SlideShare a Scribd company logo

Fintech Pace Security on AWS: The Customer Perspective

Amazon Web Services
Amazon Web Services

AWS is hosting the first FSI Cloud Symposium in Hong Kong, which will take place on Thursday, March 23, 2017 at Grand Hyatt Hotel. The event will bring together FSI customers, industry professional and AWS experts, to explore how to turn the dream of transformation, innovation and acceleration into reality by exploiting Cloud, Voice to Text and IoT technologies. The packed agenda includes expert sessions on a host of pressing issues, such as security and compliance, as well as customer experience sharing on how cloud computing is benefiting the industry. Speakers: Myles Hosford, Security Solutions Architect APAC, AWS Anthony Hodge, Head, Cloud Engineering and Delivery, Standard Chartered Bank

Technology
1 of 31
Download to read offline
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Myles Hosford – Security Solution Architect APAC, AWS Anthony Hodge, Head, Cloud Engineering and Delivery, Standard Chartered Bank 23rd March 2017 FinTech Pace Security Securing Financial Workloads at ‘FinTech Pace’
Agenda • The Problem facing current security programs • The Solution (or some of it J) 1. Automated Deployment 2. Adopt Industry Best Practices 3. Automated Compliance 4. Automated Incident Response • Next Steps & Resources
The Problem Evolving & Complex Threat Landscape Infrequent Security Reviews Heavily Regulated Control Requirements Lack of automation introduces error
Financial Institution • Operating in a number of countries with many regulators • Complex / Legacy IT • Security ‘Debt’ e.g. Patch Management constantly behind • Traditional third-party outsourcing requirements might not be suited for cloud The Lay of the Land… FinTech / Startup • Probably ‘zero’ regulation but doing business with regulated financial institutions • Moving fast to deliver and iterate the ‘MVP’. Security not the highest priority. • Must jump through third party due diligence for Outsourcing. Can be difficult for small companies with no certifications.
Current Security, Risk & Compliance Teams Operating as separate functions can no longer exist Static position papers, architecture diagrams & documents UI-dependent consoles and technologies Auditing, assurance, and compliance are decoupled, separate processes Current SRC Teams
Next-Gen Security, Risk & Compliance Teams All should be be part of the ‘maker’ team. Architecture artifacts (design choices, narrative, etc.) committed to common repositories Complete solutions account for automation Solution architectures are living audit/compliance artifacts and evidence in a closed loop Evolved SRC Teams AWS CodeCommit AWS CodePipeline Jenkins
The Solution
Automate Deployment (treat infrastructure everything as code)
Auto Scaling group DMZ Zone security group security group root volume data volume S3 bucket (encrypted AES256) logs Amazon EBS snapshot (encrypted at rest) EC2 instance WEB corporate data center Auto Scaling group App Zone security group root volume data volume S3 bucket (encrypted AES256) logs Amazon EBS snapshot EC2 instance APP DB Zone AWS CloudHSM security group AWS KMS Direct Connect Or VPN Internet HTTP / HTTPS only to the web-tier
What you do in any IT Environment Firewall rules Network ACLs Network time pointers Internal and external subnets NAT rules Gold OS images Encryption algorithms for data in transit and at rest Golden Code: Security Translation to AWS AWS JSON translation Gold Image, NTP and NAT Network ACLs, Subnets, FW rules
CloudFormation. An example: Firewall rule
Any IP on the Internet Telnet, insecure, clear-text protocol CloudFormation. An example: Firewall rule Mis-configuration detected BEFORE the environment is even built!
Adopt Industry Best Practice (and adopt it fast!)
Foundations 52 checks aligned to AWS Best Practices • Root account MFA • CloudTrail Enabled • Config & CloudWatch Alarms CIS AWS Benchmarks Three-Tier 96 checks aligned to a three-tier web application • Encrypt EBS volumes • Resources are ‘tagged’ • Tight security groups Bake these controls into your CloudFormation templates 148 security controls by default handed to your development team
Self-Assessment Insert AWS github checker here CIS AWS Benchmarks Your audit teams can get hands-on. Be part of the ‘maker’ team by automating their pre-prod checklists.
Automate Continuous Compliance (and detect non-compliance fast!)
IT Security Policy & Controls
IT Security Policy & Controls Nobody reads them Difficult to enforce Rarely updated
Compliance guideline Action if non-compliance All EBS volumes should be encrypted Encrypt volumes and alert operations team Instances must be from a specific approved AMI Terminate instance and notify build team Instances must be tagged with environment type Flag as non-compliant but take no further action AWS Config Rules
AWS Config Rules Internal Controls MAS/HKMA Guidelines Industry best practice Bake these compliance checks into your CloudFormation templates
AWS Config Rules – Managed Rules (30+) Encrypted Volumes Restricted SSH CloudTrail Enabled Root MFA Password Policy Approved OS Image
Custom Rules - Boilerplate
Automate Incident Response (and respond to compromise fast!)
Amazon CloudWatch Events • Respond to state changes automatically in your AWS resources • Resources changing state automatically emit observable events • Write declarative rules to match events of interest and then invoke targets to take action • Events can also be scheduled – “Cron in the Cloud”
Amazon CloudWatch Events Rapid notification of changes Reduces polling overhead Uniform event- driven computing interface Reliable, infrastructure- free scheduled task execution
Rapid notification of changes Changes to AWS resources are delivered to your application in near real-time React to suspicious, risky, or problematic situations programmatically, without having to involve an operator
Cloudwatch Events. 30 second response time! Detect malicious API and automate response. If trail.StopLogging { user.disable trail.StartLogging email.security_team } Bake these automated response controls into your CloudFormation templates
How do you get started? AWS Free Security Training CIS AWS Security Foundations Benchmark CIS AWS Three-Tier Web Application Benchmark Security / Risk & Compliance Whitepapers
Conclusion: The Problem Evolving & Complex Threat Landscape Infrequent Security Reviews Heavily Regulated Control Requirements Lack of automation introduces error
Conclusion: The Solution Evolving & Complex Threat Landscape Infrequent Security Reviews Heavily Regulated Control Requirements Lack of automation introduces error Make security easy for everyone. Build it in by default. Evaluate security & compliance continuously. Automate response to scale Build control requirements into CloudFormation and blueprints for re-use. Be Consistent. To remove human error, remove humans J
Thank you! Move fast and stay secure!

