SlideShare a Scribd company logo

Enterprise Security Considerations

Amazon Web Services
Amazon Web Services

Stephen Schmidt's deep dive into the culture and inner workings of how AWS Security keeps customer's safe every day, including what practices customers can adopt to improve their own position.

Technology
1 of 36
Download to read offline
JOB ZERO
Job Zero Network Security Physical Security Platform Security People & Procedures
Job Zero What We Do Heavy Lifting
SHARED
constantly improving AWS Founda+on Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Regions Edge Loca+ons GxP ISO 13485 AS9100 ISO/TS 16949 AWS is responsible for the security OF the Cloud
Customer applica2ons & content Pla<orm, Applica2ons, Iden2ty & Access Management Opera2ng System, Network & Firewall Configura2on AWS Founda+on Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Regions Edge Loca+ons Client-­‐side Data Encryp2on Server-­‐side Data Encryp2on Network Traffic Protec2on Customers shared responsibility Customers have their choice of security configurations IN the Cloud AWS is responsible for the security OF the Cloud
FAMILIAR
familiar – Agility
AWS
The practice of security at AWS is different, but the outcome is familiar: Focus on your business, not the undifferentiated heavy lifting This applies within AWS, just as it does for our customers
The practice of security at AWS is different, but the outcome is familiar: Focus on your business, not the undifferentiated heavy lifting Make it easier for our customers (internal & external) to do the “right” thing
The practice of security at AWS is different, but the outcome is familiar: Apply more effort to the “why” rather than the “how” Why is what really matters When something goes wrong, ask the “five why’s”
The practice of security at AWS is different, but the outcome is familiar: Decentralize - don’t be a bottleneck It’s human nature to go around a bottleneck
The practice of security at AWS is different, but the outcome is familiar: So what does your security team look like?
The practice of security at AWS is different, but the outcome is familiar: Everyone’s an owner When the problem is “mine” rather than “hers” there’s a much higher likelihood I’ll do the right thing
The practice of security at AWS is different, but the outcome is familiar: Measure constantly, report regularly, & hold senior executives accountable for security – have them drive the right culture
Our Tenets (unless you know better):
Our Tenets (unless you know better): • We lead AWS in helping prevent unauthorized access to AWS resources: our customers’ or ours. We continuously assess our systems, identify exposures, evaluate risks, and relentlessly drive mitigations.
Our Tenets (unless you know better): • We are the one-stop shop for all security questions within AWS. In cases where we don’t own the answer, we own getting the question answered.
Our Tenets (unless you know better): • We build systems and provide recommendations that make it easier to build secure systems than it is to build insecure ones.
Our Culture: • Saying “no” is a failure
Our Culture: • Measure measure measure • 5 min metrics are too coarse • 1 min metrics just barely OK
Our Culture: • Base decisions on facts, metrics & detailed understanding of your environment and adversaries
Our Culture: • Produce services that others can consume through hardened APIs
Our Culture: • Test, CONSTANTLY • Inside/outside • Privileged/unprivileged • Black-box/white-box • Vendor/self
Our Culture: • Proactive monitoring rules the day • What’s “normal” in your environment? • Depending on signatures == waiting to find out WHEN you’ve been had
Our Culture: • Collect, digest, disseminate & use intelligence
Our Culture: • Make your compliance team a part of your security operations
Simple Security Controls
REDUCTION
REDUCTION
BETTER OFF IN AWS

Recommended

Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Data Breaches: Protecting Your Database from the Evening News
Data Breaches: Protecting Your Database from the Evening NewsData Breaches: Protecting Your Database from the Evening News
Data Breaches: Protecting Your Database from the Evening NewsSolarWinds
 
Do You Trust Your DevSecOps Pipeline?
Do You Trust Your DevSecOps Pipeline?Do You Trust Your DevSecOps Pipeline?
Do You Trust Your DevSecOps Pipeline?DevOps.com
 
Securing The Cloud: Top Down and Bottom Up
Securing The Cloud: Top Down and Bottom UpSecuring The Cloud: Top Down and Bottom Up
Securing The Cloud: Top Down and Bottom UpDevOps.com
 
The Cloud promises - Global Azure Bootcamp Paris 2019
The Cloud promises - Global Azure Bootcamp Paris 2019The Cloud promises - Global Azure Bootcamp Paris 2019
The Cloud promises - Global Azure Bootcamp Paris 2019Alex Danvy
 
