SlideShare a Scribd company logo

Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS

Amazon Web Services
Amazon Web Services

Strengthening the security of federal networks, systems, and data is one of the most important challenges we face as a nation. The Office of Management and Budget (OMB) issued guidance that all federal agencies must establish information exchanges between their dashboards and the central federal dashboard. To assist in this requirement, we explore how agencies can implement a continuous diagnostics and mitigation (CDM) program using AWS. Topics include AWS services that map to CDM requirements; how to enforce compliance with standards; ways to provide visibility into current and actual states; how to centralize service data to build a dashboard; and how to create a chief information officer FISMA dashboard using AWS native services.

1 of 25
P U B L I C S E C T O R S U M M I T WASH INGTON, D C
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Security & Identity: the Continuous Diagnostic & Mitigation (CDM) Journey on AWS Evan Uhl Director, Consulting Expert CGI Federal S e s s i o n I D : 2 9 9 9 3 7 Darren House Sr. Solutions Architect AWS
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Agenda Understand CDM and the drivers Getting from requirements to architectures Show how to centralize sensor data and visualize with an agency dashboard on AWS Asset Management What is on the Network Identity & Access Management Who is on the Network Data Protection Management What is Happening on the Network Network Security Management Protect Data on the Network
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Related breakouts 302902 - Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How the U.S. Department of Energy Modernized Cyber Resiliency with the Big Data Platform Mark Burr 319028 - Aligning to the NIST Cybersecurity Framework in the AWS Michael South
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Drivers
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Drivers
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T OMB - M-19-02 • CFO Act Agencies must report FISMA CIO Metrics quarterly • Non-CFO Act Agencies must update FISMA CIO Metrics semiannually • CFO and non-CFO Act agencies shall establish the information exchange with the Federal Dashboard H.R.6443 Advancing Cybersecurity Diagnostics and Mitigation Act S.3464 Advancing Cybersecurity Diagnostics and Mitigation Act Drivers
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Cyber attacks are the newest arms race • Attackers have unlimited resources and budget • Defenders have to effectively deploy CDM to increase their Agency’s security posture and provide a ROI How do you improve your security posture? • Take a step back and look at the big picture • Be honest with the evaluation of your security posture Rethink CDM Don’t think of it as a phased approach anymore – DHS doesn’t
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Attack vectors and exploit methods are constantly changing Limited visibility, tools, policies, procedures, and speed to deploy Cyber-Defenders are in high demand and are limited in numbers What is the big picture?
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T How do we fix this? Take a holistic approach to treating the deficiencies = CDM  Asset Management  Identity and Access Management  Network Security Management  Data Protection Management Every environment is different – one size doesn’t fit all Every level of the client should be considered Assess what tools are in place and working for the client Don’t be scared to innovate Supplement the stack where needed Methodology to CDM Success
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T CGI and CDM January 2017 Awarded Credential Management Task Order Identity & Access Management Provided agencies with tools, sensors and services to meet requirements for Trust | Behave | Cred All 26 agencies relied on CGI for Identity & Access Management July 2018 Awarded Group C Task Order under CDM DEFEND Network Security + Data Protection Management Identify and remediate deficiencies in Asset, Identity, & Access Management
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Architecture
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T But how can we get from: Here  There?To 
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Innovating on Behalf of our Customers In 2018… • Pace of innovation: 1800+ updates • Meets pace of protection: 239 security updates
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T CDM Requirement AWS Services Hardware Asset Management AWS Systems Manager, AWS Config Software Asset Management AWS Systems Manager, AWS License Manager Configuration Settings Management AWS Systems Manager, AWS Config Vulnerability Management: Amazon Inspector, AWS Config, AWS CloudTrail, Amazon GuardDuty, Amazon Macie BOUND F BOUND E BOUND P Amazon Virtual Private Cloud (Amazon VPC), AWS Shield, AWS WAF, AWS Key Management Service (AWS KMS), AWS CloudHSM, AWS Certificate Manager (AWS ACM) 3rd party attestations, SOC, FedRAMP, NIST 800-53 Manage Events Amazon CloudWatch, Amazon Inspector, Amazon GuardDuty Operate, Monitor, Improve Amazon CloudWatch, AWS Lambda, AWS Step Functions Design and Build in Security AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Common OR 1.2(3) - define desired and actual state dependent on object context and the scope of the capability’s attributes. HWAM OR 1.1(2) - identify and track hardware devices, manual or batch creation of Agency- approved device data SWAM OR and FR – identify, collect, and track software products/inventory Provide a unique for each software product CSM OR and FR – Identify, collect, and keep security configuration settings
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Common OR 1.2(3) - define actual and desired state of an object HWAM OR and FR - identify and track authorization status, unique identifiers, desired state detection SWAM OR and FR – identify, collect, and track inventory CSM OR and FR – Identify, collect, and keep security configuration settings
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T CSM FR – Support a unique identifier (CCE) for each configuration setting VUL OR – detect/discover vulnerabilities that have been identified by the government CVEs. Explain clearly and simply how to correct the vulnerability. VUL FR – Provide complete coverage of the CVEs identified by the National Vulnerability Database (NVD)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T MNGEVT IR OR 1-2 - Sharing and communicating incident response about cyber threat information to internal and external organizations. MNGEVT FR 1-1 - Initial analysis to determine incident severity based on the types of events, threat source, threat signatures, and impacted systems. Complex aggregation and correlation algorithms using large volumes of stored data in a timely manner to generate incident reports.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Integration Story for CDM • 2 Major Players in the IAM Space combined to support part of a major Federal program • 2 Big Players + 1 Standard (SCIM V2) = Doesn’t work as expected or advertised Now What? • Researched the challenge • Designed a solution that didn’t require the vendors to “patch” (which we know wasn’t going to happen) • Adapt, improvise, overcome.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T AWS Lambda Amazon CloudWatch AWS CloudTrail Scheduled Event AWS Config AWS Systems Manager Amazon GuardDuty Amazon Inspector CIO Dashboard Centralized S3 Bucket AWS Step Functions Lambda Functions Amazon QuickSight
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Service FedRAMP Moderate FedRAMP High (GovCloud) Cloud Trail Yes Yes CloudWatch Logs Yes Yes IAM Yes Yes Quick Sight Yes No Lambda Yes JAB Review AWS Config Yes JAB Review Inspector Yes JAB Review Systems Manager JAB Review JAB Review Guard Duty 3PAO Assessment 3PAO Assessment CloudWatch Events 3PAO Assessment 3PAO Assessment Code Build, Commit, Deploy 3PAO Assessment 3PAO Assessment Step Functions 3PAO Assessment 3PAO Assessment
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T How federal agencies can leverage AWS to extend CDM programs and CIO Metric Reporting https://aws.amazon.com/blogs/security/how-federal-agencies-can-leverage-aws-to- extend-cdm-programs-and-cio-metric-reporting/ How to Apply the U.S. Department of Homeland Security’s Continuous Diagnostics and Mitigation Programs on AWS https://aws.amazon.com/blogs/publicsector/how-to-apply-the-u-s-department-of- homeland-securitys-continuous-diagnostics-and-mitigation-programs-on-aws/ AWS Security Incident Response https://d1.awsstatic.com/whitepapers/aws_security_incident_response.pdf NIST Cyber Security Framework (CSF) https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework _CSF.pdf
Thank you! © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Evan Uhl Director, Consulting Expert CGI Federal Darren House Sr. Solutions Architect AWS
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T