Recommended

Innovation with AWS: DevOps & Microservices
Innovation with AWS: DevOps & MicroservicesInnovation with AWS: DevOps & Microservices
Innovation with AWS: DevOps & MicroservicesAmazon Web Services
 
AWS Financial Services Cloud Symposium | Hong Kong - Keynote
AWS Financial Services Cloud Symposium | Hong Kong - KeynoteAWS Financial Services Cloud Symposium | Hong Kong - Keynote
AWS Financial Services Cloud Symposium | Hong Kong - KeynoteAmazon Web Services
 
AWS in Financial Services
AWS in Financial ServicesAWS in Financial Services
AWS in Financial ServicesAmazon Web Services
 
Mining Intelligent Insights: AI/ML for Financial Services
Mining Intelligent Insights: AI/ML for Financial ServicesMining Intelligent Insights: AI/ML for Financial Services
Mining Intelligent Insights: AI/ML for Financial ServicesAmazon Web Services LATAM
 
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 Amazon Web Services
 
Serverless Real Time Analytics
Serverless Real Time AnalyticsServerless Real Time Analytics
Serverless Real Time AnalyticsAmazon Web Services
 
Successful Cloud Adoption in Financial Services
Successful Cloud Adoption in Financial ServicesSuccessful Cloud Adoption in Financial Services
Successful Cloud Adoption in Financial ServicesAmazon Web Services
 
Real-time Analytics with Open-Source
Real-time Analytics with Open-SourceReal-time Analytics with Open-Source
Real-time Analytics with Open-SourceAmazon Web Services
 

Recommended

Innovation with AWS: DevOps & Microservices
Innovation with AWS: DevOps & MicroservicesInnovation with AWS: DevOps & Microservices
Innovation with AWS: DevOps & MicroservicesAmazon Web Services
 
AWS Financial Services Cloud Symposium | Hong Kong - Keynote
AWS Financial Services Cloud Symposium | Hong Kong - KeynoteAWS Financial Services Cloud Symposium | Hong Kong - Keynote
AWS Financial Services Cloud Symposium | Hong Kong - KeynoteAmazon Web Services
 
AWS in Financial Services
AWS in Financial ServicesAWS in Financial Services
AWS in Financial ServicesAmazon Web Services
 
