SlideShare a Scribd company logo

AWS Security Presentation: Integrated Security & Operations for Scaling Securely in AWS

Download as PPTX, PDF
Amazon Web Services
Amazon Web Services

This document summarizes a presentation about Threat Stack, a cloud security platform. It discusses Threat Stack's integrated security and operations capabilities for scaling securely in AWS. The presentation includes customer stories from AdRoll and HelloSign, which discuss how they use Threat Stack for continuous monitoring, visibility, compliance, and enforcing security policies at scale as their infrastructure and businesses grow dynamically. The document encourages attendees to start securing their AWS infrastructure with a Threat Stack trial.

Presentations & Public Speaking
1 of 23
AWS Security Customer Presentation: Integrated Security & Operations for Scaling Securely in AWS
• Security for Software Defined World • Threat Stack Cloud Security Platform • DevOps and Security Worlds • Threat Stack Customer Success Stories Agenda
Threat Stack Team Vikram Varakantam Director, Products and Customer Development Background: Vikram Varakantam is Director, Products and Customer Development at Threat Stack Vikram is a long time veteran of security products domain with Senior Product Management roles managing IPS, Fireall and Security Services products at Cisco Systems Inc.
Software Defined Infrastructure The Shifting Paradigm
Security for Software Defined World ? Devops and Sec image, courtesy of @petecheslock #devopsdays
Worlds of DevOps and Security • Culture, Collaboration • Continuous Operations at Scale • Repeatability, Scale and Automation, API • Well Known Orchestrated Baselines • KISS Principles • Tight Feedback Loops • Continuous Risk Management • Information sharing on as needed basis • Solutions for specific domain functions • Compliance and Reporting • Industry Benchmarks and Compliance Policies (CIS, PCI, NIST) DevOps Philosophy & Tooling Feedback & Hygiene Traditional Security
Security Must Evolve With You Deploy Operate Investigate
CLOUD SECURITY PLATFORM FOR START-UPS, HIGH GROWTH & ENTERPRISE Modern Infrastructure Requires Modern Security. Vulnerability Management Threat Intelligence Compliance Reporting Infrastructure Monitoring Workload Insights Cloud Native. Platform Independent. Fully Integrated.
INCREASE VELOCITY OF YOUR SECURITY OPERATIONS Time to detection: Go from 4 hrs to 4 minutes GAIN COMPLETE VISIBILITY INTO BEHAVIOR Know Who, What, Where, When across your entire environment CONTINUOUS SECURITY MONITORING & VISIBILITY, IN ONE PLACE No need to chase down fragmented data points from multiple tools ASSURE COMPLIANCE FOR YOU & YOUR CUSTOMERS Automatically implement effective controls, policies & procedures to protect data and meet compliance Why Threat Stack?
v v Some of our Trusted Customers
Threat Stack Customer Story: Ilya Kalinin Senior DevOps Engineer Background: IIya Kalinin is a Senior DevOps Engineer at AdRoll, #1 retargeting Adtech platform. IIya is a leading DevOps practitioner involved in large scale Infrastructure Management automation projects leveraging tools as Jenkins, Docker, Ansible, Terraform, AWS.
AdRoll Infrastructure Overview • Highly Elastic Infrastructure with 1000-1500 Instances • Distributed Development teams with multiple configuration management tools Terraform, Ansible, Puppet... • System Components are treated as Separate Services from a operations point of view • Developers need continuous access to troubleshoot, support their own services in production • SRE team wants to retain control and have the audit trail but doesn't want to be a bottleneck to the engineering team’s velocity • Every service is using an AMI pre-approved by SRE team to baseline deployments
Key Use Cases for Cloud Security Get Visibility Trust But Verify Enforce Rules-based Behavior • Developers need continuous access to troubleshoot, support their own services in production • SRE team wants to retain control and have the audit trail but doesn't want to be a bottleneck to the engineering team’s velocity • Integrating Security across multiple Services across the AdRoll Infrastructure • Enforcing Security Policy at Scale • Integrating Security into Existing Engineering Practices without any disruption
Threat Stack Workflow • Threat Stack Agent Integrated into AMI images pre-approved by SRE with various deployment automation tools for coverage across all Services. • Security Monitoring on per service basis using custom ruleset to baseline each service behaviors. • Initial challenges in adopting Threat Stack is deriving per service baselines and an initial rule set. • Daily and weekly alert review, create suppression rules for new or changed baselines creation advice: better let some noise come through than miss something important.
Ilya’s Cloud Security Advice… Be Patient Cloud Security is important and important things take time to get right. Build vs. Buy Do the calculations – you might be surprised by the cost of building… Ask for Help Threat Stack cloud security experts are always available to help; you don’t have to know all of the answers
Threat Stack Customer Story: Anshu Gupta Director of Information Security Background: Anshu Gupta is the Director of Information Security at HelloSign, a leading eSignature company. Anshu is a long time security practitioner, having served as a trusted advisor on information security issues to Fortune 500 companies at Ernst & Young and KPMG and recently in senior security management roles at Esurance and Coupa Software.
Infrastructure Overview • Highly orchestrated Dynamic Infrastructure with sophisticated Operations and Security Teams • Infrastructure, tools and operational models designed to support rapid company growth • Tight collaboration between DevOps and Security teams to manage Risk and Compliance Objectives
Key Use Cases for Cloud Security Compliance Derivatives • Security as an accelerator for Business growth in partnership with Developers and Operations team • Security tools designed for DevOps workflow and scale to known mature Security Functions (File Integrity Monitoring, Vulnerability Management) • Enforcing Security Policy at Scale as business grows • Support Compliance objectives with least overhead • Augment Security mindshare through engagement model. Integrated Security Multiple Security Functions
HelloSign : Why Threat Stack? • Cloud native platform preferred by our DevOps team • Threat Stack Team - engineering company with a solid product • Exceptional support with service centric mindset • Greater visibility into our environment using a single tool
Anshu’s Cloud Security Advice… Modern Approach Cloud Security requires a new approach that fits well with the dynamic world Security and Compliance Combine functions – you might be surprised how both these worlds are so closer in the new world Demand more.. Threat Stack Cloud Security as an extended resource to augment Security mindshare.
Start Securing Your AWS Infrastructure
Next Steps and Trial Offer Start continuously monitoring your AWS environment today with Threat Stack We can help with every step along your cloud security journey! http://get.threatstack.com/aws-security-week AWS Security Week Workshop Integrated Security & O Pete Cheslock Head of Ops & Support @petecheslock Tim Armstrong Product Marketing Manager @_timarmstrong
Continuous AWS Security Monitoring Platform

