same AWS Region and across many other AWS Regions. The question of how to enforce security policies while simplifying the flow of traffic between multiple VPCs, the data center, and remote offices while adhering to AWS best practices becomes an intricate one to answer. In this chalk talk, we provide solutions to scenarios like these and more. Topics include Amazon security groups, NACLs, static and dynamic VPNs, AWS Direct Connect, IPS and IDS, transit VPC architectures, designing for security, and more.

From One to Many: Diving Deeper into Evolving VPC Design (ARC310-R2) - AWS re...

Amazon Web Services

Essential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks

Amazon Web Services

Black Belt Tips for IT Operations Black Belt tips makes a comeback for the fifth consecutive year. How you used the AWS platform last year should be different to how you utilise it today. In this advanced technical session, learn about latest changes in compute, networking, and security. Understand how new architecture patterns will allow you to maximise performance efficiency, reliability, and security on AWS today. Evgeny Vaganov, Solutions Architect, Amazon Web Services

Black Belt Tips for IT Operations - AWS Summit Sydney 2018

Amazon Web Services

The cloud enables users to run workloads more securely than they could in a traditional data center. However, customers are still not sure how to harden their AWS accounts and resources in order to enforce compliance. Consistency around governance can also be a concern when large customers have multiple accounts. In this session, we show you how to use automation, tools, and techniques to harden and audit your AWS account as well as how to leverage AWS Organizations to ensure compliance in your enterprise.

Secure your AWS Account and your Organization's Accounts

Amazon Web Services

Secure Your AWS Account and Your Organization's Accounts - SID202 - Chicago A...

Amazon Web Services

AWS Update from AWS User Group UK July Meetup

Ian Massingham

Similar a Cloud Security with Amazon Web Services (20)

Securing The AWS Cloud, Steve Riley, AWS Events, April 2010

Security in the AWS Cloud - Steve Riley

Best Practices for IoT Security in the Cloud

Best Practices of IoT in the Cloud

Black Belt Tips for IT Operations

Securing Your Virtual Data Center in the Cloud (NET202) - AWS re:Invent 2018

Aws Architecture Fundamentals

Best Practices for IoT Security in the Cloud

Security Overview

Well-Architected for Security: Advanced Session

서버리스 IoT 백엔드 개발 및 구현 사례 : 윤석찬 (AWS 테크에반젤리스트)

Customer Case Study: Land Registry as a Service in the Cloud - AWS PS Summit ...

(BAC404) Deploying High Availability and Disaster Recovery Architectures with...

From One to Many: Diving Deeper into Evolving VPC Design (ARC310-R2) - AWS re...

Essential Capabilities of an IoT Cloud Platform - AWS Online Tech Talks

Black Belt Tips for IT Operations - AWS Summit Sydney 2018

Secure your AWS Account and your Organization's Accounts

Secure Your AWS Account and Your Organization's Accounts - SID202 - Chicago A...

AWS Update from AWS User Group UK July Meetup

Más de RightScale

10 Must-Have Automated Cloud Policies for IT Governance

RightScale

Kubernetes and Terraform in the Cloud: How RightScale Does DevOps

RightScale

Optimize Software, SaaS, and Cloud with Flexera and RightScale

RightScale

Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now

RightScale

How to Set Up a Cloud Cost Optimization Process for your Enterprise

RightScale

Multi-Cloud Management with RightScale CMP (Demo)

RightScale

Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM

RightScale

How to Allocate and Report Cloud Costs with RightScale Optima

RightScale

The media is highlighting scores of stories about companies that have moved from one public cloud to another for business or technical reasons. Regardless of whether you are running on AWS, Azure, or Google, there will likely come a time that you’ll want to consider switching cloud providers. Whether you are contemplating a move now or just want to keep your options open in the future, you will need to consider a variety of cost, service, and technical factors. In this webinar, we’ll walk you through the evaluation process of migrating to another cloud provider and highlight the pros and cons.

Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...

RightScale

Large organizations are using cloud management platforms (CMPs) to manage and govern multi-cloud environments. They need their CMPs to work regardless of the cloud provider tools used by development teams, including AWS Cloud Formation templates, Azure Resource Manager templates, and container services. We will show how RightScale CMP can add operation orchestration and governance regardless of how you provision your workloads.