Mining Intelligent Insights: AI/ML for Financial Services
Mining Intelligent Insights: AI/ML for Financial ServicesMining Intelligent Insights: AI/ML for Financial Services
Mining Intelligent Insights: AI/ML for Financial ServicesAmazon Web Services LATAM
 
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 Amazon Web Services
 
Serverless Real Time Analytics
Serverless Real Time AnalyticsServerless Real Time Analytics
Serverless Real Time AnalyticsAmazon Web Services
 
Successful Cloud Adoption in Financial Services
Successful Cloud Adoption in Financial ServicesSuccessful Cloud Adoption in Financial Services
Successful Cloud Adoption in Financial ServicesAmazon Web Services
 
Real-time Analytics with Open-Source
Real-time Analytics with Open-SourceReal-time Analytics with Open-Source
Real-time Analytics with Open-SourceAmazon Web Services
 
AWS Security and Compliance
AWS Security and ComplianceAWS Security and Compliance
AWS Security and ComplianceAmazon Web Services
 
Achieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAchieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAmazon Web Services
 
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Amazon Web Services
 
Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017Amazon Web Services
 
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...Amazon Web Services
 
Leveraging Hybid IT for More Robust Business Services
Leveraging Hybid IT for More Robust Business ServicesLeveraging Hybid IT for More Robust Business Services
Leveraging Hybid IT for More Robust Business ServicesAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
FS-ISAC 2017 Amazon Web Services & Cloud Security
FS-ISAC 2017 Amazon Web Services & Cloud SecurityFS-ISAC 2017 Amazon Web Services & Cloud Security
FS-ISAC 2017 Amazon Web Services & Cloud SecurityAmazon Web Services
 
IoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWSIoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWSHelen Rogers
 
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdfAutomating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdfAmazon Web Services
 
AWS Adoption in FSI
AWS Adoption in FSIAWS Adoption in FSI
AWS Adoption in FSIAmazon Web Services
 
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdf
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdfATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdf
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdfAmazon Web Services
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero Amazon Web Services
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud ComputingAmazon Web Services
 
AWS Financial Services - Michael Needham
AWS Financial Services - Michael NeedhamAWS Financial Services - Michael Needham
AWS Financial Services - Michael NeedhamSynthesis Software
 
AWS in FSI 2019
AWS in FSI 2019AWS in FSI 2019
AWS in FSI 2019Amazon Web Services
 
AWS view of Financial Services Industry
AWS view of Financial Services IndustryAWS view of Financial Services Industry
AWS view of Financial Services IndustryAmazon Web Services LATAM
 
AWS featuring Mechanical Turk for Financial Services_2014
AWS featuring Mechanical Turk for Financial Services_2014AWS featuring Mechanical Turk for Financial Services_2014
AWS featuring Mechanical Turk for Financial Services_2014Daniel Gray
 
Real-time Visibility at Scale with Sumo Logic
Real-time Visibility at Scale with Sumo LogicReal-time Visibility at Scale with Sumo Logic
Real-time Visibility at Scale with Sumo LogicAmazon Web Services
 
AWS - Security & Compliance
AWS - Security & ComplianceAWS - Security & Compliance
AWS - Security & ComplianceAmazon Web Services LATAM
 
Security Automation: Spend Less Time Securing Your Applications.
Security Automation: Spend Less Time Securing Your Applications.Security Automation: Spend Less Time Securing Your Applications.
Security Automation: Spend Less Time Securing Your Applications.Amazon Web Services
 
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...Amazon Web Services
 

More Related Content

What's hot

Achieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAchieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAmazon Web Services
 
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Amazon Web Services
 
Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017Amazon Web Services
 
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...Amazon Web Services
 
Leveraging Hybid IT for More Robust Business Services
Leveraging Hybid IT for More Robust Business ServicesLeveraging Hybid IT for More Robust Business Services
Leveraging Hybid IT for More Robust Business ServicesAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
FS-ISAC 2017 Amazon Web Services & Cloud Security
FS-ISAC 2017 Amazon Web Services & Cloud SecurityFS-ISAC 2017 Amazon Web Services & Cloud Security
FS-ISAC 2017 Amazon Web Services & Cloud SecurityAmazon Web Services
 
IoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWSIoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWSHelen Rogers
 
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdfAutomating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdfAmazon Web Services
 
