SlideShare a Scribd company logo

How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hammer - SID350 - re:Invent 2017

Amazon Web Services
Amazon Web Services

The session will focus on the newly-launched security tool Hammer, which Dow Jones developed after identifying a security vulnerability internally. Users will learn more about Hammer and how it solves certain security configuration issues in the AWS cloud. The team behind the development of Hammer will showcase real-world examples of the tool identifying, analyzing and remediating issues, all as part of Dow Jones' commitment to helping everyone in the community as they make the jump to the cloud.

1 of 26
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT Dow Jones H o w D o w J o n e s I d e n t i f i e s , A n a l y z e s , a n d R e m e d i a t e s S e c u r i t y I s s u e s w i t h H a m m e r S I D 3 5 0 N o v e m b e r 2 7 , 2 0 1 7
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Introduction Ramin Beheshti Group chief product and technology officer Pranav Patel Security architect
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cloud migration journey ● Agile ● Success story out of migration ● “Lift & Shift” applications ● Cost management ● “Fail forward fast...” ● “Act now, apologize later….” ● “Move Fast Break Things….” https://memegenerator.net/instance/80795081
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security…??? • Legacy cloud (....already?) • Traditional security tools do not measure up • Multi-Account visibility and controls • Shared Responsibility Model • Change in Landscape “While moving fast and breaking things, We forget to fix things!!!” https://memegenerator.net/instance/80794879
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Exposures • Vulnerability research tools • Data dump sites • Bots
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Initial journey • Traditional model to replicate Data Center • Centralized devops and security team
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multi-account sprawl
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multi-account sprawl • Lack of visibility • Scalability • “Someone is looking into it…”
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why…? • Change of landscape • Need to automate • Challenges with traditional security tool
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multi-account growth: Ideal state
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security: Defense-in-depth Detective Controls Reactive Controls Proactive Controls
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Our solution • Automate • Scalable • Self-service • Auditable
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Hammer… why? • Cloud Infrastructure visibility • Easily pinpoint MY product’s security issues • Tailored reporting, save analysis time • “Auto-fix” misconfigurations with ability to rollback
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Consumer • Multi-account customers • Decentralized development organizations • Multiple business units
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Hammer lifecycle Identify AnalyzeRemediate Report
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Architecture
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Hammer – how does it work?
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Hammer—“auto-fix”
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Types of issues and remediation ❏ Business Critical: Fix Now ❏ Report Now: Schedule Fix ❏ Known Risk: ❏ Risk Sign-off
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Use-case 1: S3 buckets ● Audit against the Public ACLs ● Analyze the tags ● Report the issue ● Auto-Fix public ACLs
Demo © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Use-case 2: Overexposed instances ● Audit against open ingress security groups and instances with public IPs, or placed in public subnet ● Analyze the instance tags and meta-data ● Report the issue ● Auto-fix security group rules
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Portfolio: Hammer services Services Functionality Identification Analysis & Reporting Remediation IAM Weak IAM—IAM key rotations, enforce strong password policy x x x Storage Publicly accessible or misconfigured S3 bucket x x x Compute Overexposed EC2 instances that are attached to over-exposed security groups x x x Network Open ingress and egress security groups Ex: Database ports, remote administration, and so on x x x Logging AWS CloudTrail enabled x x Future release App Slated for future release Future release Future release Future release Database TBD Future release Future release Future release
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Open collaboration • To be decided…
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!

Recommended

SID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategySID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategyAmazon Web Services
 
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...Amazon Web Services
 
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...From Obstacle to Advantage: The Changing Role of Security & Compliance in You...
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...Amazon Web Services
 
Amazon Macie: Data Visibility Powered by Machine Learning for Security and Co...
Amazon Macie: Data Visibility Powered by Machine Learning for Security and Co...Amazon Macie: Data Visibility Powered by Machine Learning for Security and Co...
Amazon Macie: Data Visibility Powered by Machine Learning for Security and Co...Amazon Web Services
 
ThreatResponse
ThreatResponseThreatResponse
ThreatResponseAmazon Web Services
 
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...Amazon Web Services
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWSAmazon Web Services
 
Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Amazon Web Services
 

Recommended

SID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategySID331_Architecting Security and Governance Across a Multi-Account Strategy
SID331_Architecting Security and Governance Across a Multi-Account StrategyAmazon Web Services
 
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...Amazon Web Services
 
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...From Obstacle to Advantage: The Changing Role of Security & Compliance in You...
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...Amazon Web Services
 