Recommended

Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security CenterUdaiappa Ramachandran
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Amazon Web Services
 

Recommended

Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...
Building Performance Clinical Systems' HIPAA-Compliant Clinical Workflow Plat...Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
AWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAWS Enterprise Day | Securing your Web Applications in the Cloud
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
Azure Security Center
Azure Security CenterAzure Security Center
Azure Security CenterUdaiappa Ramachandran
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Amazon Web Services
 
What's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security RoadshowWhat's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security RoadshowAmazon Web Services
 
(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive ScaleAmazon Web Services
 
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)Amazon Web Services
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals Christopher Caplan
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
 
Maturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOpsMaturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOpsAmazon Web Services
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack SecurityAmazon Web Services
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWSAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the Cloud“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the CloudAmazon Web Services
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAlert Logic
 
How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment  How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment  Amazon Web Services
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”Amazon Web Services
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWSPolarSeven Pty Ltd
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The CloudMark Nunnikhoven
 
Architecting Security and Governance Across Multi Accounts
Architecting Security and Governance Across Multi AccountsArchitecting Security and Governance Across Multi Accounts
Architecting Security and Governance Across Multi AccountsAmazon Web Services
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWSAmazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 
Pre-Quiz Symantec Endpoint Encryption
Pre-Quiz Symantec Endpoint EncryptionPre-Quiz Symantec Endpoint Encryption
Pre-Quiz Symantec Endpoint EncryptionMatt Dawdy
 