Evident io Continuous Compliance - Mar 2017
Evident io Continuous Compliance - Mar 2017Evident io Continuous Compliance - Mar 2017
Evident io Continuous Compliance - Mar 2017Sebastian Taphanel CISSP-ISSEP
 
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Sebastian Taphanel CISSP-ISSEP
 
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWise
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWiseGWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWise
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWiseGWAVA
 

Recommended

Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Data Breaches: Protecting Your Database from the Evening News
Data Breaches: Protecting Your Database from the Evening NewsData Breaches: Protecting Your Database from the Evening News
Data Breaches: Protecting Your Database from the Evening NewsSolarWinds
 
Do You Trust Your DevSecOps Pipeline?
Do You Trust Your DevSecOps Pipeline?Do You Trust Your DevSecOps Pipeline?
Do You Trust Your DevSecOps Pipeline?DevOps.com
 
Securing The Cloud: Top Down and Bottom Up
Securing The Cloud: Top Down and Bottom UpSecuring The Cloud: Top Down and Bottom Up
Securing The Cloud: Top Down and Bottom UpDevOps.com
 
The Cloud promises - Global Azure Bootcamp Paris 2019
The Cloud promises - Global Azure Bootcamp Paris 2019The Cloud promises - Global Azure Bootcamp Paris 2019
The Cloud promises - Global Azure Bootcamp Paris 2019Alex Danvy
 
Evident io Continuous Compliance - Mar 2017
Evident io Continuous Compliance - Mar 2017Evident io Continuous Compliance - Mar 2017
Evident io Continuous Compliance - Mar 2017Sebastian Taphanel CISSP-ISSEP
 
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Developing a Rugged Dev Ops Approach to Cloud Security (Updated)
Developing a Rugged Dev Ops Approach to Cloud Security (Updated)Sebastian Taphanel CISSP-ISSEP
 
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWise
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWiseGWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWise
GWAVACon 2015: GWAVA - Three dimensional security for Novell GroupWiseGWAVA
 
DevOpsDays Galway 2019 - SRE at Genesys
DevOpsDays Galway 2019 - SRE at GenesysDevOpsDays Galway 2019 - SRE at Genesys
DevOpsDays Galway 2019 - SRE at GenesysColm Hally
 
Cloudersize - A cardio, strength & conditioning program for a firmer, more to...
Cloudersize - A cardio, strength & conditioning program for a firmer, more to...Cloudersize - A cardio, strength & conditioning program for a firmer, more to...
Cloudersize - A cardio, strength & conditioning program for a firmer, more to...Christofer Hoff
 
Delivering Policy & Trust to the Hybrid Cloud
Delivering Policy & Trust to the Hybrid CloudDelivering Policy & Trust to the Hybrid Cloud
Delivering Policy & Trust to the Hybrid CloudApcera
 
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...Evident.io
 
Secure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteSecure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteMike Brannon
 
DevSecOps in 10 minutes
DevSecOps in 10 minutesDevSecOps in 10 minutes
DevSecOps in 10 minuteskieranjacobsen
 
Network security
Network securityNetwork security
Network securitySibergen Technologies
 
STAR IT LLC OUR WORK
STAR IT LLC OUR WORKSTAR IT LLC OUR WORK
STAR IT LLC OUR WORKMike Turner
 
Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security ShakedownAmazon Web Services
 
Azure Key Vault
Azure Key VaultAzure Key Vault
Azure Key VaultMalin De Silva
 
Network security
Network securityNetwork security
Network securitySibergen Technologies
 
Securing the Heart of Automated Infrastructure
Securing the Heart of Automated InfrastructureSecuring the Heart of Automated Infrastructure
Securing the Heart of Automated Infrastructurejamfish728
 
OpenStack at Cisco, June 2015
OpenStack at Cisco, June 2015OpenStack at Cisco, June 2015
OpenStack at Cisco, June 2015Lora O'Haver
 
An Unconventional Approach: Serverless
An Unconventional Approach: ServerlessAn Unconventional Approach: Serverless
An Unconventional Approach: ServerlessAlexander Fallenstedt
 
DevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationDevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationWhiteSource
 