Using RightScale CMP with Cloud Provider Tools

RightScale

Best Practices for Multi-Cloud Security and Compliance

RightScale

Automating Multi-Cloud Policies for AWS, Azure, Google, and More

RightScale

The 5 Stages of Cloud Management for Enterprises

RightScale

9 Ways to Reduce Cloud Storage Costs

RightScale

Serverless Comparison: AWS vs Azure vs Google vs IBM

RightScale

Managed services providers (MSPs) and other IT services providers offering managed services across multiple clouds use a cloud management platform (CMP) as a foundational technology. But what are the best practices for MSPs to leverage a CMP for success with end customers? MSPs need to implement appropriate account hierarchies, tagging strategies, cost management practices, templating and automation approaches, and DevOps processes.

Best Practices for Cloud Managed Services Providers: The Path to CMP Success

RightScale

Cloud Storage Comparison: AWS vs Azure vs Google vs IBM

RightScale

2018 Cloud Trends: RightScale State of the Cloud Report

RightScale

Got a Multi-Cloud Strategy? How RightScale CMP Helps

RightScale

How to Manage Cloud Costs with RightScale Optima

RightScale

Más de RightScale (20)

10 Must-Have Automated Cloud Policies for IT Governance

Kubernetes and Terraform in the Cloud: How RightScale Does DevOps

Optimize Software, SaaS, and Cloud with Flexera and RightScale

Prepare Your Enterprise Cloud Strategy for 2019: 7 Things to Think About Now

How to Set Up a Cloud Cost Optimization Process for your Enterprise

Multi-Cloud Management with RightScale CMP (Demo)

Comparing Cloud VM Types and Prices: AWS vs Azure vs Google vs IBM

How to Allocate and Report Cloud Costs with RightScale Optima

Should You Move Between AWS, Azure, or Google Clouds? Considerations, Pros an...

Using RightScale CMP with Cloud Provider Tools

Best Practices for Multi-Cloud Security and Compliance

Automating Multi-Cloud Policies for AWS, Azure, Google, and More

The 5 Stages of Cloud Management for Enterprises

9 Ways to Reduce Cloud Storage Costs

Serverless Comparison: AWS vs Azure vs Google vs IBM

Best Practices for Cloud Managed Services Providers: The Path to CMP Success

Cloud Storage Comparison: AWS vs Azure vs Google vs IBM

2018 Cloud Trends: RightScale State of the Cloud Report

Got a Multi-Cloud Strategy? How RightScale CMP Helps

How to Manage Cloud Costs with RightScale Optima

Último

Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood

Juan lago vázquez

Angeliki Cooney has spent over twenty years at the forefront of the life sciences industry, working out of Wynantskill, NY. She is highly regarded for her dedication to advancing the development and accessibility of innovative treatments for chronic diseases, rare disorders, and cancer. Her professional journey has centered on strategic consulting for biopharmaceutical companies, facilitating digital transformation, enhancing omnichannel engagement, and refining strategic commercial practices. Angeliki's innovative contributions include pioneering several software-as-a-service (SaaS) products for the life sciences sector, earning her three patents. As the Senior Vice President of Life Sciences at Avenga, Angeliki orchestrated the firm's strategic entry into the U.S. market. Avenga, a renowned digital engineering and consulting firm, partners with significant entities in the pharmaceutical and biotechnology fields. Her leadership was instrumental in expanding Avenga's client base and establishing its presence in the competitive U.S. market.

Biography Of Angeliki Cooney | Senior Vice President Life Sciences | Albany, ...

Angeliki Cooney

Strategies for Landing an Oracle DBA Job as a Fresher

Remote DBA Services

Following the popularity of "Cloud Revolution: Exploring the New Wave of Serverless Spatial Data," we're thrilled to announce this much-anticipated encore webinar. In this sequel, we'll dive deeper into the Cloud-Native realm by uncovering practical applications and FME support for these new formats, including COGs, COPC, FlatGeoBuf, GeoParquet, STAC, and ZARR. Building on the foundation laid by industry leaders Michelle Roby of Radiant Earth and Chris Holmes of Planet in the first webinar, this second part offers an in-depth look at the real-world application and behind-the-scenes dynamics of these cutting-edge formats. We will spotlight specific use-cases and workflows, showcasing their efficiency and relevance in practical scenarios. Discover the vast possibilities each format holds, highlighted through detailed discussions and demonstrations. Our expert speakers will dissect the key aspects and provide critical takeaways for effective use, ensuring attendees leave with a thorough understanding of how to apply these formats in their own projects. Elevate your understanding of how FME supports these cutting-edge technologies, enhancing your ability to manage, share, and analyze spatial data. Whether you're building on knowledge from our initial session or are new to the serverless spatial data landscape, this webinar is your gateway to mastering cloud-native formats in your workflows.