AWS Summit Auckland -Key steps for Setting up your AWS Journey For Success
AWS Summit Auckland -Key steps for Setting up your AWS Journey For SuccessAWS Summit Auckland -Key steps for Setting up your AWS Journey For Success
AWS Summit Auckland -Key steps for Setting up your AWS Journey For SuccessAmazon Web Services
 

More Related Content

What's hot

What's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security RoadshowWhat's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security RoadshowAmazon Web Services
 
(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive ScaleAmazon Web Services
 
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)Amazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
 
Maturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOpsMaturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOpsAmazon Web Services
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWSAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the Cloud“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the CloudAmazon Web Services
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAlert Logic
 
How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment  How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment  Amazon Web Services
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”Amazon Web Services
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The CloudMark Nunnikhoven
 
Architecting Security and Governance Across Multi Accounts
Architecting Security and Governance Across Multi AccountsArchitecting Security and Governance Across Multi Accounts
Architecting Security and Governance Across Multi AccountsAmazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0Amazon Web Services
 

What's hot (20)

What's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security RoadshowWhat's (nearly) new | AWS Security Roadshow
What's (nearly) new | AWS Security Roadshow
 
(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale(SPOT303) Security Operations at Massive Scale
(SPOT303) Security Operations at Massive Scale
 
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
 
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...
 
Maturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOpsMaturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOps
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack Security
 
Architecting for Greater Security on AWS
Architecting for Greater Security on AWSArchitecting for Greater Security on AWS
Architecting for Greater Security on AWS
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the Cloud“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the Cloud
 
AWS Shared Security Model in Practice
AWS Shared Security Model in PracticeAWS Shared Security Model in Practice
AWS Shared Security Model in Practice
 
How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment  How Serverless Computing Enables Microservices and Micropayment 
How Serverless Computing Enables Microservices and Micropayment 
 
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWS
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The Cloud
 
Architecting Security and Governance Across Multi Accounts
Architecting Security and Governance Across Multi AccountsArchitecting Security and Governance Across Multi Accounts
Architecting Security and Governance Across Multi Accounts
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
 
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0(SEC402) Enterprise Cloud Security via DevSecOps 2.0
(SEC402) Enterprise Cloud Security via DevSecOps 2.0
 

Viewers also liked

Pre-Quiz Symantec Endpoint Encryption
Pre-Quiz Symantec Endpoint EncryptionPre-Quiz Symantec Endpoint Encryption
Pre-Quiz Symantec Endpoint EncryptionMatt Dawdy
 
AWS Summit Auckland -Key steps for Setting up your AWS Journey For Success
AWS Summit Auckland -Key steps for Setting up your AWS Journey For SuccessAWS Summit Auckland -Key steps for Setting up your AWS Journey For Success
AWS Summit Auckland -Key steps for Setting up your AWS Journey For SuccessAmazon Web Services
 
Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2 Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2Amazon Web Services
 
Application Delivery on Amazon Web Services for Developers
Application Delivery on Amazon Web Services for DevelopersApplication Delivery on Amazon Web Services for Developers
Application Delivery on Amazon Web Services for DevelopersAmazon Web Services
 
AWS Storage and Content Delivery Services
AWS Storage and Content Delivery ServicesAWS Storage and Content Delivery Services
AWS Storage and Content Delivery ServicesAmazon Web Services
 
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Amazon Web Services
 
Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2Amazon Web Services
 
Getting Started with EC2 Spot - November 2016 Webinar Series
Getting Started with EC2 Spot - November 2016 Webinar SeriesGetting Started with EC2 Spot - November 2016 Webinar Series
Getting Started with EC2 Spot - November 2016 Webinar SeriesAmazon Web Services
 
Creating Your Virtual Data Center: VPC Fundamentals
Creating Your Virtual Data Center: VPC FundamentalsCreating Your Virtual Data Center: VPC Fundamentals
Creating Your Virtual Data Center: VPC FundamentalsAmazon Web Services
 