Recommended

Amplifying fullstack serverless apps with AppSync & the Amplify Framework - M...
Amplifying fullstack serverless apps with AppSync & the Amplify Framework - M...Amplifying fullstack serverless apps with AppSync & the Amplify Framework - M...
Amplifying fullstack serverless apps with AppSync & the Amplify Framework - M...Amazon Web Services
 
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAmazon Web Services
 
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAmazon Web Services
 
Automate Security Event Management Using Trust-Based Decision Models - AWS Su...
Automate Security Event Management Using Trust-Based Decision Models - AWS Su...Automate Security Event Management Using Trust-Based Decision Models - AWS Su...
Automate Security Event Management Using Trust-Based Decision Models - AWS Su...Amazon Web Services
 
Move desktops & applications to AWS with end user computing - SVC301 - New Yo...
Move desktops & applications to AWS with end user computing - SVC301 - New Yo...Move desktops & applications to AWS with end user computing - SVC301 - New Yo...
Move desktops & applications to AWS with end user computing - SVC301 - New Yo...Amazon Web Services
 
Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How Federal Agenc...
Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How Federal Agenc...Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How Federal Agenc...
Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How Federal Agenc...Amazon Web Services
 
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...Amazon Web Services
 
Migrate and Modernize Your Database
Migrate and Modernize Your DatabaseMigrate and Modernize Your Database
Migrate and Modernize Your DatabaseAmazon Web Services
 