Amazon Macie: Data Visibility Powered by Machine Learning for Security and Co...
Amazon Macie: Data Visibility Powered by Machine Learning for Security and Co...Amazon Macie: Data Visibility Powered by Machine Learning for Security and Co...
Amazon Macie: Data Visibility Powered by Machine Learning for Security and Co...Amazon Web Services
 
ThreatResponse
ThreatResponseThreatResponse
ThreatResponseAmazon Web Services
 
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...Amazon Web Services
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWSAmazon Web Services
 
Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Amazon Web Services
 
A Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionA Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionAmazon Web Services
 
The AWS Philosophy of Security - SID322 - re:Invent 2017
The AWS Philosophy of Security - SID322 - re:Invent 2017The AWS Philosophy of Security - SID322 - re:Invent 2017
The AWS Philosophy of Security - SID322 - re:Invent 2017Amazon Web Services
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSAmazon Web Services
 
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...Amazon Web Services
 
Incident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdfIncident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdfAmazon Web Services
 
Amazon Macie Demo
Amazon Macie DemoAmazon Macie Demo
Amazon Macie DemoAmazon Web Services
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation OverviewAmazon Web Services
 
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...Amazon Web Services
 
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Amazon Web Services
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017Amazon Web Services
 
AWS Security State of the Union - SID326 - re:Invent 2017
AWS Security State of the Union - SID326 - re:Invent 2017AWS Security State of the Union - SID326 - re:Invent 2017
AWS Security State of the Union - SID326 - re:Invent 2017Amazon Web Services
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSAmazon Web Services
 
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...Amazon Web Services
 
Become an AWS IAM Policy Ninja
Become an AWS IAM Policy NinjaBecome an AWS IAM Policy Ninja
Become an AWS IAM Policy NinjaAmazon Web Services
 
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Amazon Web Services
 
An Active Case Study on Insider Threat Detection in your Applications
An Active Case Study on Insider Threat Detection in your ApplicationsAn Active Case Study on Insider Threat Detection in your Applications
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
 
The Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityThe Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityAmazon Web Services
 
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Amazon Web Services
 
Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017
Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017
Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017Amazon Web Services
 
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017Automating DDoS Response in the Cloud - SID324 - re:Invent 2017
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017Amazon Web Services
 
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...Amazon Web Services
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAleksandr Maklakov
 

More Related Content

What's hot

A Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionA Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionAmazon Web Services
 
The AWS Philosophy of Security - SID322 - re:Invent 2017
The AWS Philosophy of Security - SID322 - re:Invent 2017The AWS Philosophy of Security - SID322 - re:Invent 2017
The AWS Philosophy of Security - SID322 - re:Invent 2017Amazon Web Services
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSAmazon Web Services
 
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...Amazon Web Services
 
Incident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdfIncident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdfAmazon Web Services
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation OverviewAmazon Web Services
 
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...Amazon Web Services
 
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Amazon Web Services
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017Amazon Web Services
 
AWS Security State of the Union - SID326 - re:Invent 2017
AWS Security State of the Union - SID326 - re:Invent 2017AWS Security State of the Union - SID326 - re:Invent 2017
AWS Security State of the Union - SID326 - re:Invent 2017Amazon Web Services
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSAmazon Web Services
 
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...Amazon Web Services
 
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Amazon Web Services
 
An Active Case Study on Insider Threat Detection in your Applications
An Active Case Study on Insider Threat Detection in your ApplicationsAn Active Case Study on Insider Threat Detection in your Applications
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
 
The Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityThe Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityAmazon Web Services
 
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Amazon Web Services
 
Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017
Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017
Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017Amazon Web Services
 
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017Automating DDoS Response in the Cloud - SID324 - re:Invent 2017
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017Amazon Web Services
 

What's hot (20)

A Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionA Case Study on Insider Threat Detection
A Case Study on Insider Threat Detection
 
The AWS Philosophy of Security - SID322 - re:Invent 2017
The AWS Philosophy of Security - SID322 - re:Invent 2017The AWS Philosophy of Security - SID322 - re:Invent 2017
The AWS Philosophy of Security - SID322 - re:Invent 2017
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
 
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
 
Incident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdfIncident Response on AWS - A Practical Look.pdf
Incident Response on AWS - A Practical Look.pdf
 
Amazon Macie Demo
Amazon Macie DemoAmazon Macie Demo
Amazon Macie Demo
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation Overview
 
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
 
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
 
AWS Security State of the Union - SID326 - re:Invent 2017
AWS Security State of the Union - SID326 - re:Invent 2017AWS Security State of the Union - SID326 - re:Invent 2017
AWS Security State of the Union - SID326 - re:Invent 2017
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWS
 
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
Identity Management for Your Users and Apps: A Deep Dive on Amazon Cognito - ...
 
