AWS Public Sector Symposium | Effective Security Response in the Cloud - Session Sponsored by Trend Micro

  • 466 views
Uploaded on

The cloud is a highly dynamic environment that changes the way organizations need to think about security, underpinned by the shared security model. Learn how to increase the effectiveness of your …

The cloud is a highly dynamic environment that changes the way organizations need to think about security, underpinned by the shared security model. Learn how to increase the effectiveness of your security response as you move to the cloud. We'll discuss how to leverage features in AWS and our security tools to reduce downtime with minimal impact to your security and business operations. Pulling from experiences helping clients move to the cloud, this talk will help provide practical advice you can apply today.

More in: Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
466
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Effec%ve  Security  Response  in  the  Cloud  Greg  Boyle,     Director,  Strategic  Business  and  Alliance  ANZ   Trend  Micro  
  • 2. ©  2014,  Trend  Micro  Inc.   Abstract   Effective Security Response in the Cloud ===================================== The cloud is a highly dynamic environment that changes the way organisations need to think about security, underpinned by the shared security model. Learn how to increase the effectiveness of your security response as you move to the cloud. We’ll discuss how to leverage features in AWS and our security tools to reduce downtime with minimal impact to your security and business operations. Pulling from experiences helping clients move to the cloud, this talk will help provide practical advice you can apply today.
  • 3. ©  2014,  Trend  Micro  Inc.   *  hDp://aws.amazon.com/about-­‐aws/   A  infrastructure  plaMorm  defined  as   Low  cost   Agile  &  ElasRc   Open  &  Flexible   Secure   AWS  
  • 4. ©  2014,  Trend  Micro  Inc.   and  your    company  doesn’t  need  to     worry  about  it   asked  ironically  by  Peter  Waterhouse,  InformaRon  Week,  31-­‐Mar-­‐2014   hDp://www.informaRonweek.com/so[ware/enterprise-­‐applicaRons/busRng-­‐5-­‐devops-­‐myths/d/d-­‐id/1141597   DevOps  is  a  technology  movement  for   right? The  movement  
  • 5. ©  2014,  Trend  Micro  Inc.   Development   OperaRons   Driving  change  
  • 6. ©  2014,  Trend  Micro  Inc.   Development   OperaRons   +   Driving  change  
  • 7. ©  2014,  Trend  Micro  Inc.   New  goals   Breakdown  silos   Directly  align  with  business   Rapidly  deploy  &  iterate   DevOps   Driving  change  
  • 8. ©  2014,  Trend  Micro  Inc.   Security  needs  to  keep  pace   Our  Challenge  
  • 9. ©  2014,  Trend  Micro  Inc.   You   FaciliRes   Physical  Security   Physical  Infrastructure   Network  Infrastructure   VirtualisaRon  Infrastructure       OperaRng  System   ApplicaRon   Account  Management   The  tradiRonal  responsibility  model  
  • 10. ©  2014,  Trend  Micro  Inc.   AWS   FaciliRes   Physical  Security   Physical  Infrastructure   Network  Infrastructure   VirtualisacRon  Infrastructure   You   OperaRng  System   ApplicaRon   Account  Management   Security  Groups   Network  ConfiguraRon   Shared  Responsibility  model  
  • 11. ©  2014,  Trend  Micro  Inc.   Applied  at  the  boundary   Operator   TradiRonal  Security  
  • 12. ©  2014,  Trend  Micro  Inc.   Applied  to  each  instance   Cloud  defences   VPC   VPC   VPC  
  • 13. ©  2014,  Trend  Micro  Inc.   Management  Deployment   New  challenges  
  • 14. ©  2014,  Trend  Micro  Inc.   Leverage  exisRng  distribuRon  channels   Addressing  the  challenges  -­‐  deployment  
  • 15. ©  2014,  Trend  Micro  Inc.   Recommended  choices   AWS  OpsWorks   Chef   Puppet   Salt   Deployment  channels  
  • 16. ©  2014,  Trend  Micro  Inc.   Centralise  control  management   Addressing  the  challenges  -­‐  management  
  • 17. ©  2014,  Trend  Micro  Inc.   In  acRon   Our  challenge  
  • 18. ©  2014,  Trend  Micro  Inc.   On  the  clock   Our  challenge  
  • 19. ©  2014,  Trend  Micro  Inc.   PreparaRon   IdenRficaRon   Containment   EradicaRon   Recovery   Lessons  Learned   SANS  incident  response  process  
  • 20. ©  2014,  Trend  Micro  Inc.   Server   Analyse   Verify   Adjust   Replacement  Defend   TradiRonal  process  
  • 21. ©  2014,  Trend  Micro  Inc.   Instance   Analyse   Verify   Adjust   Defend  Replacement   Cloud  process  
  • 22. ©  2014,  Trend  Micro  Inc.   Need  to  automate   isolaRon   Cloud  process  –  automaRon  requirements   Instance   Analyse   Verify   Adjust   Defend  Replacement  
  • 23. ©  2014,  Trend  Micro  Inc.   Instance   Replacement   1.  Monitor  the     log  stream   API   2.  Call  the  AWS  API  to    isolate  the  instance   Cloud  process  -­‐  soluRon  
  • 24. ©  2014,  Trend  Micro  Inc.   In  acRon   Our  Challenge  
  • 25. ©  2014,  Trend  Micro  Inc.   Cloud  process   Instance   Analyse   Verify   Adjust   Defend  Replacement  
  • 26. ©  2014,  Trend  Micro  Inc.   Piggyback  on  provisioning   Central  management   AutomaRon   Keys  to  success  
  • 27. Thank  you.  Learn  more  at  hDp://www.trendmicro.com/aws