SlideShare a Scribd company logo

AWS Security Overview

Download as PPTX, PDF
Anton Pohorilyi
Anton Pohorilyi

AWS Security Overview

Software
1 of 17
AWS SECURITY OVERVIEW Anton Pogoryelyi DevOps TechLead @ Bazaarvoice
AGENDA • Security matters • Shared security model • AWS security features overview • Security processes automation
SECURITY MATTERS From few $ to out of business stories
SHARED SECURITY MODELFor IaaS
SHARED SECURITY MODELFor PaaS
For SaaS SHARED SECURITY MODEL
AWS ASSURANCE PROGRAMShttp://aws.amazon.com/compliance/
KEY SECURITY FEATURES
VPC Reduce your surface to protect
BASTION Protect SSH/RDS access with bastion host
SECURITY GROUPS Multi-tier architecture
IAM IAM Users/Groups/Roles
IAM TEMPORARY CREDENTIAL S Using IAM roles and temporary security credentials means you don't always have to manage long-term credentials and IAM users for each entity that requires access to a resource.
UNTRUSTED AMI https://aws.amazon.com/marketplace
SECURITY PROCESS AUTOMATION • bastion configuration • IAM access • mandatory tags • cost alerts • repository checks
OUR BEAVERS ARMY • Conformity Beaver – resource tagging check • Janitor Beaver – unused resources check • Security Beaver – security best practices check • Miserly Beaver – cost anomalies check
THANK YOU Questions?

Recommended

Segurança de Ponta a Ponta na AWS
Segurança de Ponta a Ponta na AWSSegurança de Ponta a Ponta na AWS
Segurança de Ponta a Ponta na AWSAlexandre Santos
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWSPolarSeven Pty Ltd
 
Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...Amazon Web Services
 
Einführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web DayEinführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web DayAWS Germany
 
Security overview-aws-lambda
Security overview-aws-lambdaSecurity overview-aws-lambda
Security overview-aws-lambdaVIJAY REDDY
 
Building Containerized Swift Applications on AWS
Building Containerized Swift Applications on AWSBuilding Containerized Swift Applications on AWS
Building Containerized Swift Applications on AWSAmazon Web Services
 

Recommended

Segurança de Ponta a Ponta na AWS
Segurança de Ponta a Ponta na AWSSegurança de Ponta a Ponta na AWS
Segurança de Ponta a Ponta na AWSAlexandre Santos
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWSPolarSeven Pty Ltd
 
Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...Keynote - Digital Innovation with AWS - Approach to Building Security Service...
Keynote - Digital Innovation with AWS - Approach to Building Security Service...Amazon Web Services
 
Einführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web DayEinführung „Compliance mit AWS" - AWS Security Web Day
Einführung „Compliance mit AWS" - AWS Security Web DayAWS Germany
 
Security overview-aws-lambda
Security overview-aws-lambdaSecurity overview-aws-lambda
Security overview-aws-lambdaVIJAY REDDY
 
Building Containerized Swift Applications on AWS
Building Containerized Swift Applications on AWSBuilding Containerized Swift Applications on AWS
Building Containerized Swift Applications on AWSAmazon Web Services
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals Christopher Caplan
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 
Architecting applications on amazon web services with node.js
Architecting applications on amazon web services with node.jsArchitecting applications on amazon web services with node.js
Architecting applications on amazon web services with node.jsHenry Fougere
 
AWS Security By Design
AWS Security By DesignAWS Security By Design
AWS Security By DesignAmazon Web Services
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAmazon Web Services
 
Aws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detailAws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detailPawel Rzepa
 
AWS Summit Auckland 2014 | Understanding AWS Security
AWS Summit Auckland 2014 | Understanding AWS Security AWS Summit Auckland 2014 | Understanding AWS Security
AWS Summit Auckland 2014 | Understanding AWS Security Amazon Web Services
 
Mobile Software in AWS Marketplace
Mobile Software in AWS MarketplaceMobile Software in AWS Marketplace
Mobile Software in AWS MarketplaceAmazon Web Services
 
Deep dive - AWS security by design
Deep dive - AWS security by designDeep dive - AWS security by design
Deep dive - AWS security by designRichard Harvey
 
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Amazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
AWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security BaselineAWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security BaselineAmazon Web Services
 
AWS Security Best Practices (March 2017)
AWS Security Best Practices (March 2017)AWS Security Best Practices (March 2017)
AWS Security Best Practices (March 2017)Julien SIMON
 
Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSAmazon Web Services
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS SecurityAmazon Web Services
 
Splunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSSplunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSAmazon Web Services
 
“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the Cloud“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the CloudAmazon Web Services
 
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksHow to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksAmazon Web Services
 
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...Amazon Web Services
 
Deep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignDeep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignAmazon Web Services
 
Logstash
LogstashLogstash
LogstashAnton Pohorilyi
 
Daily AWS Issues
Daily AWS IssuesDaily AWS Issues
Daily AWS IssuesAnton Pohorilyi
 

More Related Content

What's hot

Architecting applications on amazon web services with node.js
Architecting applications on amazon web services with node.jsArchitecting applications on amazon web services with node.js
Architecting applications on amazon web services with node.jsHenry Fougere
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAmazon Web Services
 
Aws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detailAws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detailPawel Rzepa
 
AWS Summit Auckland 2014 | Understanding AWS Security
AWS Summit Auckland 2014 | Understanding AWS Security AWS Summit Auckland 2014 | Understanding AWS Security
AWS Summit Auckland 2014 | Understanding AWS Security Amazon Web Services
 
Mobile Software in AWS Marketplace
Mobile Software in AWS MarketplaceMobile Software in AWS Marketplace
Mobile Software in AWS MarketplaceAmazon Web Services
 
Deep dive - AWS security by design
Deep dive - AWS security by designDeep dive - AWS security by design
Deep dive - AWS security by designRichard Harvey
 
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Amazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
AWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security BaselineAWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security BaselineAmazon Web Services
 
AWS Security Best Practices (March 2017)
AWS Security Best Practices (March 2017)AWS Security Best Practices (March 2017)
AWS Security Best Practices (March 2017)Julien SIMON
 
Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSAmazon Web Services
 
Splunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSSplunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSAmazon Web Services
 
“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the Cloud“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the CloudAmazon Web Services
 
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksHow to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksAmazon Web Services
 
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...Amazon Web Services
 
Deep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignDeep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignAmazon Web Services
 

What's hot (20)

Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Architecting applications on amazon web services with node.js
Architecting applications on amazon web services with node.jsArchitecting applications on amazon web services with node.js
Architecting applications on amazon web services with node.js
 
AWS Security By Design
AWS Security By DesignAWS Security By Design
AWS Security By Design
 
AWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics WebinarAWS Cloud Security & Compliance Basics Webinar
AWS Cloud Security & Compliance Basics Webinar
 
Aws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detailAws(in)security - the devil is in the detail
Aws(in)security - the devil is in the detail
 
AWS Summit Auckland 2014 | Understanding AWS Security
AWS Summit Auckland 2014 | Understanding AWS Security AWS Summit Auckland 2014 | Understanding AWS Security
AWS Summit Auckland 2014 | Understanding AWS Security
 
Mobile Software in AWS Marketplace
Mobile Software in AWS MarketplaceMobile Software in AWS Marketplace
Mobile Software in AWS Marketplace
 
Deep dive - AWS security by design
Deep dive - AWS security by designDeep dive - AWS security by design
Deep dive - AWS security by design
 
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
Hands-on Setup and Overview of AWS Console, AWS CLI, AWS SDK, Boto 3
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
AWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security BaselineAWS Security Week: Infrastructure Security- Your Minimum Security Baseline
AWS Security Week: Infrastructure Security- Your Minimum Security Baseline
 
AWS Security Best Practices (March 2017)
AWS Security Best Practices (March 2017)AWS Security Best Practices (March 2017)
AWS Security Best Practices (March 2017)
 
Integrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWSIntegrated Security & Operations for Scaling Securely in AWS
Integrated Security & Operations for Scaling Securely in AWS
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS Security
 
Splunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWSSplunk Live - Security Best Practices for AWS
Splunk Live - Security Best Practices for AWS
 
“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the Cloud“Spikey Workloads” Emergency Management in the Cloud
“Spikey Workloads” Emergency Management in the Cloud
 
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech TalksHow to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
How to use AWS WAF to Mitigate OWASP Top 10 attacks - AWS Online Tech Talks
 
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...
Secure your Web Applications with AWS Web Application Firewall (WAF) and AWS ...
 
