Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014


Published on

Learn how to increase the effectiveness of your security operations as you move to the cloud. This session for architects and IT administrators covers considerations for optimizing your incident response, monitoring, and audit response tactics to take advantage of built-in capabilities in AWS. This session provides practical advice you can apply today, pulled from industry research, direct experience helping customers migrate to the cloud, and from the speaker's own hard-earned lessons. Sponsored by Trend Micro.

Published in: Technology

(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

  1. 1. @marknca
  2. 2. Strategy Tactics
  3. 3. Traditional Responsibility Model You
  4. 4. AWS You Shared Responsibility Model
  5. 5. AWS Facilities Physical Network Virtualization Layer You Shared Responsibility Model
  6. 6. Monitoring Forensics 4 pillars of practice
  7. 7. SANS incident response process
  8. 8. SANS incident response process
  9. 9. Business point of view
  10. 10. Incident response before Server Analyze Repair Improve Replacement
  11. 11. Incident response before Instance Analyze Repair Improve Replacement
  12. 12. Advantages
  13. 13. In action…
  14. 14. Optimized response
  15. 15. Optimized response Instance Script Analyze Improve API Replacement
  16. 16. Business point of view
  17. 17. Creating an audit trail before Servers ChangeRecord Storage Logs Firewall / IPS
  18. 18. Creating an audit trail before Instances ChangeRecord CentralManagement Logs AWS Services
  19. 19. In action…
  20. 20. Please give us your feedback on this session. Complete session evaluations and earn re:Invent swag.