Recommended

Amplifying fullstack serverless apps with AppSync & the Amplify Framework - M...
Amplifying fullstack serverless apps with AppSync & the Amplify Framework - M...Amplifying fullstack serverless apps with AppSync & the Amplify Framework - M...
Amplifying fullstack serverless apps with AppSync & the Amplify Framework - M...Amazon Web Services
 
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAmazon Web Services
 
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAWS re:Invent Comes to London 2019 - Database, Analytics, AI &ML
AWS re:Invent Comes to London 2019 - Database, Analytics, AI &MLAmazon Web Services
 
Automate Security Event Management Using Trust-Based Decision Models - AWS Su...
Automate Security Event Management Using Trust-Based Decision Models - AWS Su...Automate Security Event Management Using Trust-Based Decision Models - AWS Su...
Automate Security Event Management Using Trust-Based Decision Models - AWS Su...Amazon Web Services
 
Move desktops & applications to AWS with end user computing - SVC301 - New Yo...
Move desktops & applications to AWS with end user computing - SVC301 - New Yo...Move desktops & applications to AWS with end user computing - SVC301 - New Yo...
Move desktops & applications to AWS with end user computing - SVC301 - New Yo...Amazon Web Services
 
Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How Federal Agenc...
Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How Federal Agenc...Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How Federal Agenc...
Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How Federal Agenc...Amazon Web Services
 
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...
Data-driven storytelling and security stakeholder engagement - FND326-S - AWS...Amazon Web Services
 
Migrate and Modernize Your Database
Migrate and Modernize Your DatabaseMigrate and Modernize Your Database
Migrate and Modernize Your DatabaseAmazon Web Services
 
Accelerating Business Agility with Serverless Microservices
Accelerating Business Agility with Serverless MicroservicesAccelerating Business Agility with Serverless Microservices
Accelerating Business Agility with Serverless MicroservicesJulian Wood
 
Initiate Edinburgh 2019 - Top Cloud Security Myths Dispelled
Initiate Edinburgh 2019 - Top Cloud Security Myths DispelledInitiate Edinburgh 2019 - Top Cloud Security Myths Dispelled
Initiate Edinburgh 2019 - Top Cloud Security Myths DispelledAmazon Web Services
 
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...Amazon Web Services LATAM
 
Big Data e Inteligencia Artificial en AWS
Big Data e Inteligencia Artificial en AWSBig Data e Inteligencia Artificial en AWS
Big Data e Inteligencia Artificial en AWSAmazon Web Services
 
Sviluppa, addestra e distribuisci modelli di machine learning.pdf
Sviluppa, addestra e distribuisci modelli di machine learning.pdfSviluppa, addestra e distribuisci modelli di machine learning.pdf
Sviluppa, addestra e distribuisci modelli di machine learning.pdfAmazon Web Services
 
Open Data on AWS
Open Data on AWSOpen Data on AWS
Open Data on AWSAmazon Web Services
 
Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...
Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...
Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...Amazon Web Services
 
Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Initiate Edinburgh 2019 - Moving to DevOps the Amazon WayInitiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Initiate Edinburgh 2019 - Moving to DevOps the Amazon WayAmazon Web Services
 
Initiate Edinburgh 2019 - Governance & Compliance in your VPC
Initiate Edinburgh 2019 - Governance & Compliance in your VPCInitiate Edinburgh 2019 - Governance & Compliance in your VPC
Initiate Edinburgh 2019 - Governance & Compliance in your VPCAmazon Web Services
 
AWS Initiate Day Mexico City | Sesión Plenaria
AWS Initiate Day Mexico City | Sesión PlenariaAWS Initiate Day Mexico City | Sesión Plenaria
AWS Initiate Day Mexico City | Sesión PlenariaAmazon Web Services LATAM
 
Initiate Edinburgh 2019 - Migrating Data to the Cloud
Initiate Edinburgh 2019 - Migrating Data to the CloudInitiate Edinburgh 2019 - Migrating Data to the Cloud
Initiate Edinburgh 2019 - Migrating Data to the CloudAmazon Web Services
 
AWS最新區塊鏈服務與應用
AWS最新區塊鏈服務與應用AWS最新區塊鏈服務與應用
AWS最新區塊鏈服務與應用Amazon Web Services
 
Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...
Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...
Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...Amazon Web Services
 