Getting Started with Amazon QuickSight
Getting Started with Amazon QuickSightGetting Started with Amazon QuickSight
Getting Started with Amazon QuickSightAmazon Web Services
 
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料Amazon Web Services
 
What’s New with AWS Mobile Services
What’s New with AWS Mobile ServicesWhat’s New with AWS Mobile Services
What’s New with AWS Mobile ServicesAmazon Web Services
 
Microservices on AWS: Divide & Conquer for Agility and Scalability
Microservices on AWS: Divide & Conquer for Agility and Scalability Microservices on AWS: Divide & Conquer for Agility and Scalability
Microservices on AWS: Divide & Conquer for Agility and ScalabilityAmazon Web Services
 
AWS re:Invent 2016: Building and Growing a Successful AWS User Group (DCS203)
AWS re:Invent 2016: Building and Growing a Successful AWS User Group (DCS203)AWS re:Invent 2016: Building and Growing a Successful AWS User Group (DCS203)
AWS re:Invent 2016: Building and Growing a Successful AWS User Group (DCS203)Amazon Web Services
 
Build a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS Lambda
Build a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS LambdaBuild a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS Lambda
Build a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS LambdaAmazon Web Services
 
Serverless Geospatial Mobile Apps with AWS
Serverless Geospatial Mobile Apps with AWSServerless Geospatial Mobile Apps with AWS
Serverless Geospatial Mobile Apps with AWSAmazon Web Services
 
AWS re:Invent 2016: Case Study: How Startups Like Smartsheet and Quantcast Ac...
AWS re:Invent 2016: Case Study: How Startups Like Smartsheet and Quantcast Ac...AWS re:Invent 2016: Case Study: How Startups Like Smartsheet and Quantcast Ac...
AWS re:Invent 2016: Case Study: How Startups Like Smartsheet and Quantcast Ac...Amazon Web Services
 
Getting Started with Amazon DynamoDB
Getting Started with Amazon DynamoDBGetting Started with Amazon DynamoDB
Getting Started with Amazon DynamoDBAmazon Web Services
 
re:Invent recap session 1: What's New with AWS Lambda
re:Invent recap session 1: What's New with AWS Lambda re:Invent recap session 1: What's New with AWS Lambda
re:Invent recap session 1: What's New with AWS Lambda Amazon Web Services
 

Viewers also liked (20)

Pre-Quiz Symantec Endpoint Encryption
Pre-Quiz Symantec Endpoint EncryptionPre-Quiz Symantec Endpoint Encryption
Pre-Quiz Symantec Endpoint Encryption
 
AWS Summit Auckland -Key steps for Setting up your AWS Journey For Success
AWS Summit Auckland -Key steps for Setting up your AWS Journey For SuccessAWS Summit Auckland -Key steps for Setting up your AWS Journey For Success
AWS Summit Auckland -Key steps for Setting up your AWS Journey For Success
 
Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2 Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2
 
Application Delivery on Amazon Web Services for Developers
Application Delivery on Amazon Web Services for DevelopersApplication Delivery on Amazon Web Services for Developers
Application Delivery on Amazon Web Services for Developers
 
AWS Storage and Content Delivery Services
AWS Storage and Content Delivery ServicesAWS Storage and Content Delivery Services
AWS Storage and Content Delivery Services
 
AWS Summit Auckland Keynote
AWS Summit Auckland KeynoteAWS Summit Auckland Keynote
AWS Summit Auckland Keynote
 
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
Add End User Sign-in, User Management, and Security to Your Mobile and Web Ap...
 
Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2
 
Getting Started with EC2 Spot - November 2016 Webinar Series
Getting Started with EC2 Spot - November 2016 Webinar SeriesGetting Started with EC2 Spot - November 2016 Webinar Series
Getting Started with EC2 Spot - November 2016 Webinar Series
 
Creating Your Virtual Data Center: VPC Fundamentals
Creating Your Virtual Data Center: VPC FundamentalsCreating Your Virtual Data Center: VPC Fundamentals
Creating Your Virtual Data Center: VPC Fundamentals
 
Getting Started with Amazon QuickSight
Getting Started with Amazon QuickSightGetting Started with Amazon QuickSight
Getting Started with Amazon QuickSight
 
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
使用 Amazon Athena 直接分析儲存於 S3 的巨量資料
 
What’s New with AWS Mobile Services
What’s New with AWS Mobile ServicesWhat’s New with AWS Mobile Services
What’s New with AWS Mobile Services
 
Microservices on AWS: Divide & Conquer for Agility and Scalability
Microservices on AWS: Divide & Conquer for Agility and Scalability Microservices on AWS: Divide & Conquer for Agility and Scalability
Microservices on AWS: Divide & Conquer for Agility and Scalability
 
AWS re:Invent 2016: Building and Growing a Successful AWS User Group (DCS203)
AWS re:Invent 2016: Building and Growing a Successful AWS User Group (DCS203)AWS re:Invent 2016: Building and Growing a Successful AWS User Group (DCS203)
AWS re:Invent 2016: Building and Growing a Successful AWS User Group (DCS203)
 
Build a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS Lambda
Build a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS LambdaBuild a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS Lambda
Build a Text Enabled Keg-orator Robot with Alexa, AWS IoT & AWS Lambda
 
Serverless Geospatial Mobile Apps with AWS
Serverless Geospatial Mobile Apps with AWSServerless Geospatial Mobile Apps with AWS
Serverless Geospatial Mobile Apps with AWS
 
AWS re:Invent 2016: Case Study: How Startups Like Smartsheet and Quantcast Ac...
AWS re:Invent 2016: Case Study: How Startups Like Smartsheet and Quantcast Ac...AWS re:Invent 2016: Case Study: How Startups Like Smartsheet and Quantcast Ac...
AWS re:Invent 2016: Case Study: How Startups Like Smartsheet and Quantcast Ac...
 
Getting Started with Amazon DynamoDB
Getting Started with Amazon DynamoDBGetting Started with Amazon DynamoDB
Getting Started with Amazon DynamoDB
 
re:Invent recap session 1: What's New with AWS Lambda
re:Invent recap session 1: What's New with AWS Lambda re:Invent recap session 1: What's New with AWS Lambda
re:Invent recap session 1: What's New with AWS Lambda
 

Similar to AWS Security Presentation: Integrated Security & Operations for Scaling Securely in AWS

Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAmazon Web Services
 
ISACA Ireland Keynote 2015
ISACA Ireland Keynote 2015ISACA Ireland Keynote 2015
ISACA Ireland Keynote 2015Shannon Lietz
 
System Security on Cloud
System Security on CloudSystem Security on Cloud
System Security on CloudTu Pham
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeCloudHesive
 
Achieve Compliance with Security by Default and By Design
Achieve Compliance with Security by Default and By DesignAchieve Compliance with Security by Default and By Design
Achieve Compliance with Security by Default and By DesignAmazon Web Services
 
(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the EnterpriseAmazon Web Services
 
Improving Application Security With Azure
Improving Application Security With AzureImproving Application Security With Azure
Improving Application Security With AzureSoftchoice Corporation
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudCloudHesive
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...Amazon Web Services
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About SecurityAmazon Web Services
 
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014Amazon Web Services
 
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...Amazon Web Services
 
Overcoming Security Challenges in DevOps
Overcoming Security Challenges in DevOpsOvercoming Security Challenges in DevOps
Overcoming Security Challenges in DevOpsAlert Logic
 
Enabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOpsEnabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOpsJosh Boyd
 
MS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference ArchitectureMS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference Architectureangelohammond
 
Building a DevOps Culture in Public Sector | AWS Public Sector Summit 2017
Building a DevOps Culture in Public Sector | AWS Public Sector Summit 2017Building a DevOps Culture in Public Sector | AWS Public Sector Summit 2017
Building a DevOps Culture in Public Sector | AWS Public Sector Summit 2017Amazon Web Services
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application SecurityChristian Martorella
 
