The Automation of Supervision: How Regulators and Audit Teams are using AWS t...Amazon Web Services
Security governance is used to support business objectives by defining policies & controls to manage risk. This session will focus on automation and visibility when using AWS.
Speaker: Brian Wagner, Senior Security Consultant, AWS
An Architecture for Trade Capture and Regulatory ReportingAmazon Web Services
For many securities organisations, post-trade processing is expensive, cumbersome, and time-consuming. This is in part due to the massive volumes of data required for processing a trade and the limited agility of the technology many organizations rely on today. In order to create efficiencies and move faster, many Financial Services organizations are working with AWS to implement post-trade solutions built with AWS’ storage services (S3 and Glacier) and big data capabilities (Athena, EMR, Redshift, and QuickSight ). In this session, AWS will walk through a trade capture and regulatory reporting solution that utilizes the aforementioned AWS services.
Speaker: Osemeke Isibor, Solutions Architect, AWS
You don’t need to be a security expert to protect your organizations data in the cloud. You don’t need to be a security expert to protect your workloads on AWS. You just need to be informed of the many security tools available in AWS, and learn how to use them.
Taking a highly automated approach to security, you can use key features of the AWS Cloud to transform security in your organization. As with infrastructure as an API, security as an API allows you to move rapidly & stay secure. From AWS security groups, to virtual private networks, to security tools, you need to learn how to automate and accelerate.
In this talk, you’ll see how various AWS features and cloud-aware security controls can work together to protect your deployments. Using real-world examples, you’ll come away with an understanding of steps you can take to ensure that you maximize the security of your deployment while minimizing the work it takes to keep it secure.
You will learn a logical approach to modern security that you can immediately apply to your own AWS deployments. You will learn how to use security tools and techniques to help you build with confidence.
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Amazon Web Services
The Defense Federal Acquisition Regulation Supplement (DFARS) is a supplement to the FAR that provides Department of Defense-specific acquisition regulations that DoD government acquisition officials and contractors doing business with DoD must follow in the procurement process for goods and services. This session will discuss the implications for meeting DFARS in the cloud and provide practical guidance on how DoD and defense contracting organizations can meet DFARS requirements using AWS GovCloud (US). The session will also feature a customer use case on addressing DFARS in AWS GovCloud (US). Learn More: https://aws.amazon.com/government-education/
AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services
AWS is hosting the first FSI Cloud Symposium in Hong Kong, which will take place on Thursday, March 23, 2017 at Grand Hyatt Hotel. The event will bring together FSI customers, industry professional and AWS experts, to explore how to turn the dream of transformation, innovation and acceleration into reality by exploiting Cloud, Voice to Text and IoT technologies. The packed agenda includes expert sessions on a host of pressing issues, such as security and compliance, as well as customer experience sharing on how cloud computing is benefiting the industry.
Speaker: Iolaire Mckinnon, Senior Consultant - Security, Risk & Compliance, Professional Services, AWS
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Amazon Web Services
This session covers the shared responsibility model for security and compliance specific to the AWS GovCloud (US) region. This presentation highlights the enhanced security offerings of AWS GovCloud (US), such as FIPS-140 Level 2 encryption, as well as the supported compliance regimes. It also reviews how our customers can build secure applications in GovCloud using the various security features such as IAM and VPC. This presentation also offers a brief overview of FedRAMP, explains the shared responsibility model through customer use cases, and covers how customers can obtain an Authority to Operate.