人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用Amazon Web Services
 
Initiate Edinburgh 2019 - The Culture of Innovation at Amazon
Initiate Edinburgh 2019 - The Culture of Innovation at AmazonInitiate Edinburgh 2019 - The Culture of Innovation at Amazon
Initiate Edinburgh 2019 - The Culture of Innovation at AmazonAmazon Web Services
 
Capital One Data Breach
Capital One Data BreachCapital One Data Breach
Capital One Data BreachObika Gellineau
 
Securing SaaS Applications Built on Serverless Microservices - AWS Summit Sydney
Securing SaaS Applications Built on Serverless Microservices - AWS Summit SydneySecuring SaaS Applications Built on Serverless Microservices - AWS Summit Sydney
Securing SaaS Applications Built on Serverless Microservices - AWS Summit SydneyAmazon Web Services
 
The Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudThe Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudAmazon Web Services
 
Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...
Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...
Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...Amazon Web Services
 
Beating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSBeating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSAmazon Web Services
 
Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Amazon Web Services
 
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Amazon Web Services
 

More Related Content

What's hot

Accelerating Business Agility with Serverless Microservices
Accelerating Business Agility with Serverless MicroservicesAccelerating Business Agility with Serverless Microservices
Accelerating Business Agility with Serverless MicroservicesJulian Wood
 
Initiate Edinburgh 2019 - Top Cloud Security Myths Dispelled
Initiate Edinburgh 2019 - Top Cloud Security Myths DispelledInitiate Edinburgh 2019 - Top Cloud Security Myths Dispelled
Initiate Edinburgh 2019 - Top Cloud Security Myths DispelledAmazon Web Services
 
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...Amazon Web Services LATAM
 
Big Data e Inteligencia Artificial en AWS
Big Data e Inteligencia Artificial en AWSBig Data e Inteligencia Artificial en AWS
Big Data e Inteligencia Artificial en AWSAmazon Web Services
 
Sviluppa, addestra e distribuisci modelli di machine learning.pdf
Sviluppa, addestra e distribuisci modelli di machine learning.pdfSviluppa, addestra e distribuisci modelli di machine learning.pdf
Sviluppa, addestra e distribuisci modelli di machine learning.pdfAmazon Web Services
 
Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...
Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...
Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...Amazon Web Services
 
Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Initiate Edinburgh 2019 - Moving to DevOps the Amazon WayInitiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Initiate Edinburgh 2019 - Moving to DevOps the Amazon WayAmazon Web Services
 
Initiate Edinburgh 2019 - Governance & Compliance in your VPC
Initiate Edinburgh 2019 - Governance & Compliance in your VPCInitiate Edinburgh 2019 - Governance & Compliance in your VPC
Initiate Edinburgh 2019 - Governance & Compliance in your VPCAmazon Web Services
 
AWS Initiate Day Mexico City | Sesión Plenaria
AWS Initiate Day Mexico City | Sesión PlenariaAWS Initiate Day Mexico City | Sesión Plenaria
AWS Initiate Day Mexico City | Sesión PlenariaAmazon Web Services LATAM
 
Initiate Edinburgh 2019 - Migrating Data to the Cloud
Initiate Edinburgh 2019 - Migrating Data to the CloudInitiate Edinburgh 2019 - Migrating Data to the Cloud
Initiate Edinburgh 2019 - Migrating Data to the CloudAmazon Web Services
 
AWS最新區塊鏈服務與應用
AWS最新區塊鏈服務與應用AWS最新區塊鏈服務與應用
AWS最新區塊鏈服務與應用Amazon Web Services
 
Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...
Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...
Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...Amazon Web Services
 
人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用Amazon Web Services
 
Initiate Edinburgh 2019 - The Culture of Innovation at Amazon
Initiate Edinburgh 2019 - The Culture of Innovation at AmazonInitiate Edinburgh 2019 - The Culture of Innovation at Amazon
Initiate Edinburgh 2019 - The Culture of Innovation at AmazonAmazon Web Services
 
Securing SaaS Applications Built on Serverless Microservices - AWS Summit Sydney
Securing SaaS Applications Built on Serverless Microservices - AWS Summit SydneySecuring SaaS Applications Built on Serverless Microservices - AWS Summit Sydney
Securing SaaS Applications Built on Serverless Microservices - AWS Summit SydneyAmazon Web Services
 
The Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudThe Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudAmazon Web Services
 
Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...
Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...
Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...Amazon Web Services
 
Beating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSBeating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSAmazon Web Services
 

What's hot (20)

Accelerating Business Agility with Serverless Microservices
Accelerating Business Agility with Serverless MicroservicesAccelerating Business Agility with Serverless Microservices
Accelerating Business Agility with Serverless Microservices
 