DevSecCon KeyNote London 2015
DevSecCon KeyNote London 2015DevSecCon KeyNote London 2015
DevSecCon KeyNote London 2015Shannon Lietz
 

Similar to AWS Security Presentation: Integrated Security & Operations for Scaling Securely in AWS (20)

Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
 
ISACA Ireland Keynote 2015
ISACA Ireland Keynote 2015ISACA Ireland Keynote 2015
ISACA Ireland Keynote 2015
 
Past, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps InfrastructurePast, Present and Future of DevOps Infrastructure
Past, Present and Future of DevOps Infrastructure
 
System Security on Cloud
System Security on CloudSystem Security on Cloud
System Security on Cloud
 
Winning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our TimeWinning Governance Strategies for the Technology Disruptions of our Time
Winning Governance Strategies for the Technology Disruptions of our Time
 
Achieve Compliance with Security by Default and By Design
Achieve Compliance with Security by Default and By DesignAchieve Compliance with Security by Default and By Design
Achieve Compliance with Security by Default and By Design
 
(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise
 
Improving Application Security With Azure
Improving Application Security With AzureImproving Application Security With Azure
Improving Application Security With Azure
 
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public CloudNIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About Security
 
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014
(SEC312) Taking a DevOps Approach to Security | AWS re:Invent 2014
 
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
Unleash Team Productivity with Real-Time Operations (DEV203-S) - AWS re:Inven...
 
Overcoming Security Challenges in DevOps
Overcoming Security Challenges in DevOpsOvercoming Security Challenges in DevOps
Overcoming Security Challenges in DevOps
 
Enabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOpsEnabling multicloud in the enterprise with DevSecOps
Enabling multicloud in the enterprise with DevSecOps
 
MS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference ArchitectureMS. Cybersecurity Reference Architecture
MS. Cybersecurity Reference Architecture
 
Building a DevOps Culture in Public Sector | AWS Public Sector Summit 2017
Building a DevOps Culture in Public Sector | AWS Public Sector Summit 2017Building a DevOps Culture in Public Sector | AWS Public Sector Summit 2017
Building a DevOps Culture in Public Sector | AWS Public Sector Summit 2017
 
A journey into Application Security
A journey into Application SecurityA journey into Application Security
A journey into Application Security
 
DevSecCon KeyNote London 2015
DevSecCon KeyNote London 2015DevSecCon KeyNote London 2015
DevSecCon KeyNote London 2015
 
DevSecCon Keynote
DevSecCon KeynoteDevSecCon Keynote
DevSecCon Keynote
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@vikas rana
 
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSebastiano Panichella
 
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸mathanramanathan2005
 
Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Escort Service
 
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxmiladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxCarrieButtitta
 
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxAnne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxnoorehahmad
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Krijn Poppe
 
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxGenshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxJohnree4
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxFamilyWorshipCenterD
 
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxmavinoikein
 
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationThe Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationNathan Young
 
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSimulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSebastiano Panichella
 
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)Basil Achie
 
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power
 
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGYPHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGYpruthirajnayak525
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptssuser319dad
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...NETWAYS
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxaryanv1753
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...NETWAYS
 

Recently uploaded (20)

Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
Call Girls in Rohini Delhi 💯Call Us 🔝8264348440🔝
 
call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@call girls in delhi malviya nagar @9811711561@
call girls in delhi malviya nagar @9811711561@
 
SBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation TrackSBFT Tool Competition 2024 -- Python Test Case Generation Track
SBFT Tool Competition 2024 -- Python Test Case Generation Track
 
Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸Mathan flower ppt.pptx slide orchids ✨🌸
Mathan flower ppt.pptx slide orchids ✨🌸
 
Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170Call Girls In Aerocity 🤳 Call Us +919599264170
Call Girls In Aerocity 🤳 Call Us +919599264170
 
miladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptxmiladyskindiseases-200705210221 2.!!pptx
miladyskindiseases-200705210221 2.!!pptx
 
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptxAnne Frank A Beacon of Hope amidst darkness ppt.pptx
Anne Frank A Beacon of Hope amidst darkness ppt.pptx
 
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
Presentation for the Strategic Dialogue on the Future of Agriculture, Brussel...
 
Genshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptxGenshin Impact PPT Template by EaTemp.pptx
Genshin Impact PPT Template by EaTemp.pptx
 
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptxGenesis part 2 Isaiah Scudder 04-24-2024.pptx
Genesis part 2 Isaiah Scudder 04-24-2024.pptx
 
Work Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptxWork Remotely with Confluence ACE 2.pptx
Work Remotely with Confluence ACE 2.pptx
 
The Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism PresentationThe Ten Facts About People With Autism Presentation
The Ten Facts About People With Autism Presentation
 
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with AerialistSimulation-based Testing of Unmanned Aerial Vehicles with Aerialist
Simulation-based Testing of Unmanned Aerial Vehicles with Aerialist
 
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
NATIONAL ANTHEMS OF AFRICA (National Anthems of Africa)
 
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular PlasticsDutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
Dutch Power - 26 maart 2024 - Henk Kras - Circular Plastics
 
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGYPHYSICS PROJECT BY MSC - NANOTECHNOLOGY
PHYSICS PROJECT BY MSC - NANOTECHNOLOGY
 
Philippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.pptPhilippine History cavite Mutiny Report.ppt
Philippine History cavite Mutiny Report.ppt
 
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
OSCamp Kubernetes 2024 | Zero-Touch OS-Infrastruktur für Container und Kubern...
 
Event 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptxEvent 4 Introduction to Open Source.pptx
Event 4 Introduction to Open Source.pptx
 
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
OSCamp Kubernetes 2024 | A Tester's Guide to CI_CD as an Automated Quality Co...
 

AWS Security Presentation: Integrated Security & Operations for Scaling Securely in AWS