Deep Dive - AWS Security by Design
Deep Dive - AWS Security by DesignDeep Dive - AWS Security by Design
Deep Dive - AWS Security by Design
 

Viewers also liked

Amazon AWS Services Overview
Amazon AWS Services OverviewAmazon AWS Services Overview
Amazon AWS Services OverviewMichael Mullins
 
(MED301) Brazil's World Cup: Interacting with TV Viewers in Real-Time | AWS r...
(MED301) Brazil's World Cup: Interacting with TV Viewers in Real-Time | AWS r...(MED301) Brazil's World Cup: Interacting with TV Viewers in Real-Time | AWS r...
(MED301) Brazil's World Cup: Interacting with TV Viewers in Real-Time | AWS r...Amazon Web Services
 
(SPOT301) AWS Innovation at Scale | AWS re:Invent 2014
(SPOT301) AWS Innovation at Scale | AWS re:Invent 2014(SPOT301) AWS Innovation at Scale | AWS re:Invent 2014
(SPOT301) AWS Innovation at Scale | AWS re:Invent 2014Amazon Web Services
 
Enrich Your DevOps Environment: Tools for Accelerating and Integrating Your A...
Enrich Your DevOps Environment: Tools for Accelerating and Integrating Your A...Enrich Your DevOps Environment: Tools for Accelerating and Integrating Your A...
Enrich Your DevOps Environment: Tools for Accelerating and Integrating Your A...Amazon Web Services
 
Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your Applications Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your ApplicationsAmazon Web Services
 
AWS May 2016 Webinar Series - AWS Services Overview
AWS May 2016 Webinar Series - AWS Services OverviewAWS May 2016 Webinar Series - AWS Services Overview
AWS May 2016 Webinar Series - AWS Services OverviewAmazon Web Services
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingAmazon Web Services
 
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingMicrosoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingIlyas F ☁☁☁
 
AWS Cyber Security Best Practices
AWS Cyber Security Best PracticesAWS Cyber Security Best Practices
AWS Cyber Security Best PracticesDoiT International
 
Everything You Need for a Viral Game, Except the Game
Everything You Need for a Viral Game, Except the GameEverything You Need for a Viral Game, Except the Game
Everything You Need for a Viral Game, Except the GameAmazon Web Services
 

Viewers also liked (17)

Logstash
LogstashLogstash
Logstash
 
Daily AWS Issues
Daily AWS IssuesDaily AWS Issues
Daily AWS Issues
 
Amazon AWS Services Overview
Amazon AWS Services OverviewAmazon AWS Services Overview
Amazon AWS Services Overview
 
(MED301) Brazil's World Cup: Interacting with TV Viewers in Real-Time | AWS r...
(MED301) Brazil's World Cup: Interacting with TV Viewers in Real-Time | AWS r...(MED301) Brazil's World Cup: Interacting with TV Viewers in Real-Time | AWS r...
(MED301) Brazil's World Cup: Interacting with TV Viewers in Real-Time | AWS r...
 
(SPOT301) AWS Innovation at Scale | AWS re:Invent 2014
(SPOT301) AWS Innovation at Scale | AWS re:Invent 2014(SPOT301) AWS Innovation at Scale | AWS re:Invent 2014
(SPOT301) AWS Innovation at Scale | AWS re:Invent 2014
 
Enrich Your DevOps Environment: Tools for Accelerating and Integrating Your A...
Enrich Your DevOps Environment: Tools for Accelerating and Integrating Your A...Enrich Your DevOps Environment: Tools for Accelerating and Integrating Your A...
Enrich Your DevOps Environment: Tools for Accelerating and Integrating Your A...
 
Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your Applications Web Security Automation: Spend Less Time Securing your Applications
Web Security Automation: Spend Less Time Securing your Applications
 
AWS May 2016 Webinar Series - AWS Services Overview
AWS May 2016 Webinar Series - AWS Services OverviewAWS May 2016 Webinar Series - AWS Services Overview
AWS May 2016 Webinar Series - AWS Services Overview
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud Computing
 
Aws overview
Aws overviewAws overview
Aws overview
 
Overview of Amazon Web Services
Overview of Amazon Web ServicesOverview of Amazon Web Services
Overview of Amazon Web Services
 
Getting Started with AWS
Getting Started with AWSGetting Started with AWS
Getting Started with AWS
 
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature MappingMicrosoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
Microsoft Azure vs Amazon Web Services (AWS) Services & Feature Mapping
 
Introduction to AWS X-Ray
Introduction to AWS X-RayIntroduction to AWS X-Ray
Introduction to AWS X-Ray
 
AWS Cyber Security Best Practices
AWS Cyber Security Best PracticesAWS Cyber Security Best Practices
AWS Cyber Security Best Practices
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
 