Contact us
Contact usContact us
Contact usSophia Mars
 
Best Practices to be a Salesforce #AwesomeAdmin
Best Practices to be a Salesforce #AwesomeAdminBest Practices to be a Salesforce #AwesomeAdmin
Best Practices to be a Salesforce #AwesomeAdminDataConnectiva
 
SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...
SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...
SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...Jasper Oosterveld
 
AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...
AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...
AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...DiUS
 
Deploy with confidence and speed to Microsoft azure using visual studio team ...
Deploy with confidence and speed to Microsoft azure using visual studio team ...Deploy with confidence and speed to Microsoft azure using visual studio team ...
Deploy with confidence and speed to Microsoft azure using visual studio team ...Teemu Tapanila
 
Soa And Web Services Security
Soa And Web Services SecuritySoa And Web Services Security
Soa And Web Services SecurityConSanFrancisco123
 
Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...
Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...
Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...Amazon Web Services
 

More Related Content

What's hot

DevOpsDays Galway 2019 - SRE at Genesys
DevOpsDays Galway 2019 - SRE at GenesysDevOpsDays Galway 2019 - SRE at Genesys
DevOpsDays Galway 2019 - SRE at GenesysColm Hally
 
Cloudersize - A cardio, strength & conditioning program for a firmer, more to...
Cloudersize - A cardio, strength & conditioning program for a firmer, more to...Cloudersize - A cardio, strength & conditioning program for a firmer, more to...
Cloudersize - A cardio, strength & conditioning program for a firmer, more to...Christofer Hoff
 
Delivering Policy & Trust to the Hybrid Cloud
Delivering Policy & Trust to the Hybrid CloudDelivering Policy & Trust to the Hybrid Cloud
Delivering Policy & Trust to the Hybrid CloudApcera
 
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...Evident.io
 
Secure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteSecure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteMike Brannon
 
DevSecOps in 10 minutes
DevSecOps in 10 minutesDevSecOps in 10 minutes
DevSecOps in 10 minuteskieranjacobsen
 
STAR IT LLC OUR WORK
STAR IT LLC OUR WORKSTAR IT LLC OUR WORK
STAR IT LLC OUR WORKMike Turner
 
Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security ShakedownAmazon Web Services
 
Securing the Heart of Automated Infrastructure
Securing the Heart of Automated InfrastructureSecuring the Heart of Automated Infrastructure
Securing the Heart of Automated Infrastructurejamfish728
 
OpenStack at Cisco, June 2015
OpenStack at Cisco, June 2015OpenStack at Cisco, June 2015
OpenStack at Cisco, June 2015Lora O'Haver
 
An Unconventional Approach: Serverless
An Unconventional Approach: ServerlessAn Unconventional Approach: Serverless
An Unconventional Approach: ServerlessAlexander Fallenstedt
 
DevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationDevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationWhiteSource
 
Best Practices to be a Salesforce #AwesomeAdmin
Best Practices to be a Salesforce #AwesomeAdminBest Practices to be a Salesforce #AwesomeAdmin
Best Practices to be a Salesforce #AwesomeAdminDataConnectiva
 
SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...
SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...
SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...Jasper Oosterveld
 
AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...
AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...
AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...DiUS
 
Deploy with confidence and speed to Microsoft azure using visual studio team ...
Deploy with confidence and speed to Microsoft azure using visual studio team ...Deploy with confidence and speed to Microsoft azure using visual studio team ...
Deploy with confidence and speed to Microsoft azure using visual studio team ...Teemu Tapanila
 

What's hot (20)

DevOpsDays Galway 2019 - SRE at Genesys
DevOpsDays Galway 2019 - SRE at GenesysDevOpsDays Galway 2019 - SRE at Genesys
DevOpsDays Galway 2019 - SRE at Genesys
 
Cloudersize - A cardio, strength & conditioning program for a firmer, more to...
Cloudersize - A cardio, strength & conditioning program for a firmer, more to...Cloudersize - A cardio, strength & conditioning program for a firmer, more to...
Cloudersize - A cardio, strength & conditioning program for a firmer, more to...
 