  • 1. AWS Security Customer Presentation: Integrated Security & Operations for Scaling Securely in AWS
  • 2. • Security for Software Defined World • Threat Stack Cloud Security Platform • DevOps and Security Worlds • Threat Stack Customer Success Stories Agenda
  • 3. Threat Stack Team Vikram Varakantam Director, Products and Customer Development Background: Vikram Varakantam is Director, Products and Customer Development at Threat Stack Vikram is a long time veteran of security products domain with Senior Product Management roles managing IPS, Fireall and Security Services products at Cisco Systems Inc.
  • 5. Security for Software Defined World ? Devops and Sec image, courtesy of @petecheslock #devopsdays
  • 6. Worlds of DevOps and Security • Culture, Collaboration • Continuous Operations at Scale • Repeatability, Scale and Automation, API • Well Known Orchestrated Baselines • KISS Principles • Tight Feedback Loops • Continuous Risk Management • Information sharing on as needed basis • Solutions for specific domain functions • Compliance and Reporting • Industry Benchmarks and Compliance Policies (CIS, PCI, NIST) DevOps Philosophy & Tooling Feedback & Hygiene Traditional Security
  • 7. Security Must Evolve With You Deploy Operate Investigate
  • 8. CLOUD SECURITY PLATFORM FOR START-UPS, HIGH GROWTH & ENTERPRISE Modern Infrastructure Requires Modern Security. Vulnerability Management Threat Intelligence Compliance Reporting Infrastructure Monitoring Workload Insights Cloud Native. Platform Independent. Fully Integrated.
  • 9. INCREASE VELOCITY OF YOUR SECURITY OPERATIONS Time to detection: Go from 4 hrs to 4 minutes GAIN COMPLETE VISIBILITY INTO BEHAVIOR Know Who, What, Where, When across your entire environment CONTINUOUS SECURITY MONITORING & VISIBILITY, IN ONE PLACE No need to chase down fragmented data points from multiple tools ASSURE COMPLIANCE FOR YOU & YOUR CUSTOMERS Automatically implement effective controls, policies & procedures to protect data and meet compliance Why Threat Stack?
  • 10. v v Some of our Trusted Customers
  • 11. Threat Stack Customer Story: Ilya Kalinin Senior DevOps Engineer Background: IIya Kalinin is a Senior DevOps Engineer at AdRoll, #1 retargeting Adtech platform. IIya is a leading DevOps practitioner involved in large scale Infrastructure Management automation projects leveraging tools as Jenkins, Docker, Ansible, Terraform, AWS.
  • 12. AdRoll Infrastructure Overview • Highly Elastic Infrastructure with 1000-1500 Instances • Distributed Development teams with multiple configuration management tools Terraform, Ansible, Puppet... • System Components are treated as Separate Services from a operations point of view • Developers need continuous access to troubleshoot, support their own services in production • SRE team wants to retain control and have the audit trail but doesn't want to be a bottleneck to the engineering team’s velocity • Every service is using an AMI pre-approved by SRE team to baseline deployments
  • 13. Key Use Cases for Cloud Security Get Visibility Trust But Verify Enforce Rules-based Behavior • Developers need continuous access to troubleshoot, support their own services in production • SRE team wants to retain control and have the audit trail but doesn't want to be a bottleneck to the engineering team’s velocity • Integrating Security across multiple Services across the AdRoll Infrastructure • Enforcing Security Policy at Scale • Integrating Security into Existing Engineering Practices without any disruption
  • 14. Threat Stack Workflow • Threat Stack Agent Integrated into AMI images pre-approved by SRE with various deployment automation tools for coverage across all Services. • Security Monitoring on per service basis using custom ruleset to baseline each service behaviors. • Initial challenges in adopting Threat Stack is deriving per service baselines and an initial rule set. • Daily and weekly alert review, create suppression rules for new or changed baselines creation advice: better let some noise come through than miss something important.
  • 15. Ilya’s Cloud Security Advice… Be Patient Cloud Security is important and important things take time to get right. Build vs. Buy Do the calculations – you might be surprised by the cost of building… Ask for Help Threat Stack cloud security experts are always available to help; you don’t have to know all of the answers
  • 16. Threat Stack Customer Story: Anshu Gupta Director of Information Security Background: Anshu Gupta is the Director of Information Security at HelloSign, a leading eSignature company. Anshu is a long time security practitioner, having served as a trusted advisor on information security issues to Fortune 500 companies at Ernst & Young and KPMG and recently in senior security management roles at Esurance and Coupa Software.
  • 17. Infrastructure Overview • Highly orchestrated Dynamic Infrastructure with sophisticated Operations and Security Teams • Infrastructure, tools and operational models designed to support rapid company growth • Tight collaboration between DevOps and Security teams to manage Risk and Compliance Objectives
  • 18. Key Use Cases for Cloud Security Compliance Derivatives • Security as an accelerator for Business growth in partnership with Developers and Operations team • Security tools designed for DevOps workflow and scale to known mature Security Functions (File Integrity Monitoring, Vulnerability Management) • Enforcing Security Policy at Scale as business grows • Support Compliance objectives with least overhead • Augment Security mindshare through engagement model. Integrated Security Multiple Security Functions
  • 19. HelloSign : Why Threat Stack? • Cloud native platform preferred by our DevOps team • Threat Stack Team - engineering company with a solid product • Exceptional support with service centric mindset • Greater visibility into our environment using a single tool
  • 20. Anshu’s Cloud Security Advice… Modern Approach Cloud Security requires a new approach that fits well with the dynamic world Security and Compliance Combine functions – you might be surprised how both these worlds are so closer in the new world Demand more.. Threat Stack Cloud Security as an extended resource to augment Security mindshare.
  • 21. Start Securing Your AWS Infrastructure
  • 22. Next Steps and Trial Offer Start continuously monitoring your AWS environment today with Threat Stack We can help with every step along your cloud security journey! http://get.threatstack.com/aws-security-week AWS Security Week Workshop Integrated Security & O Pete Cheslock Head of Ops & Support @petecheslock Tim Armstrong Product Marketing Manager @_timarmstrong
  • 23. Continuous AWS Security Monitoring Platform