Everything You Need for a Viral Game, Except the Game
Everything You Need for a Viral Game, Except the GameEverything You Need for a Viral Game, Except the Game
Everything You Need for a Viral Game, Except the Game
 

Similar to AWS Security Overview

Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Amazon Web Services
 
AWS APAC Webinar Week - Securing Your Business on AWS
AWS APAC Webinar Week - Securing Your Business on AWSAWS APAC Webinar Week - Securing Your Business on AWS
AWS APAC Webinar Week - Securing Your Business on AWSAmazon Web Services
 
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 Amazon Web Services
 
AWS Cloud Controls for Security - Usman Shakeel
AWS Cloud Controls for Security - Usman ShakeelAWS Cloud Controls for Security - Usman Shakeel
AWS Cloud Controls for Security - Usman ShakeelAmazon Web Services
 
Aw some day_essentials3.2ish_072214
Aw some day_essentials3.2ish_072214Aw some day_essentials3.2ish_072214
Aw some day_essentials3.2ish_072214Amazon Web Services
 
Security Best Practices - Hebrew Webinar
Security Best Practices - Hebrew WebinarSecurity Best Practices - Hebrew Webinar
Security Best Practices - Hebrew WebinarAmazon Web Services
 
re:Invent recap session 2: Being well Architected in the cloud
re:Invent recap session 2: Being well Architected in the cloudre:Invent recap session 2: Being well Architected in the cloud
re:Invent recap session 2: Being well Architected in the cloudAmazon Web Services
 
Being Well Architected in the Cloud
Being Well Architected in the CloudBeing Well Architected in the Cloud
Being Well Architected in the CloudAdrian Hornsby
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps Kristana Kane
 
(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the EnterpriseAmazon Web Services
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationAmazon Web Services
 
Best Practices for Security at Scale
Best Practices for Security at ScaleBest Practices for Security at Scale
Best Practices for Security at ScaleAmazon Web Services
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWSAmazon Web Services
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best PracticesIan Massingham
 
Security Best Practices: AWS AWSome Day Management Track
Security Best Practices: AWS AWSome Day Management TrackSecurity Best Practices: AWS AWSome Day Management Track
Security Best Practices: AWS AWSome Day Management TrackIan Massingham
 

Similar to AWS Security Overview (20)

Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
Access Control for the Cloud: AWS Identity and Access Management (IAM) (SEC20...
 
AWS APAC Webinar Week - Securing Your Business on AWS
AWS APAC Webinar Week - Securing Your Business on AWSAWS APAC Webinar Week - Securing Your Business on AWS
AWS APAC Webinar Week - Securing Your Business on AWS
 
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017
 
AWS Cloud Controls for Security - Usman Shakeel
AWS Cloud Controls for Security - Usman ShakeelAWS Cloud Controls for Security - Usman Shakeel
AWS Cloud Controls for Security - Usman Shakeel
 
Aw some day_essentials3.2ish_072214
Aw some day_essentials3.2ish_072214Aw some day_essentials3.2ish_072214
Aw some day_essentials3.2ish_072214
 
Security Best Practices - Hebrew Webinar
Security Best Practices - Hebrew WebinarSecurity Best Practices - Hebrew Webinar
Security Best Practices - Hebrew Webinar
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
re:Invent recap session 2: Being well Architected in the cloud
re:Invent recap session 2: Being well Architected in the cloudre:Invent recap session 2: Being well Architected in the cloud
re:Invent recap session 2: Being well Architected in the cloud
 
Being Well Architected in the Cloud
Being Well Architected in the CloudBeing Well Architected in the Cloud
Being Well Architected in the Cloud
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
 
(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through Automation
 
Best Practices for Security at Scale
Best Practices for Security at ScaleBest Practices for Security at Scale
Best Practices for Security at Scale
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWS
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
 
Security Best Practices: AWS AWSome Day Management Track
Security Best Practices: AWS AWSome Day Management TrackSecurity Best Practices: AWS AWSome Day Management Track
Security Best Practices: AWS AWSome Day Management Track
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best Practices
 

Recently uploaded

why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...stazi3110
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...soniya singh
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsJheuzeDellosa
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...aditisharan08
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...gurkirankumar98700
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software DevelopersVinodh Ram
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Intelisync
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyFrank van der Linden
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackVICTOR MAESTRE RAMIREZ
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)OPEN KNOWLEDGE GmbH
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 

Recently uploaded (20)

why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
Building a General PDE Solving Framework with Symbolic-Numeric Scientific Mac...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
Russian Call Girls in Karol Bagh Aasnvi ➡️ 8264348440 💋📞 Independent Escort S...
 