Delivering Policy & Trust to the Hybrid Cloud
Delivering Policy & Trust to the Hybrid CloudDelivering Policy & Trust to the Hybrid Cloud
Delivering Policy & Trust to the Hybrid Cloud
 
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
 
Secure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 CharlotteSecure Your Cloud Migration - Secureworld 2019 Charlotte
Secure Your Cloud Migration - Secureworld 2019 Charlotte
 
DevSecOps in 10 minutes
DevSecOps in 10 minutesDevSecOps in 10 minutes
DevSecOps in 10 minutes
 
Network security
Network securityNetwork security
Network security
 
STAR IT LLC OUR WORK
STAR IT LLC OUR WORKSTAR IT LLC OUR WORK
STAR IT LLC OUR WORK
 
Protected Workloads Security Shakedown
Protected Workloads Security ShakedownProtected Workloads Security Shakedown
Protected Workloads Security Shakedown
 
Azure Key Vault
Azure Key VaultAzure Key Vault
Azure Key Vault
 
Network security
Network securityNetwork security
Network security
 
Securing the Heart of Automated Infrastructure
Securing the Heart of Automated InfrastructureSecuring the Heart of Automated Infrastructure
Securing the Heart of Automated Infrastructure
 
OpenStack at Cisco, June 2015
OpenStack at Cisco, June 2015OpenStack at Cisco, June 2015
OpenStack at Cisco, June 2015
 
An Unconventional Approach: Serverless
An Unconventional Approach: ServerlessAn Unconventional Approach: Serverless
An Unconventional Approach: Serverless
 
DevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to RemediationDevSecOps: Closing the Loop from Detection to Remediation
DevSecOps: Closing the Loop from Detection to Remediation
 
Contact us
Contact usContact us
Contact us
 
Best Practices to be a Salesforce #AwesomeAdmin
Best Practices to be a Salesforce #AwesomeAdminBest Practices to be a Salesforce #AwesomeAdmin
Best Practices to be a Salesforce #AwesomeAdmin
 
SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...
SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...
SharePoint Saturday Warsaw 2018 - Modern Collaboration in Teams & Projects wi...
 
AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...
AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...
AWS Summit Melbourne 2014 | The Path to Business Agility for Vodafone: How Am...
 
Deploy with confidence and speed to Microsoft azure using visual studio team ...
Deploy with confidence and speed to Microsoft azure using visual studio team ...Deploy with confidence and speed to Microsoft azure using visual studio team ...
Deploy with confidence and speed to Microsoft azure using visual studio team ...
 

Viewers also liked

Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...
Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...
Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...Amazon Web Services
 
Choosing the Right Data Storage Solution
Choosing the Right Data Storage SolutionChoosing the Right Data Storage Solution
Choosing the Right Data Storage SolutionAmazon Web Services
 
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014Amazon Web Services
 
Maximizing EC2 and Elastic Block Store Disk Performance
Maximizing EC2 and Elastic Block Store Disk PerformanceMaximizing EC2 and Elastic Block Store Disk Performance
Maximizing EC2 and Elastic Block Store Disk PerformanceAmazon Web Services
 
Becoming a Command Line Expert with the AWS CLI (TLS304) | AWS re:Invent 2013
Becoming a Command Line Expert with the AWS CLI (TLS304) | AWS re:Invent 2013Becoming a Command Line Expert with the AWS CLI (TLS304) | AWS re:Invent 2013
Becoming a Command Line Expert with the AWS CLI (TLS304) | AWS re:Invent 2013Amazon Web Services
 
Cloud Adoption in the Enterprise
Cloud Adoption in the EnterpriseCloud Adoption in the Enterprise
Cloud Adoption in the EnterpriseAmazon Web Services
 
Data Replication Options in AWS (ARC302) | AWS re:Invent 2013
Data Replication Options in AWS (ARC302) | AWS re:Invent 2013Data Replication Options in AWS (ARC302) | AWS re:Invent 2013
Data Replication Options in AWS (ARC302) | AWS re:Invent 2013Amazon Web Services
 
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...Amazon Web Services
 
AWS Storage Tiers for Enterprise Workloads - Best Practices (STG301) | AWS re...
AWS Storage Tiers for Enterprise Workloads - Best Practices (STG301) | AWS re...AWS Storage Tiers for Enterprise Workloads - Best Practices (STG301) | AWS re...
AWS Storage Tiers for Enterprise Workloads - Best Practices (STG301) | AWS re...Amazon Web Services
 

Viewers also liked (11)

Soa And Web Services Security
Soa And Web Services SecuritySoa And Web Services Security
Soa And Web Services Security
 
Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...
Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...
Lumberjacking on AWS: Cutting Through Logs to Find What Matters (ARC306) | AW...
 