Become an AWS IAM Policy Ninja
Become an AWS IAM Policy NinjaBecome an AWS IAM Policy Ninja
Become an AWS IAM Policy Ninja
 
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
 
An Active Case Study on Insider Threat Detection in your Applications
An Active Case Study on Insider Threat Detection in your ApplicationsAn Active Case Study on Insider Threat Detection in your Applications
An Active Case Study on Insider Threat Detection in your Applications
 
The Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityThe Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information Security
 
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
 
Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017
Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017
Cloud Adoption in Regulated Financial Services - SID328 - re:Invent 2017
 
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017Automating DDoS Response in the Cloud - SID324 - re:Invent 2017
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017
 

Similar to How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hammer - SID350 - re:Invent 2017

Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...Amazon Web Services
 
AWS Startup Day Kyiv: AWS Security Best Practices
AWS Startup Day Kyiv: AWS Security Best PracticesAWS Startup Day Kyiv: AWS Security Best Practices
AWS Startup Day Kyiv: AWS Security Best PracticesAmazon Web Services
 
SID302_Force Multiply Your Security Team with Automation and Alexa
SID302_Force Multiply Your Security Team with Automation and AlexaSID302_Force Multiply Your Security Team with Automation and Alexa
SID302_Force Multiply Your Security Team with Automation and AlexaAmazon Web Services
 
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWSAmazon Web Services
 
Introduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption FrameworkIntroduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption FrameworkAmazon Web Services
 
Introduction: AWS-Enabled Enterprise Storage Solutions
Introduction: AWS-Enabled Enterprise Storage SolutionsIntroduction: AWS-Enabled Enterprise Storage Solutions
Introduction: AWS-Enabled Enterprise Storage SolutionsAmazon Web Services
 
CON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized ServicesCON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized ServicesAmazon Web Services
 
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3M
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3MDEV332_Using AWS to Achieve Both Autonomy and Governance at 3M
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3MAmazon Web Services
 
Using AWS to Achieve Both Autonomy and Governance at 3M
Using AWS to Achieve Both Autonomy and Governance at 3MUsing AWS to Achieve Both Autonomy and Governance at 3M
Using AWS to Achieve Both Autonomy and Governance at 3MCasey Lee
 
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017Amazon Web Services
 
FSV308-Culture Shift How to Move a Global Financial Services Organization to ...
FSV308-Culture Shift How to Move a Global Financial Services Organization to ...FSV308-Culture Shift How to Move a Global Financial Services Organization to ...
FSV308-Culture Shift How to Move a Global Financial Services Organization to ...Amazon Web Services
 
Managing Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdfManaging Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdfAmazon Web Services
 
Adding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps PipelinesAdding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps PipelinesAmazon Web Services
 
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...Amazon Web Services
 
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...Amazon Web Services
 

Similar to How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hammer - SID350 - re:Invent 2017 (20)

Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Inv...
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best Practices
 
AWS Startup Day Kyiv: AWS Security Best Practices
AWS Startup Day Kyiv: AWS Security Best PracticesAWS Startup Day Kyiv: AWS Security Best Practices
AWS Startup Day Kyiv: AWS Security Best Practices
 
SID302_Force Multiply Your Security Team with Automation and Alexa
SID302_Force Multiply Your Security Team with Automation and AlexaSID302_Force Multiply Your Security Team with Automation and Alexa
SID302_Force Multiply Your Security Team with Automation and Alexa
 
Amazon Macie Demo
Amazon Macie DemoAmazon Macie Demo
Amazon Macie Demo
 
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
 
Introduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption FrameworkIntroduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption Framework
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
Introduction: AWS-Enabled Enterprise Storage Solutions
Introduction: AWS-Enabled Enterprise Storage SolutionsIntroduction: AWS-Enabled Enterprise Storage Solutions
Introduction: AWS-Enabled Enterprise Storage Solutions
 
CON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized ServicesCON320_Monitoring, Logging and Debugging Containerized Services
CON320_Monitoring, Logging and Debugging Containerized Services
 
