Hosted by PolarSeven Cloud Consulting - http://polarseven.com
Our monthly AWS User Group Sydney presentation night.
http://www.meetup.com/AWS-Sydney/
AWS Sydney Summit Updates - by PolarSeven"
Session 1:
Monitoring and Troubleshooting complex issues
"Solving complex problems using Sumo Logic Real Time Full Stack Visibility
Presenter: Nikhil Sing - Tektorch"
Sumo Logic
https://www.sumologic.com/
See video presentation here
https://youtu.be/_0Qx283oepw
Session 2:
AWS S3 Security: Your One Week Action Plan
"Learn AWS S3 security best practices, automated remediation tips, and how to continuously monitor your bucket security to keep your data safe no matter how dynamic your cloud environment is.
Presenter: Craig Dent, Consulting Engineer"
Palo Alto Networks
https://www.paloaltonetworks.com/
Watch the video presentation here
https://youtu.be/_HWRQNMii8Q
12. Complex Problems
● A business workflow App which is used by 100’s
of technicians.
● App & Data is mission critical, some hospital
SLA’s are < 15 min.
● Supports Offline.
● 3000+ forms, multiple workflows, photos,
signatures, barcode etc.
● Bad Network Coverage, Slow WiFi exacerbate the
problem.
● Add rogue human elements to this, who use
system to shield slacking off.
13. What If ...
● We knew exactly what a user was doing?
● What actions were performed, what time?
● Did the job was closed off or not?
● Was missing data due to application errors or user?
● Extract the missing data and apply reactively for old data.
● We could distinguish application issues and slacking.
14. Fully Elastic On Demand
Agility, Scale, Performance
No Painful Upgrades
New Features Weekly
Superior Performance
Guaranteed SLAs
Always Available
4 Geos, 12AZs, 6 X Replication
Real-Time, Full-Stack Visibility
From Source to Sumo Instantly
Secure by Design
Industry’s Most Secure Platform
Up & Running in Minutes
Reduce Time to Value by 90%
No Management Overhead
Reduce TCO > 50%
Introducing Sumo Logic
19. Sumo Warrior
- Integrated with Sumo Logic
- We built entire data journey
- Data is entered by technician
- Stored in local storage
- API request is made
- API request is stored in outbox if offline
- Reconcilers are called when back online
- Logging the critical path of the system.
- Building complex queries to understand the data for an entity_form_fieldset_field and able to
reconcile where it got lost was gold.
- We extracted lost data and applied to the db without having technicians re do the jobs ($$).
- Understanding the use cases where the application was failing and fixing within days was
unbelievable.
29. ONE WEEK ACTION PLAN FOR S3 SECURITY
Day 1: Audit Your AWS Accounts
Day 2: Identify Key S3 Risks
Day 3: Divide and Conquer
Day 4: Get Risks Down to Zero
Day 5: Repeat, Repeat, Repeat
32. TIP:
Don’t give the
bad guys the
keys...or the
treasure map!
• Global ACL view – 1% fail
• Global ACL edit – 0.5% fail
• Global ACL permissions
– 4.2 % fail
• Global List ACL – 4.3% fail
• Global List (bucket
policy) – 1.7% fail
WHO CAN VIEW/EDIT
MY S3 BUCKET
POLICIES?
33. Global GET – fail 7.16%
Global PUT
Global DELETE – fail
6.4%
Global LIST
Consider instead:
IAM Policies
One-time links
WHO CAN ACCESS
THE OBJECTS IN MY
BUCKETS?
34. Global Upload
and Delete
MFA Delete
S3-Delete IAM
Global Delete (via
bucket policy)
WHO CAN DELETE
MY DATA AND
CONTENT?
QUESTION:
How do I
prevent
someone from
deleting
something
important?
36. WILL I BE ABLE TO AUDIT
THE ACTIVITY IN MY S3
BUCKETS?
QUESTION:
Without logs,
what
happens
when a
breach
occurs?
This
operational
control fails
55.5% of the
time
37. ACTION PLAN
Day 1: Audit Your AWS Accounts
Day 2: Identify Key S3 Bucket Risks
Day 3: Divide and Conquer
Day 4: Get Risks Down to Zero
Day 5: Repeat, Repeat, Repeat
39. DO YOU KNOW ALL YOUR AWS ACCOUNTS
• Identify teams using AWS
• Identify teams that might be using AWS for siloed apps
(marketing, customer support, sales)
• Leverage procurement to find AWS expenses
42. SECURE STORAGE SERVICES
• Discover and classify data
within containers and
buckets
• Evaluate exposure based
on policy
• Auto-remediate publicly
exposed data
• Quarantine malware
Amazon S3
52. Thanks For Coming:
Join Us Next Month – June 6th 2018
AWS Presenting on Kubernetes
Plus
Commvault & Talend
>> Register @ http://www.meetup.com/AWS-Sydney/ <<
p7-devops.io/webinars-q2 p7-devops.io/DevOpsComp p7-devops.io/k8s-hands-on-days