Protecting Your Applications and Data in AWS

1. Stefan Rehberg
Technical Consultant | PreSales Engineer
Protecting Your Applications
and Data in AWS

2. Trend Micro
Kurz und Knapp

3. Trend Micro
500.000 Unternehmenskunden &
155 Mio. geschützte Endpunkte
Privatan
wender
Großunternehmen
Mittelstands-
unternehmen
Klein-
unternehmen
Privat-
anwender
 29 Jahre fokusiert auf Security Software
 Hauptsitz in Japan
 Tokyo Exchange Nikkei Index, Symbol 4704
 45 der Top 50-Unternehmen weltweit sind Trend Micro
Kunde
 Über 5500 Mitarbeiter in 38 Landesniederlassungen

4. The cloud has changed
how we look at security

5. Automation is the main
key driver to cloud
adoption

6. Microservices are
becoming a norm
Docker and Serverless are spurning this movement

7. How do you design security
Serverless
101
010
Physical Cloud Containers
& PaaS
Virtual

8. If we have access to
those powerful tools
How about the bad guys?

9. 500,000
new malware per day

10. 60%
of malicious domains are alive by one hour

11. 95%
connects to Command and Control Networks

12. 80%
of companies had security attacks or exploits

13. What can you do?
What are the techniques

14. Track every move
Enable Cloudtrail

15. Action on Specific API Calls
Cloudwatch Events

16. Keep Consistency across the
Infrastructure
Use Config Rules

17. Protect your Account
Learn IAM

18. How do you effectively
mitigate threats

19. Automate
Automated Security needs
Automated Response

20. Security Products
Built for AWS

21. Host-Based is still the
best approach
Source: SANS The State of Dynamic Data Center and Cloud Security in the Modern Enterprise October 2015

22. Bryce Industries
Analytics Company

23. Brenda the
Developer
Benny the Cloud
Architect
Barry the Security
Guy
Houdini the Hacker

24. Security Incident Response
Source: NIST

25. Benny the
Cloud Architect
SSH Control

26. What Happened

27. Scenario
Turning Off Cloudtrail
Benny the
Cloud Architect

28. What Happened

29. Uploading Suspicious
Objects to ContainersHoudini the
Hacker

30. What Happened

31. Running unauthorized
SoftwareBrenda the
Developer

32. What Happened

33. Shielding Vulnerable
AppsBrenda the
Developer

34. How does it work

35. Investigate
Barry the
Security Guy

36. Tools used
Amazon
Lambda
AWS CloudTrail CloudWatch AWS
Config
Amazon SNSDeep
Security

37. Coding is Required
Amazon
Lambda
AWS CloudTrail CloudWatch AWS
Config
Amazon SNSDeep
Security
or ask your friend to

38. Last Year we talked about
Superheroes and powers
This year we have new superpowers

39. Trend Micro
Deep Security 10

40. Cross-generational blend of threat
defense techniques
Powered by global
threat intelligence
Intelligently applies the right
technique at the right timeGen
TM