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdf
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdfATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdf
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdfAmazon Web Services
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero Amazon Web Services
 
AWS Financial Services - Michael Needham
AWS Financial Services - Michael NeedhamAWS Financial Services - Michael Needham
AWS Financial Services - Michael NeedhamSynthesis Software
 
AWS featuring Mechanical Turk for Financial Services_2014
AWS featuring Mechanical Turk for Financial Services_2014AWS featuring Mechanical Turk for Financial Services_2014
AWS featuring Mechanical Turk for Financial Services_2014Daniel Gray
 
Real-time Visibility at Scale with Sumo Logic
Real-time Visibility at Scale with Sumo LogicReal-time Visibility at Scale with Sumo Logic
Real-time Visibility at Scale with Sumo LogicAmazon Web Services
 

What's hot (20)

AWS Security and Compliance
AWS Security and ComplianceAWS Security and Compliance
AWS Security and Compliance
 
Achieving Agility with Control in Financial Services
Achieving Agility with Control in Financial ServicesAchieving Agility with Control in Financial Services
Achieving Agility with Control in Financial Services
 
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
 
Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017Architecting for the New Age Enterprise - AWS Summit SG 2017
Architecting for the New Age Enterprise - AWS Summit SG 2017
 
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
AWS at 2017 FS-ISAC APAC Summit: Move Better, Faster and More Securely: Cloud...
 
Leveraging Hybid IT for More Robust Business Services
Leveraging Hybid IT for More Robust Business ServicesLeveraging Hybid IT for More Robust Business Services
Leveraging Hybid IT for More Robust Business Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
FS-ISAC 2017 Amazon Web Services & Cloud Security
FS-ISAC 2017 Amazon Web Services & Cloud SecurityFS-ISAC 2017 Amazon Web Services & Cloud Security
FS-ISAC 2017 Amazon Web Services & Cloud Security
 
IoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWSIoT at the Edge_Greengrass and More_ Craig Lawton_AWS
IoT at the Edge_Greengrass and More_ Craig Lawton_AWS
 
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdfAutomating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
Automating Event Driven Security in the AWS Cloud - AWS Summit SG 2017pdf
 
AWS Adoption in FSI
AWS Adoption in FSIAWS Adoption in FSI
AWS Adoption in FSI
 
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdf
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdfATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdf
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdf
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero
 
Benefits of Cloud Computing
Benefits of Cloud ComputingBenefits of Cloud Computing
Benefits of Cloud Computing
 
AWS Financial Services - Michael Needham
AWS Financial Services - Michael NeedhamAWS Financial Services - Michael Needham
AWS Financial Services - Michael Needham
 
AWS in FSI 2019
AWS in FSI 2019AWS in FSI 2019
AWS in FSI 2019
 
AWS view of Financial Services Industry
AWS view of Financial Services IndustryAWS view of Financial Services Industry
AWS view of Financial Services Industry
 
AWS featuring Mechanical Turk for Financial Services_2014
AWS featuring Mechanical Turk for Financial Services_2014AWS featuring Mechanical Turk for Financial Services_2014
AWS featuring Mechanical Turk for Financial Services_2014
 
Real-time Visibility at Scale with Sumo Logic
Real-time Visibility at Scale with Sumo LogicReal-time Visibility at Scale with Sumo Logic
Real-time Visibility at Scale with Sumo Logic
 
AWS - Security & Compliance
AWS - Security & ComplianceAWS - Security & Compliance
AWS - Security & Compliance
 

Similar to Fintech Pace Security on AWS: The Customer Perspective

Security Automation: Spend Less Time Securing Your Applications.
Security Automation: Spend Less Time Securing Your Applications.Security Automation: Spend Less Time Securing Your Applications.
Security Automation: Spend Less Time Securing Your Applications.Amazon Web Services
 
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...Amazon Web Services
 
AWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAmazon Web Services
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignAmazon Web Services
 
Compliance in the Cloud Using “Security by Design” Principles
Compliance in the Cloud Using “Security by Design” PrinciplesCompliance in the Cloud Using “Security by Design” Principles
Compliance in the Cloud Using “Security by Design” PrinciplesAmazon Web Services
 
Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud Security Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud SecurityAmazon Web Services
 
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...Modern Security and Compliance Through Automation | AWS Public Sector Summit ...
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...Amazon Web Services
 
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...Amazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...Amazon Web Services
 