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3M
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3MDEV332_Using AWS to Achieve Both Autonomy and Governance at 3M
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3M
 
Using AWS to Achieve Both Autonomy and Governance at 3M
Using AWS to Achieve Both Autonomy and Governance at 3MUsing AWS to Achieve Both Autonomy and Governance at 3M
Using AWS to Achieve Both Autonomy and Governance at 3M
 
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
How Amazon.com Uses AWS Management Tools - DEV340 - re:Invent 2017
 
FSV308-Culture Shift How to Move a Global Financial Services Organization to ...
FSV308-Culture Shift How to Move a Global Financial Services Organization to ...FSV308-Culture Shift How to Move a Global Financial Services Organization to ...
FSV308-Culture Shift How to Move a Global Financial Services Organization to ...
 
Managing Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdfManaging Microsoft Workloads on AWS.pdf
Managing Microsoft Workloads on AWS.pdf
 
Adding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps PipelinesAdding the Sec to Your DevOps Pipelines
Adding the Sec to Your DevOps Pipelines
 
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...
 
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
Remove Undifferentiated Heavy Lifting from CI/CD Toolsets with Corteva Agrisc...
 
Breaking Down the 'Monowhat'
Breaking Down the 'Monowhat'Breaking Down the 'Monowhat'
Breaking Down the 'Monowhat'
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hammer - SID350 - re:Invent 2017

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT Dow Jones H o w D o w J o n e s I d e n t i f i e s , A n a l y z e s , a n d R e m e d i a t e s S e c u r i t y I s s u e s w i t h H a m m e r S I D 3 5 0 N o v e m b e r 2 7 , 2 0 1 7
  • 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Introduction Ramin Beheshti Group chief product and technology officer Pranav Patel Security architect
  • 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Cloud migration journey ● Agile ● Success story out of migration ● “Lift & Shift” applications ● Cost management ● “Fail forward fast...” ● “Act now, apologize later….” ● “Move Fast Break Things….” https://memegenerator.net/instance/80795081
  • 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security…??? • Legacy cloud (....already?) • Traditional security tools do not measure up • Multi-Account visibility and controls • Shared Responsibility Model • Change in Landscape “While moving fast and breaking things, We forget to fix things!!!” https://memegenerator.net/instance/80794879
  • 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Exposures • Vulnerability research tools • Data dump sites • Bots
  • 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Initial journey • Traditional model to replicate Data Center • Centralized devops and security team
  • 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multi-account sprawl
  • 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multi-account sprawl • Lack of visibility • Scalability • “Someone is looking into it…”
  • 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why…? • Change of landscape • Need to automate • Challenges with traditional security tool
  • 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multi-account growth: Ideal state
  • 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security: Defense-in-depth Detective Controls Reactive Controls Proactive Controls
  • 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Our solution • Automate • Scalable • Self-service • Auditable
  • 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Hammer… why? • Cloud Infrastructure visibility • Easily pinpoint MY product’s security issues • Tailored reporting, save analysis time • “Auto-fix” misconfigurations with ability to rollback
  • 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Consumer • Multi-account customers • Decentralized development organizations • Multiple business units
  • 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Hammer lifecycle Identify AnalyzeRemediate Report
  • 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Architecture
  • 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Hammer – how does it work?
  • 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Hammer—“auto-fix”
  • 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Types of issues and remediation ❏ Business Critical: Fix Now ❏ Report Now: Schedule Fix ❏ Known Risk: ❏ Risk Sign-off
  • 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Use-case 1: S3 buckets ● Audit against the Public ACLs ● Analyze the tags ● Report the issue ● Auto-Fix public ACLs
  • 21. Demo © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Use-case 2: Overexposed instances ● Audit against open ingress security groups and instances with public IPs, or placed in public subnet ● Analyze the instance tags and meta-data ● Report the issue ● Auto-fix security group rules
  • 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
  • 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Portfolio: Hammer services Services Functionality Identification Analysis & Reporting Remediation IAM Weak IAM—IAM key rotations, enforce strong password policy x x x Storage Publicly accessible or misconfigured S3 bucket x x x Compute Overexposed EC2 instances that are attached to over-exposed security groups x x x Network Open ingress and egress security groups Ex: Database ports, remote administration, and so on x x x Logging AWS CloudTrail enabled x x Future release App Slated for future release Future release Future release Future release Database TBD Future release Future release Future release
  • 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Open collaboration • To be decided…
  • 26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!