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME

Safe Software

Boost Fertility New Invention Ups Success Rates.pdf

sudhanshuwaghmare1

Six Myths about Ontologies: The Basics of Formal Ontology

johnbeverley2021

Dubai, often portrayed as a shimmering oasis in the desert, faces its own set of challenges, including the occasional threat of flooding. Despite its reputation for opulence and modernity, the emirate is not immune to the forces of nature. In recent years, Dubai has experienced sporadic but significant floods, testing the resilience of its infrastructure and communities. Among the critical lifelines in this bustling metropolis is the Dubai International Airport, a bustling hub that connects the city to the world. This article explores the intersection of Dubai flood events and the resilience demonstrated by the Dubai International Airport in the face of such challenges.

Navigating the Deluge_ Dubai Floods and the Resilience of Dubai International...

Orbitshub

[BuildWithAI] Introduction to Gemini.pdf

Sandro Moreira

ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke

Product Anonymous

ICT role in 21st century education and its challenges

rafiqahmad00786416

FWD Group - Insurer Innovation Award 2024

The Digital Insurer

Three things you will take away from the session: • How to run an effective tenant-to-tenant migration • Best practices for before, during, and after migration • Tips for using migration as a springboard to prepare for Copilot in Microsoft 365 Main ideas: Migration Overview: The presentation covers the current reality of cross-tenant migrations, the triggers, phases, best practices, and benefits of a successful tenant migration Considerations: When considering a migration, it is important to consider the migration scope, performance, customization, flexibility, user-friendly interface, automation, monitoring, support, training, scalability, data integrity, data security, cost, and licensing structure Next Wave: The next wave of change includes the launch of Copilot, which requires businesses to be prepared for upcoming changes related to Copilot and the cloud, and to consolidate data and tighten governance ShareGate: ShareGate can help with pre-migration analysis, configurable migration tool, and automated, end-user driven collaborative governance

Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff

sammart93

Scaling API-first – The story of a global engineering organization Ian Reasor, Senior Computer Scientist - Adobe Radu Cotescu, Senior Computer Scientist - Adobe Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe

apidays

Architecting Cloud Native Applications

WSO2

"I see eyes in my soup": How Delivery Hero implemented the safety system for ...

Zilliz

MINDCTI Revenue Release Quarter One 2024

MIND CTI

Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving

Edi Saputra

MS Copilot expands with MS Graph connectors

Nanddeep Nachan

Accelerating FinTech Innovation: Unleashing API Economy and GenAI Vasa Krishnan, Chief Technology Officer - FinResults Apidays New York 2024: The API Economy in the AI Era (April 30 & May 1, 2024) ------ Check out our conferences at https://www.apidays.global/ Do you want to sponsor or talk at one of our conferences? https://apidays.typeform.com/to/ILJeAaV8 Learn more on APIscene, the global media made by the community for the community: https://www.apiscene.io Explore the API ecosystem with the API Landscape: https://apilandscape.apiscene.io/

Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...

apidays

Effective data discovery is crucial for maintaining compliance and mitigating risks in today's rapidly evolving privacy landscape. However, traditional manual approaches often struggle to keep pace with the growing volume and complexity of data. Join us for an insightful webinar where industry leaders from TrustArc and Privya will share their expertise on leveraging AI-powered solutions to revolutionize data discovery. You'll learn how to: - Effortlessly maintain a comprehensive, up-to-date data inventory - Harness code scanning insights to gain complete visibility into data flows leveraging the advantages of code scanning over DB scanning - Simplify compliance by leveraging Privya's integration with TrustArc - Implement proven strategies to mitigate third-party risks Our panel of experts will discuss real-world case studies and share practical strategies for overcoming common data discovery challenges. They'll also explore the latest trends and innovations in AI-driven data management, and how these technologies can help organizations stay ahead of the curve in an ever-changing privacy landscape.

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery

TrustArc

Cloud Security with Amazon Web Services

1. Securityin theAWS Cloud Steve Rileysteriley@amazon.com@steveriley@awscloud http://stvrly.wordpress.comhttp://aws.typepad.com

2. Amazon Web Services: 4 regions Amazon CloudFront: 16 edge locations

8. http://status.aws.amazon.com/

10.