Application Security in the Cloud - Best Practices
Application Security in the Cloud - Best PracticesApplication Security in the Cloud - Best Practices
Application Security in the Cloud - Best PracticesRightScale
 
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Amazon Web Services
 
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...Amazon Web Services
 
Infrastructure Provisioning & Automation For Large Enterprises
Infrastructure Provisioning & Automation For Large EnterprisesInfrastructure Provisioning & Automation For Large Enterprises
Infrastructure Provisioning & Automation For Large EnterprisesTensult
 
Advanced Security Automation Made Simple
Advanced Security Automation Made SimpleAdvanced Security Automation Made Simple
Advanced Security Automation Made SimpleMark Nunnikhoven
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationAmazon Web Services
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
 
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)Amazon Web Services
 

Similar to Fintech Pace Security on AWS: The Customer Perspective (20)

Security Automation: Spend Less Time Securing Your Applications.
Security Automation: Spend Less Time Securing Your Applications.Security Automation: Spend Less Time Securing Your Applications.
Security Automation: Spend Less Time Securing Your Applications.
 
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...
 
AWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation SecurityAWS Summit Singapore - Next Generation Security
AWS Summit Singapore - Next Generation Security
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By Design
 
Compliance in the Cloud Using “Security by Design” Principles
Compliance in the Cloud Using “Security by Design” PrinciplesCompliance in the Cloud Using “Security by Design” Principles
Compliance in the Cloud Using “Security by Design” Principles
 
Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud Security Developing a Continuous Automated Approach to Cloud Security
Developing a Continuous Automated Approach to Cloud Security
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack Security
 
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...Modern Security and Compliance Through Automation | AWS Public Sector Summit ...
Modern Security and Compliance Through Automation | AWS Public Sector Summit ...
 
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
 
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
Adaptive Cloud Security: Game-Changing Cloud Security and Compliance Automati...
 
Application Security in the Cloud - Best Practices
Application Security in the Cloud - Best PracticesApplication Security in the Cloud - Best Practices
Application Security in the Cloud - Best Practices
 
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017 Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017
 
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
 
Infrastructure Provisioning & Automation For Large Enterprises
Infrastructure Provisioning & Automation For Large EnterprisesInfrastructure Provisioning & Automation For Large Enterprises
Infrastructure Provisioning & Automation For Large Enterprises
 
Advanced Security Automation Made Simple
Advanced Security Automation Made SimpleAdvanced Security Automation Made Simple
Advanced Security Automation Made Simple
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through Automation
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the Cloud
 
Incident response in cloud environments
Incident response in cloud environmentsIncident response in cloud environments
Incident response in cloud environments
 
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessPixlogix Infotech
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)wesley chun
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 

Recently uploaded (20)

How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Advantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your BusinessAdvantages of Hiring UIUX Design Service Providers for Your Business
Advantages of Hiring UIUX Design Service Providers for Your Business
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 