Initiate Edinburgh 2019 - Top Cloud Security Myths Dispelled
Initiate Edinburgh 2019 - Top Cloud Security Myths DispelledInitiate Edinburgh 2019 - Top Cloud Security Myths Dispelled
Initiate Edinburgh 2019 - Top Cloud Security Myths Dispelled
 
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
 
Big Data e Inteligencia Artificial en AWS
Big Data e Inteligencia Artificial en AWSBig Data e Inteligencia Artificial en AWS
Big Data e Inteligencia Artificial en AWS
 
Sviluppa, addestra e distribuisci modelli di machine learning.pdf
Sviluppa, addestra e distribuisci modelli di machine learning.pdfSviluppa, addestra e distribuisci modelli di machine learning.pdf
Sviluppa, addestra e distribuisci modelli di machine learning.pdf
 
Open Data on AWS
Open Data on AWSOpen Data on AWS
Open Data on AWS
 
Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...
Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...
Connecting buildings to new opportunities with AWS IoT - SVC204 - New York AW...
 
Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Initiate Edinburgh 2019 - Moving to DevOps the Amazon WayInitiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way
 
Initiate Edinburgh 2019 - Governance & Compliance in your VPC
Initiate Edinburgh 2019 - Governance & Compliance in your VPCInitiate Edinburgh 2019 - Governance & Compliance in your VPC
Initiate Edinburgh 2019 - Governance & Compliance in your VPC
 
AWS Initiate Day Mexico City | Sesión Plenaria
AWS Initiate Day Mexico City | Sesión PlenariaAWS Initiate Day Mexico City | Sesión Plenaria
AWS Initiate Day Mexico City | Sesión Plenaria
 
Initiate Edinburgh 2019 - Migrating Data to the Cloud
Initiate Edinburgh 2019 - Migrating Data to the CloudInitiate Edinburgh 2019 - Migrating Data to the Cloud
Initiate Edinburgh 2019 - Migrating Data to the Cloud
 
AWS最新區塊鏈服務與應用
AWS最新區塊鏈服務與應用AWS最新區塊鏈服務與應用
AWS最新區塊鏈服務與應用
 
Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...
Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...
Beyond Security Automation: How to Move Past Developing Ad-hoc Tools and Make...
 
人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用人工智慧雲服務與金融服務應用
人工智慧雲服務與金融服務應用
 
Initiate Edinburgh 2019 - The Culture of Innovation at Amazon
Initiate Edinburgh 2019 - The Culture of Innovation at AmazonInitiate Edinburgh 2019 - The Culture of Innovation at Amazon
Initiate Edinburgh 2019 - The Culture of Innovation at Amazon
 
Capital One Data Breach
Capital One Data BreachCapital One Data Breach
Capital One Data Breach
 
Securing SaaS Applications Built on Serverless Microservices - AWS Summit Sydney
Securing SaaS Applications Built on Serverless Microservices - AWS Summit SydneySecuring SaaS Applications Built on Serverless Microservices - AWS Summit Sydney
Securing SaaS Applications Built on Serverless Microservices - AWS Summit Sydney
 
The Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the CloudThe Art of CyberSecurity in the Cloud
The Art of CyberSecurity in the Cloud
 
Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...
Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...
Amazon Connect for IT support: Johnson & Johnson case study - SVC201 - New Yo...
 
Beating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWSBeating Sophisticated Attackers at Their Game Using AWS
Beating Sophisticated Attackers at Their Game Using AWS
 

Similar to Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS

Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Amazon Web Services
 
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Amazon Web Services
 
Authority to Operate on AWS: Compliance as Code
Authority to Operate on AWS: Compliance as CodeAuthority to Operate on AWS: Compliance as Code
Authority to Operate on AWS: Compliance as CodeAmazon Web Services
 
AWS PROTECTED - Why This Matters to Australia.
AWS PROTECTED - Why This Matters to Australia.AWS PROTECTED - Why This Matters to Australia.
AWS PROTECTED - Why This Matters to Australia.Amazon Web Services
 
Sicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practiceSicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practiceAmazon Web Services
 
Find all the threats - AWS threat detection and remediation - SEC202 - Atlant...
Find all the threats - AWS threat detection and remediation - SEC202 - Atlant...Find all the threats - AWS threat detection and remediation - SEC202 - Atlant...
Find all the threats - AWS threat detection and remediation - SEC202 - Atlant...Amazon Web Services
 