What is Binary Language? Computer Number Systems
What is Binary Language? Computer Number SystemsWhat is Binary Language? Computer Number Systems
What is Binary Language? Computer Number Systems
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...Unit 1.1 Excite Part 1, class 9, cbse...
Unit 1.1 Excite Part 1, class 9, cbse...
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
(Genuine) Escort Service Lucknow | Starting ₹,5K To @25k with A/C 🧑🏽‍❤️‍🧑🏻 89...
 
Professional Resume Template for Software Developers
Professional Resume Template for Software DevelopersProfessional Resume Template for Software Developers
Professional Resume Template for Software Developers
 
Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)Introduction to Decentralized Applications (dApps)
Introduction to Decentralized Applications (dApps)
 
Engage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The UglyEngage Usergroup 2024 - The Good The Bad_The Ugly
Engage Usergroup 2024 - The Good The Bad_The Ugly
 
Cloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStackCloud Management Software Platforms: OpenStack
Cloud Management Software Platforms: OpenStack
 
Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)Der Spagat zwischen BIAS und FAIRNESS (2024)
Der Spagat zwischen BIAS und FAIRNESS (2024)
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Exploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the ProcessExploring iOS App Development: Simplifying the Process
Exploring iOS App Development: Simplifying the Process
 

AWS Security Overview

Editor's Notes

  1. codespaces story - http://habrahabr.ru/post/227405/ bv story habrahabr user interactive story - http://geektimes.ru/post/247794/
  2. ec2, s3, vpc
  3. RDS, Elastic Beanstalk, ELB
  4. SQS, SNS, CloudFront
  5. ISO 27001 is a widely-adopted global security standard that outlines the requirements for information security management systems. IT-Grundschutz Compliance on Amazon Web Services is a new customer certification workbook that was developed and published by TÜV TRUST IT, an independent certification body. Unlike other certification credentials that apply exclusively to AWS, this workbook is a customer-focused certification enabler, providing a documentation framework to enable our customers to become certified for IT-Grundschutz on AWS.
  6. Nexus 101: https://docs.google.com/presentation/d/1XwCH9AEuliP3B5J1n7cftUfm8XaHWw7H4e08qWDr_zc/edit Nexus 102: https://docs.google.com/presentation/d/12BqPXMwk-NABZ5NT7ub0DF6_VXPzu7Vq62Ei6bkwtfE/edit
  7. Managing AWS Credentials AWS Multi-factor authentication (MFA) provides an extra level of security for sign-in credentials. With MFA enabled, when users signs in to an AWS website, they will be prompted for their user name and password (the first factor–what they know), as well as for an authentication code from their MFA device (the second factor–what they have). You can also require MFA for users to delete S3 objects. We recommend you activate MFA for your AWS account and your IAM users to prevent unauthorized access to your AWS environment. Currently AWS supports Gemalto hardware MFA devices as well as virtual MFA devices in the form of smartphone applications. MFA for API calls
  8. An IAM role lets you define a set of permissions to access the resources that a user or service needs, but the permissions are not attached to a specific IAM user or group. Instead, IAM users, mobile and EC2-based applications, or AWS services (like Amazon EC2) can programmatically assume a role. Assuming the role returns temporary security credentials that the user or application can use to make for programmatic requests to AWS. These temporary security credentials have a configurable expiration and are automatically rotated. Using IAM roles and temporary security credentials means you don't always have to manage long-term credentials and IAM users for each entity that requires access to a resource.
  9. Dell research
  10. The Conformity Beaver loves lists, and properly formatted ones at that. Conformity Beaver insists that you tag your resources correctly, or suffer the consequences. On the plus side, when you follow the Conformity Beaver's rules you will find that she can be a worthwhile ally towards understanding your usage patterns and AWS costs. Janitor Beaver just wants a nice clean cloud to live in. Janitor Beaver keeps busy tagging resources and finding sources of waste like unused or underutilized resources. Trust me, he'll let you know all about the things he finds Security Beaver demands that we follow security best practices and will accept nothing less. When Security Beaver finds an issue he'll let everyone know about it and will keep reminding you about it until it's fix He will search GitHub on your behalf to make sure that none of our AWS access keys show up anywhere within our source files or deployment scripts. He will look at all of our users and make sure they're using MFA on their account. Miserly Beaver Track and find anomalies in costs