Your SlideShare is downloading. ×
0
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
AWS CloudTrail & Alert Logic Log Manager
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

AWS CloudTrail & Alert Logic Log Manager

894

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
894
On Slideshare
0
From Embeds
0
Number of Embeds
1
Actions
Shares
0
Downloads
34
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Scenario from http://www.alertlogic.com/tracking-network-changes-with-aws-cloudtrail/.
  • Transcript

    • 1. AWS CloudTrail & Alert Logic Log Manager December 10, 2013 Justin Criswell Cloud Solutions Architect > www.alertlogic.com Diane Garey Product Marketing
    • 2. The Shared Security Model for AWS • Secure coding and best practices • Access management • Software and virtual patching • Application level attack monitoring • Configuration management Apps Hosts VPC Networks • • • • Hardened hypervisor Promiscuous mode prevented Deny-all default in security group Root access provided to customer • • • • • Access management Patch management Configuration hardening Security monitoring Log analysis • VPC provides Logically isolated environments • Security groups filter inbound/outbound • External DDoS, spoofing and scanning prevented • Network threat detection • Security monitoring Foundation Services Compute AWS Global Infrastructure Storage Multiple Availability Zones DB Network Globally Distributed Regions 2 > www.alertlogic.com 2 Web Application Attacks Brute Force Reconnaissance Vulnerability Scans Primary Responsibility Customer
    • 3. AWS CloudTrail http://aws.amazon.com/cloudtrail Who took this action? When did the action take place? What action was taken? Where was this action performed? How was this action performed? > www.alertlogic.com 3
    • 4. Currently Supported AWS Services • • • • • • • • Amazon Elastic Compute Cloud (Amazon EC2) Amazon Elastic Block Store (Amazon EBS) Amazon Redshift Amazon Relational Database Service (Amazon RDS) Amazon Virtual Private Cloud (Amazon VPC) AWS CloudTrail AWS Identity and Access Management (AWS IAM) AWS Security Token Service (AWS STS) Amazon EC2 > www.alertlogic.com Amazon EBS Amazon Redshift Amazon RDS 4 Amazon VPC IAM STS
    • 5. Alert Logic Log Manager for AWS Cloud-Based Security Log Analysis All Log Data, All Together Collect, archive and analyze log data in real-time all data sources Quick access to log data Dozens of reports, fast and intuitive search function Compliance friendly Supports numerous standards such as PCI, HIPAA, FFIEC, SOX Available as a service Auditable daily log review with integrated case management by dedicated GIAC-certified System Security Analysts AWS Friendly Designed for AWS workloads and reference architectures 5
    • 6. Create a CloudTrail Trail 1. Use the console or CLI to create a trail 2. Enable CloudTrail logging 3. Create SQS queue 4. Create IAM group and user > www.alertlogic.com 6
    • 7. Set up a CloudTrail Source in Log Manager > www.alertlogic.com 7
    • 8. Collecting Additional AWS Log Data > www.alertlogic.com
    • 9. Demo 9> www.alertlogic.com
    • 10. Try Alert Logic Log Manager with CloudTrail • Contact Alert Logic: – www.alertlogic.com – info@alertlogic.com – cloud.docs.alertlogic.com • Installation steps: – Enable CloudTrail in your AWS account – In Log Manager, create a new CloudTrail data source > www.alertlogic.com Page 10
    • 11. Thank You! Q&A jcriswell@alertlogic.com dgarey@alertlogic.com > www.alertlogic.com

    ×