Choosing the Right Data Storage Solution
Choosing the Right Data Storage SolutionChoosing the Right Data Storage Solution
Choosing the Right Data Storage Solution
 
AWS Webcast - SharePoint 2013
AWS Webcast - SharePoint 2013AWS Webcast - SharePoint 2013
AWS Webcast - SharePoint 2013
 
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014
(SEC310) Integrating AWS with External Identity Management | AWS re:Invent 2014
 
Maximizing EC2 and Elastic Block Store Disk Performance
Maximizing EC2 and Elastic Block Store Disk PerformanceMaximizing EC2 and Elastic Block Store Disk Performance
Maximizing EC2 and Elastic Block Store Disk Performance
 
Becoming a Command Line Expert with the AWS CLI (TLS304) | AWS re:Invent 2013
Becoming a Command Line Expert with the AWS CLI (TLS304) | AWS re:Invent 2013Becoming a Command Line Expert with the AWS CLI (TLS304) | AWS re:Invent 2013
Becoming a Command Line Expert with the AWS CLI (TLS304) | AWS re:Invent 2013
 
Cloud Adoption in the Enterprise
Cloud Adoption in the EnterpriseCloud Adoption in the Enterprise
Cloud Adoption in the Enterprise
 
Data Replication Options in AWS (ARC302) | AWS re:Invent 2013
Data Replication Options in AWS (ARC302) | AWS re:Invent 2013Data Replication Options in AWS (ARC302) | AWS re:Invent 2013
Data Replication Options in AWS (ARC302) | AWS re:Invent 2013
 
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
(MBL311) Workshop: Build an Android App Using AWS Mobile Services | AWS re:In...
 
AWS Storage Tiers for Enterprise Workloads - Best Practices (STG301) | AWS re...
AWS Storage Tiers for Enterprise Workloads - Best Practices (STG301) | AWS re...AWS Storage Tiers for Enterprise Workloads - Best Practices (STG301) | AWS re...
AWS Storage Tiers for Enterprise Workloads - Best Practices (STG301) | AWS re...
 

Similar to Enterprise Security Considerations

Security and Compliance – Most Commonly Asked Questions - Technical 101
Security and Compliance – Most Commonly Asked Questions - Technical 101Security and Compliance – Most Commonly Asked Questions - Technical 101
Security and Compliance – Most Commonly Asked Questions - Technical 101Amazon Web Services
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
How to Achieve PCI DSS Compliance on AWS
How to Achieve PCI DSS Compliance on AWS How to Achieve PCI DSS Compliance on AWS
How to Achieve PCI DSS Compliance on AWSAmazon Web Services
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About SecurityAmazon Web Services
 
What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?PECB
 
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security ModelAlert Logic
 
Security & Compliance in the Cloud
Security & Compliance in the CloudSecurity & Compliance in the Cloud
Security & Compliance in the CloudAmazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017Amazon Web Services
 
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWSAWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWSAmazon Web Services
 
Staying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierStaying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierTriNimbus
 
AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS Security
AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS SecurityAWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS Security
AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS SecurityAmazon Web Services
 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldShannon Lietz
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudAmazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 
AWS Security Strategy
AWS Security StrategyAWS Security Strategy
AWS Security StrategyTeri Radichel
 

Similar to Enterprise Security Considerations (20)

Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Security and Compliance – Most Commonly Asked Questions - Technical 101
Security and Compliance – Most Commonly Asked Questions - Technical 101Security and Compliance – Most Commonly Asked Questions - Technical 101
Security and Compliance – Most Commonly Asked Questions - Technical 101
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 
How to Achieve PCI DSS Compliance on AWS
How to Achieve PCI DSS Compliance on AWS How to Achieve PCI DSS Compliance on AWS
How to Achieve PCI DSS Compliance on AWS
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About Security
 
What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?What Suppliers Don't Tell You About Security?
What Suppliers Don't Tell You About Security?
 