11. Amazon S3 Amazon SimpleDB Amazon RDS (multi AZ) Amazon EBS Amazon RDS (one AZ) Amazon EC2 ++ ++ ++

12. 0 / 0 / 0 / 0 / 0 / 0 / 0 / 0 / 0 / 0 0 / / 0 / 0 / 0 / 0 0 / / zzz null zzz

13. DoD 5220.22-M and NIST 800-88

14. Customer 1 Customer 2 Customern … Customer only SSH, ID/pw, X.509 Root/admin Customer 1virtual interfaces Customer 2virtual interfaces Customernvirtual interfaces … Customer only Inbound flows Default deny Hypervisor layer Customer 1securitygroups Customer 2securitygroups Customernsecurity groups … AWS firewall AWS admins only SSH via bastions Audits reviewed Physical interfaces

15. DDoS attacks MITM attacks IP spoofing Packet sniffing Port scanning

16. … Customer 1 Customer 2 Customern Customer only SSH, ID/pw, X.509 Root/admin control You … Customer 1virtual interfaces Customer 2virtual interfaces Customernvirtual interfaces Customer only Inbound flows Default deny Hypervisor layer … Customer 1securitygroups Customer 2securitygroups Customernsecurity groups AWS firewall AWS AWS admins only SSH via bastions Audits reviewed Physical interfaces

17. Web tier Application tier Database tier HTTP/HTTPS from Internet SSH/RDP management from corpnet SSH/RDP management from corpnet, vendor SSH/RDP management from corpnet

18.

19. ec2-authorize WebSG -P tcp -p 80 -s 0.0.0.0/0 ec2-authorize WebSG -P tcp -p 443 -s 0.0.0.0/0 ec2-authorize WebSG-P tcp-p 22|3389-s CorpNet ec2-authorize AppSG -P prot-p AppPortRange -o WebSG ec2-authorize AppSG -P tcp -p 22|3389 -s CorpNet ec2-authorize DBSG-P prot -p DBPortRange-o AppSG ec2-authorize DBSG -P tcp -p 22|3389 -s CorpNet ec2-authorize DBSG -P tcp -p 22|3389 -s Vendor

20. ec2-authorize InspSG -P prot -p port -s 0.0.0.0/0 . . . ec2-authorize WebSG -P tcp -p 80 -o InspSG ec2-authorize WebSG -P tcp -p 443 -o InspSG ec2-authorize WebSG-P tcp-p 22|3389-s CorpNet ec2-authorize AppSG -P prot-p AppPortRange -o WebSG ec2-authorize AppSG -P tcp -p 22|3389 -s CorpNet ec2-authorize DBSG-P prot -p DBPortRange-o AppSG ec2-authorize DBSG -P tcp -p 22|3389 -s CorpNet ec2-authorize DBSG -P tcp -p 22|3389 -s Vendor

21. Your VPC AmazonWeb Services Cloud IPsec tunnel mode 128-bit AES, SHA-1, PFS, BGP Your corporate network

22.

23. EBS

24. CloudWatch

25. Linux/Unix and Windows

26.

27. Bidirectional Internet

28. Elastic IPs

29. Elastic Load Balancing

30. Autoscaling

31. DevPay

32. Inter-subnet security groups

33. Subnet ACLsYour VPC AmazonWeb Services Cloud Your corporate network

34.

35. View Permissions

36. Edit Permissions

37. List

38. Upload/delete

39. View permissions

40.

41. 99.999999999% annual durability

42.

43.

44.

45. Resources

46. Source IP

47. Time of day

48.

49. IAM details Preview beta includes: Amazon EC2, S3, VPC, SQS, SNS, RDS, SimpleDB, Auto Scaling, ELB Configured via API calls Add users, define groups and hierarchies, set permissions, enable API calls, assign MFAs Future: User login to console, user management console No additional charge

50. http://aws.amazon.com/mfa/

51.

52. *:*

53. Compliance HIPAA Current customer deployments Whitepaper describes the specifics SAS 70 type II Multiple audits Simplified process to get your copy FISMA moderate Authority to Operate ISO 27001/27002

54. SAS 70 Type II controls

55. aws-security@amazon.com https://aws.amazon.com/security/aws-pgp-public-key/

56. http://aws.amazon.com/security/

57. Thank you very much! Steve Rileysteriley@amazon.com@steveriley@awscloud http://stvrly.wordpress.comhttp://aws.typepad.com

Cloud Security with Amazon Web Services

Recomendados

Recomendados

Más contenido relacionado

La actualidad más candente

La actualidad más candente (20)

Similar a Cloud Security with Amazon Web Services

Similar a Cloud Security with Amazon Web Services (20)

Más de RightScale

Más de RightScale (20)

Último

Último (20)

Cloud Security with Amazon Web Services