Using ML to detect and prevent fraud without compromising user experience - F...
Using ML to detect and prevent fraud without compromising user experience - F...Using ML to detect and prevent fraud without compromising user experience - F...
Using ML to detect and prevent fraud without compromising user experience - F...Amazon Web Services
 
Cybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud AdoptionCybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud AdoptionAmazon Web Services
 
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS SummitThreat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS SummitAmazon Web Services
 
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...Amazon Web Services
 
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...Amazon Web Services
 
Simplify Compliance Through Automation
Simplify Compliance Through AutomationSimplify Compliance Through Automation
Simplify Compliance Through AutomationAmazon Web Services
 
Scale - Failure is not an Option: Designing Highly Resilient AWS Systems
Scale - Failure is not an Option: Designing Highly Resilient AWS SystemsScale - Failure is not an Option: Designing Highly Resilient AWS Systems
Scale - Failure is not an Option: Designing Highly Resilient AWS SystemsAmazon Web Services
 
Failure is not an Option - Designing Highly Resilient AWS Systems
Failure is not an Option - Designing Highly Resilient AWS SystemsFailure is not an Option - Designing Highly Resilient AWS Systems
Failure is not an Option - Designing Highly Resilient AWS SystemsAmazon Web Services
 
Innovate - Cybersecurity: A Drive Force Behind Cloud Adoption
Innovate - Cybersecurity: A Drive Force Behind Cloud AdoptionInnovate - Cybersecurity: A Drive Force Behind Cloud Adoption
Innovate - Cybersecurity: A Drive Force Behind Cloud AdoptionAmazon Web Services
 
AWS Summit Singapore 2019 | Next Generation Audit & Compliance - Learn how RH...
AWS Summit Singapore 2019 | Next Generation Audit & Compliance - Learn how RH...AWS Summit Singapore 2019 | Next Generation Audit & Compliance - Learn how RH...
AWS Summit Singapore 2019 | Next Generation Audit & Compliance - Learn how RH...AWS Summits
 
Threat detection and mitigation at AWS
Threat detection and mitigation at AWSThreat detection and mitigation at AWS
Threat detection and mitigation at AWSNathan Case
 
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Amazon Web Services
 
Centralized SOC Architectures on AWS
Centralized SOC Architectures on AWSCentralized SOC Architectures on AWS
Centralized SOC Architectures on AWSAmazon Web Services
 
Scaling threat detection and response on AWS
Scaling threat detection and response on AWSScaling threat detection and response on AWS
Scaling threat detection and response on AWSAmazon Web Services
 

Similar to Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS (20)

Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...Continuous security monitoring and threat detection with AWS services - SEC20...
Continuous security monitoring and threat detection with AWS services - SEC20...
 
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...
 
Authority to Operate on AWS: Compliance as Code
Authority to Operate on AWS: Compliance as CodeAuthority to Operate on AWS: Compliance as Code
Authority to Operate on AWS: Compliance as Code
 
AWS PROTECTED - Why This Matters to Australia.
AWS PROTECTED - Why This Matters to Australia.AWS PROTECTED - Why This Matters to Australia.
AWS PROTECTED - Why This Matters to Australia.
 
Sicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practiceSicurezza in AWS automazione e best practice
Sicurezza in AWS automazione e best practice
 
Find all the threats - AWS threat detection and remediation - SEC202 - Atlant...
Find all the threats - AWS threat detection and remediation - SEC202 - Atlant...Find all the threats - AWS threat detection and remediation - SEC202 - Atlant...
Find all the threats - AWS threat detection and remediation - SEC202 - Atlant...
 
Using ML to detect and prevent fraud without compromising user experience - F...
Using ML to detect and prevent fraud without compromising user experience - F...Using ML to detect and prevent fraud without compromising user experience - F...
Using ML to detect and prevent fraud without compromising user experience - F...
 
Cybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud AdoptionCybersecurity: A Drive Force Behind Cloud Adoption
Cybersecurity: A Drive Force Behind Cloud Adoption
 
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS SummitThreat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
 
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
 
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
 
Simplify Compliance Through Automation
Simplify Compliance Through AutomationSimplify Compliance Through Automation
Simplify Compliance Through Automation
 
Scale - Failure is not an Option: Designing Highly Resilient AWS Systems
Scale - Failure is not an Option: Designing Highly Resilient AWS SystemsScale - Failure is not an Option: Designing Highly Resilient AWS Systems
Scale - Failure is not an Option: Designing Highly Resilient AWS Systems
 
Failure is not an Option - Designing Highly Resilient AWS Systems
Failure is not an Option - Designing Highly Resilient AWS SystemsFailure is not an Option - Designing Highly Resilient AWS Systems
Failure is not an Option - Designing Highly Resilient AWS Systems
 
Innovate - Cybersecurity: A Drive Force Behind Cloud Adoption
Innovate - Cybersecurity: A Drive Force Behind Cloud AdoptionInnovate - Cybersecurity: A Drive Force Behind Cloud Adoption
Innovate - Cybersecurity: A Drive Force Behind Cloud Adoption
 
AWS Summit Singapore 2019 | Next Generation Audit & Compliance - Learn how RH...
AWS Summit Singapore 2019 | Next Generation Audit & Compliance - Learn how RH...AWS Summit Singapore 2019 | Next Generation Audit & Compliance - Learn how RH...
AWS Summit Singapore 2019 | Next Generation Audit & Compliance - Learn how RH...
 
Threat detection and mitigation at AWS
Threat detection and mitigation at AWSThreat detection and mitigation at AWS
Threat detection and mitigation at AWS
 
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
 
Centralized SOC Architectures on AWS
Centralized SOC Architectures on AWSCentralized SOC Architectures on AWS
Centralized SOC Architectures on AWS
 
Scaling threat detection and response on AWS
Scaling threat detection and response on AWSScaling threat detection and response on AWS
Scaling threat detection and response on AWS
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS

  • 1. P U B L I C S E C T O R S U M M I T WASH INGTON, D C
  • 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Security & Identity: the Continuous Diagnostic & Mitigation (CDM) Journey on AWS Evan Uhl Director, Consulting Expert CGI Federal S e s s i o n I D : 2 9 9 9 3 7 Darren House Sr. Solutions Architect AWS
  • 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Agenda Understand CDM and the drivers Getting from requirements to architectures Show how to centralize sensor data and visualize with an agency dashboard on AWS Asset Management What is on the Network Identity & Access Management Who is on the Network Data Protection Management What is Happening on the Network Network Security Management Protect Data on the Network
  • 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Related breakouts 302902 - Continuous Diagnostics and Mitigation (CDM) at Cloud Scale: How the U.S. Department of Energy Modernized Cyber Resiliency with the Big Data Platform Mark Burr 319028 - Aligning to the NIST Cybersecurity Framework in the AWS Michael South
  • 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Drivers
  • 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Drivers
  • 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T OMB - M-19-02 • CFO Act Agencies must report FISMA CIO Metrics quarterly • Non-CFO Act Agencies must update FISMA CIO Metrics semiannually • CFO and non-CFO Act agencies shall establish the information exchange with the Federal Dashboard H.R.6443 Advancing Cybersecurity Diagnostics and Mitigation Act S.3464 Advancing Cybersecurity Diagnostics and Mitigation Act Drivers
  • 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Cyber attacks are the newest arms race • Attackers have unlimited resources and budget • Defenders have to effectively deploy CDM to increase their Agency’s security posture and provide a ROI How do you improve your security posture? • Take a step back and look at the big picture • Be honest with the evaluation of your security posture Rethink CDM Don’t think of it as a phased approach anymore – DHS doesn’t
  • 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Attack vectors and exploit methods are constantly changing Limited visibility, tools, policies, procedures, and speed to deploy Cyber-Defenders are in high demand and are limited in numbers What is the big picture?
  • 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T How do we fix this? Take a holistic approach to treating the deficiencies = CDM  Asset Management  Identity and Access Management  Network Security Management  Data Protection Management Every environment is different – one size doesn’t fit all Every level of the client should be considered Assess what tools are in place and working for the client Don’t be scared to innovate Supplement the stack where needed Methodology to CDM Success
  • 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T CGI and CDM January 2017 Awarded Credential Management Task Order Identity & Access Management Provided agencies with tools, sensors and services to meet requirements for Trust | Behave | Cred All 26 agencies relied on CGI for Identity & Access Management July 2018 Awarded Group C Task Order under CDM DEFEND Network Security + Data Protection Management Identify and remediate deficiencies in Asset, Identity, & Access Management
  • 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Architecture
  • 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T But how can we get from: Here  There?To 
  • 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Innovating on Behalf of our Customers In 2018… • Pace of innovation: 1800+ updates • Meets pace of protection: 239 security updates
  • 15. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T CDM Requirement AWS Services Hardware Asset Management AWS Systems Manager, AWS Config Software Asset Management AWS Systems Manager, AWS License Manager Configuration Settings Management AWS Systems Manager, AWS Config Vulnerability Management: Amazon Inspector, AWS Config, AWS CloudTrail, Amazon GuardDuty, Amazon Macie BOUND F BOUND E BOUND P Amazon Virtual Private Cloud (Amazon VPC), AWS Shield, AWS WAF, AWS Key Management Service (AWS KMS), AWS CloudHSM, AWS Certificate Manager (AWS ACM) 3rd party attestations, SOC, FedRAMP, NIST 800-53 Manage Events Amazon CloudWatch, Amazon Inspector, Amazon GuardDuty Operate, Monitor, Improve Amazon CloudWatch, AWS Lambda, AWS Step Functions Design and Build in Security AWS CodeBuild, AWS CodeCommit, AWS CodeDeploy
  • 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Common OR 1.2(3) - define desired and actual state dependent on object context and the scope of the capability’s attributes. HWAM OR 1.1(2) - identify and track hardware devices, manual or batch creation of Agency- approved device data SWAM OR and FR – identify, collect, and track software products/inventory Provide a unique for each software product CSM OR and FR – Identify, collect, and keep security configuration settings
  • 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Common OR 1.2(3) - define actual and desired state of an object HWAM OR and FR - identify and track authorization status, unique identifiers, desired state detection SWAM OR and FR – identify, collect, and track inventory CSM OR and FR – Identify, collect, and keep security configuration settings
  • 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T CSM FR – Support a unique identifier (CCE) for each configuration setting VUL OR – detect/discover vulnerabilities that have been identified by the government CVEs. Explain clearly and simply how to correct the vulnerability. VUL FR – Provide complete coverage of the CVEs identified by the National Vulnerability Database (NVD)
  • 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T MNGEVT IR OR 1-2 - Sharing and communicating incident response about cyber threat information to internal and external organizations. MNGEVT FR 1-1 - Initial analysis to determine incident severity based on the types of events, threat source, threat signatures, and impacted systems. Complex aggregation and correlation algorithms using large volumes of stored data in a timely manner to generate incident reports.
  • 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Integration Story for CDM • 2 Major Players in the IAM Space combined to support part of a major Federal program • 2 Big Players + 1 Standard (SCIM V2) = Doesn’t work as expected or advertised Now What? • Researched the challenge • Designed a solution that didn’t require the vendors to “patch” (which we know wasn’t going to happen) • Adapt, improvise, overcome.
  • 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T AWS Lambda Amazon CloudWatch AWS CloudTrail Scheduled Event AWS Config AWS Systems Manager Amazon GuardDuty Amazon Inspector CIO Dashboard Centralized S3 Bucket AWS Step Functions Lambda Functions Amazon QuickSight
  • 22. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Service FedRAMP Moderate FedRAMP High (GovCloud) Cloud Trail Yes Yes CloudWatch Logs Yes Yes IAM Yes Yes Quick Sight Yes No Lambda Yes JAB Review AWS Config Yes JAB Review Inspector Yes JAB Review Systems Manager JAB Review JAB Review Guard Duty 3PAO Assessment 3PAO Assessment CloudWatch Events 3PAO Assessment 3PAO Assessment Code Build, Commit, Deploy 3PAO Assessment 3PAO Assessment Step Functions 3PAO Assessment 3PAO Assessment
  • 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T How federal agencies can leverage AWS to extend CDM programs and CIO Metric Reporting https://aws.amazon.com/blogs/security/how-federal-agencies-can-leverage-aws-to- extend-cdm-programs-and-cio-metric-reporting/ How to Apply the U.S. Department of Homeland Security’s Continuous Diagnostics and Mitigation Programs on AWS https://aws.amazon.com/blogs/publicsector/how-to-apply-the-u-s-department-of- homeland-securitys-continuous-diagnostics-and-mitigation-programs-on-aws/ AWS Security Incident Response https://d1.awsstatic.com/whitepapers/aws_security_incident_response.pdf NIST Cyber Security Framework (CSF) https://d1.awsstatic.com/whitepapers/compliance/NIST_Cybersecurity_Framework _CSF.pdf
  • 24. Thank you! © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T Evan Uhl Director, Consulting Expert CGI Federal Darren House Sr. Solutions Architect AWS
  • 25. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.P U B L I C S E C TO R S U M M I T