Fintech Pace Security on AWS: The Customer Perspective

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Myles Hosford – Security Solution Architect APAC, AWS Anthony Hodge, Head, Cloud Engineering and Delivery, Standard Chartered Bank 23rd March 2017 FinTech Pace Security Securing Financial Workloads at ‘FinTech Pace’
  • 2. Agenda • The Problem facing current security programs • The Solution (or some of it J) 1. Automated Deployment 2. Adopt Industry Best Practices 3. Automated Compliance 4. Automated Incident Response • Next Steps & Resources
  • 3. The Problem Evolving & Complex Threat Landscape Infrequent Security Reviews Heavily Regulated Control Requirements Lack of automation introduces error
  • 4. Financial Institution • Operating in a number of countries with many regulators • Complex / Legacy IT • Security ‘Debt’ e.g. Patch Management constantly behind • Traditional third-party outsourcing requirements might not be suited for cloud The Lay of the Land… FinTech / Startup • Probably ‘zero’ regulation but doing business with regulated financial institutions • Moving fast to deliver and iterate the ‘MVP’. Security not the highest priority. • Must jump through third party due diligence for Outsourcing. Can be difficult for small companies with no certifications.
  • 5. Current Security, Risk & Compliance Teams Operating as separate functions can no longer exist Static position papers, architecture diagrams & documents UI-dependent consoles and technologies Auditing, assurance, and compliance are decoupled, separate processes Current SRC Teams
  • 6. Next-Gen Security, Risk & Compliance Teams All should be be part of the ‘maker’ team. Architecture artifacts (design choices, narrative, etc.) committed to common repositories Complete solutions account for automation Solution architectures are living audit/compliance artifacts and evidence in a closed loop Evolved SRC Teams AWS CodeCommit AWS CodePipeline Jenkins
  • 9. Auto Scaling group DMZ Zone security group security group root volume data volume S3 bucket (encrypted AES256) logs Amazon EBS snapshot (encrypted at rest) EC2 instance WEB corporate data center Auto Scaling group App Zone security group root volume data volume S3 bucket (encrypted AES256) logs Amazon EBS snapshot EC2 instance APP DB Zone AWS CloudHSM security group AWS KMS Direct Connect Or VPN Internet HTTP / HTTPS only to the web-tier
  • 10. What you do in any IT Environment Firewall rules Network ACLs Network time pointers Internal and external subnets NAT rules Gold OS images Encryption algorithms for data in transit and at rest Golden Code: Security Translation to AWS AWS JSON translation Gold Image, NTP and NAT Network ACLs, Subnets, FW rules
  • 12. Any IP on the Internet Telnet, insecure, clear-text protocol CloudFormation. An example: Firewall rule Mis-configuration detected BEFORE the environment is even built!
  • 13. Adopt Industry Best Practice (and adopt it fast!)
  • 14. Foundations 52 checks aligned to AWS Best Practices • Root account MFA • CloudTrail Enabled • Config & CloudWatch Alarms CIS AWS Benchmarks Three-Tier 96 checks aligned to a three-tier web application • Encrypt EBS volumes • Resources are ‘tagged’ • Tight security groups Bake these controls into your CloudFormation templates 148 security controls by default handed to your development team
  • 15. Self-Assessment Insert AWS github checker here CIS AWS Benchmarks Your audit teams can get hands-on. Be part of the ‘maker’ team by automating their pre-prod checklists.
  • 17. IT Security Policy & Controls
  • 18. IT Security Policy & Controls Nobody reads them Difficult to enforce Rarely updated
  • 19. Compliance guideline Action if non-compliance All EBS volumes should be encrypted Encrypt volumes and alert operations team Instances must be from a specific approved AMI Terminate instance and notify build team Instances must be tagged with environment type Flag as non-compliant but take no further action AWS Config Rules
  • 20. AWS Config Rules Internal Controls MAS/HKMA Guidelines Industry best practice Bake these compliance checks into your CloudFormation templates
  • 21. AWS Config Rules – Managed Rules (30+) Encrypted Volumes Restricted SSH CloudTrail Enabled Root MFA Password Policy Approved OS Image
  • 22. Custom Rules - Boilerplate
  • 23. Automate Incident Response (and respond to compromise fast!)
  • 24. Amazon CloudWatch Events • Respond to state changes automatically in your AWS resources • Resources changing state automatically emit observable events • Write declarative rules to match events of interest and then invoke targets to take action • Events can also be scheduled – “Cron in the Cloud”
  • 25. Amazon CloudWatch Events Rapid notification of changes Reduces polling overhead Uniform event- driven computing interface Reliable, infrastructure- free scheduled task execution
  • 26. Rapid notification of changes Changes to AWS resources are delivered to your application in near real-time React to suspicious, risky, or problematic situations programmatically, without having to involve an operator
  • 27. Cloudwatch Events. 30 second response time! Detect malicious API and automate response. If trail.StopLogging { user.disable trail.StartLogging email.security_team } Bake these automated response controls into your CloudFormation templates
  • 28. How do you get started? AWS Free Security Training CIS AWS Security Foundations Benchmark CIS AWS Three-Tier Web Application Benchmark Security / Risk & Compliance Whitepapers
  • 29. Conclusion: The Problem Evolving & Complex Threat Landscape Infrequent Security Reviews Heavily Regulated Control Requirements Lack of automation introduces error
  • 30. Conclusion: The Solution Evolving & Complex Threat Landscape Infrequent Security Reviews Heavily Regulated Control Requirements Lack of automation introduces error Make security easy for everyone. Build it in by default. Evaluate security & compliance continuously. Automate response to scale Build control requirements into CloudFormation and blueprints for re-use. Be Consistent. To remove human error, remove humans J
  • 31. Thank you! Move fast and stay secure!