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
 
Security & Compliance in the Cloud
Security & Compliance in the CloudSecurity & Compliance in the Cloud
Security & Compliance in the Cloud
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
 
Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack Security
 
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWSAWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
AWS Enterprise Summit London 2013 - Stephen Schmidt - AWS
 
Staying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave MillierStaying Secure When Moving to the Cloud - Dave Millier
Staying Secure When Moving to the Cloud - Dave Millier
 
AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS Security
AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS SecurityAWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS Security
AWS Paris Summit 2014 - Keynote Stephen Schmidt - AWS Security
 
Finding Security a Home in a DevOps World
Finding Security a Home in a DevOps WorldFinding Security a Home in a DevOps World
Finding Security a Home in a DevOps World
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS Cloud
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
 
AWS Security Strategy
AWS Security StrategyAWS Security Strategy
AWS Security Strategy
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 3652toLead Limited
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGMarianaLemus7
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxnull - The Open Security Community
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024BookNet Canada
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraDeakin University
 

Recently uploaded (20)

Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
APIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDGAPIForce Zurich 5 April Automation LPDG
APIForce Zurich 5 April Automation LPDG
 
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptxMaking_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
Making_way_through_DLL_hollowing_inspite_of_CFG_by_Debjeet Banerjee.pptx
 
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
New from BookNet Canada for 2024: BNC BiblioShare - Tech Forum 2024
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning eraArtificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
 

Enterprise Security Considerations

  • 1.
  • 3. Job Zero Network Security Physical Security Platform Security People & Procedures
  • 4. Job Zero What We Do Heavy Lifting
  • 6. constantly improving AWS Founda+on Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Regions Edge Loca+ons GxP ISO 13485 AS9100 ISO/TS 16949 AWS is responsible for the security OF the Cloud
  • 7. Customer applica2ons & content Pla<orm, Applica2ons, Iden2ty & Access Management Opera2ng System, Network & Firewall Configura2on AWS Founda+on Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Regions Edge Loca+ons Client-­‐side Data Encryp2on Server-­‐side Data Encryp2on Network Traffic Protec2on Customers shared responsibility Customers have their choice of security configurations IN the Cloud AWS is responsible for the security OF the Cloud
  • 10. AWS
  • 11. The practice of security at AWS is different, but the outcome is familiar: Focus on your business, not the undifferentiated heavy lifting This applies within AWS, just as it does for our customers
  • 12. The practice of security at AWS is different, but the outcome is familiar: Focus on your business, not the undifferentiated heavy lifting Make it easier for our customers (internal & external) to do the “right” thing
  • 13. The practice of security at AWS is different, but the outcome is familiar: Apply more effort to the “why” rather than the “how” Why is what really matters When something goes wrong, ask the “five why’s”
  • 14. The practice of security at AWS is different, but the outcome is familiar: Decentralize - don’t be a bottleneck It’s human nature to go around a bottleneck
  • 15. The practice of security at AWS is different, but the outcome is familiar: So what does your security team look like?
  • 16. The practice of security at AWS is different, but the outcome is familiar: Everyone’s an owner When the problem is “mine” rather than “hers” there’s a much higher likelihood I’ll do the right thing
  • 17. The practice of security at AWS is different, but the outcome is familiar: Measure constantly, report regularly, & hold senior executives accountable for security – have them drive the right culture
  • 18.
  • 19. Our Tenets (unless you know better):
  • 20. Our Tenets (unless you know better): • We lead AWS in helping prevent unauthorized access to AWS resources: our customers’ or ours. We continuously assess our systems, identify exposures, evaluate risks, and relentlessly drive mitigations.
  • 21. Our Tenets (unless you know better): • We are the one-stop shop for all security questions within AWS. In cases where we don’t own the answer, we own getting the question answered.
  • 22. Our Tenets (unless you know better): • We build systems and provide recommendations that make it easier to build secure systems than it is to build insecure ones.
  • 23.
  • 24. Our Culture: • Saying “no” is a failure
  • 25. Our Culture: • Measure measure measure • 5 min metrics are too coarse • 1 min metrics just barely OK
  • 26. Our Culture: • Base decisions on facts, metrics & detailed understanding of your environment and adversaries
  • 27. Our Culture: • Produce services that others can consume through hardened APIs
  • 28. Our Culture: • Test, CONSTANTLY • Inside/outside • Privileged/unprivileged • Black-box/white-box • Vendor/self
  • 29. Our Culture: • Proactive monitoring rules the day • What’s “normal” in your environment? • Depending on signatures == waiting to find out WHEN you’ve been had
  • 30. Our Culture: • Collect, digest, disseminate & use intelligence
  • 31. Our Culture: • Make your compliance team a part of your security operations
  • 33.