AWS offers its customers the tools you need to comply with EU privacy laws. This session will summarise how AWS supports your compliance strategy, including compliance with the latest regulatory developments in the EU, including the GDPR. Speaker: Liz Bauza, Senior Corporate Counsel, Amazon Web Services
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...Amazon Web Services
Learn how cloud.gov can help you deliver on federal government agency missions. cloud.gov is a shared service, built by and for the federal government, designed to help you deploy modern web applications in the cloud with substantially reduced infrastructure and security compliance work. cloud.gov is a self-service, Platform as a Service solution that helps you: (1) easily move existing prototypes to a production-ready environment, with reduced “time to ATO”; (2) transfer existing applications from data centers to make them more scalable and reduce costs; and (3) advance your agency’s use of the cloud by providing a place to prototype in a FedRAMP-authorized environment. cloud.gov developers, 18F, will explain its capabilities, what applications are best suited for cloud.gov, pricing, and more practical details that you need. cloud.gov has a FedRAMP Joint Authorization Board (JAB) P-ATO at the Moderate level, and it leverages the AWS GovCloud FedRAMP JAB P-ATO. This session is for both government agency teams and commercial companies that support the federal government. No technical experience is necessary. Learn More: https://aws.amazon.com/government-education/
The Automation of Supervision: How Regulators and Audit Teams are using AWS t...Amazon Web Services
Security governance is used to support business objectives by defining policies & controls to manage risk. This session will focus on automation and visibility when using AWS.
Speaker: Brian Wagner, Senior Security Consultant, AWS
An Architecture for Trade Capture and Regulatory ReportingAmazon Web Services
For many securities organisations, post-trade processing is expensive, cumbersome, and time-consuming. This is in part due to the massive volumes of data required for processing a trade and the limited agility of the technology many organizations rely on today. In order to create efficiencies and move faster, many Financial Services organizations are working with AWS to implement post-trade solutions built with AWS’ storage services (S3 and Glacier) and big data capabilities (Athena, EMR, Redshift, and QuickSight ). In this session, AWS will walk through a trade capture and regulatory reporting solution that utilizes the aforementioned AWS services.
Speaker: Osemeke Isibor, Solutions Architect, AWS
You don’t need to be a security expert to protect your organizations data in the cloud. You don’t need to be a security expert to protect your workloads on AWS. You just need to be informed of the many security tools available in AWS, and learn how to use them.
Taking a highly automated approach to security, you can use key features of the AWS Cloud to transform security in your organization. As with infrastructure as an API, security as an API allows you to move rapidly & stay secure. From AWS security groups, to virtual private networks, to security tools, you need to learn how to automate and accelerate.
In this talk, you’ll see how various AWS features and cloud-aware security controls can work together to protect your deployments. Using real-world examples, you’ll come away with an understanding of steps you can take to ensure that you maximize the security of your deployment while minimizing the work it takes to keep it secure.
You will learn a logical approach to modern security that you can immediately apply to your own AWS deployments. You will learn how to use security tools and techniques to help you build with confidence.
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Amazon Web Services
The Defense Federal Acquisition Regulation Supplement (DFARS) is a supplement to the FAR that provides Department of Defense-specific acquisition regulations that DoD government acquisition officials and contractors doing business with DoD must follow in the procurement process for goods and services. This session will discuss the implications for meeting DFARS in the cloud and provide practical guidance on how DoD and defense contracting organizations can meet DFARS requirements using AWS GovCloud (US). The session will also feature a customer use case on addressing DFARS in AWS GovCloud (US). Learn More: https://aws.amazon.com/government-education/
AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services
AWS is hosting the first FSI Cloud Symposium in Hong Kong, which will take place on Thursday, March 23, 2017 at Grand Hyatt Hotel. The event will bring together FSI customers, industry professional and AWS experts, to explore how to turn the dream of transformation, innovation and acceleration into reality by exploiting Cloud, Voice to Text and IoT technologies. The packed agenda includes expert sessions on a host of pressing issues, such as security and compliance, as well as customer experience sharing on how cloud computing is benefiting the industry.
Speaker: Iolaire Mckinnon, Senior Consultant - Security, Risk & Compliance, Professional Services, AWS
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Amazon Web Services
This session covers the shared responsibility model for security and compliance specific to the AWS GovCloud (US) region. This presentation highlights the enhanced security offerings of AWS GovCloud (US), such as FIPS-140 Level 2 encryption, as well as the supported compliance regimes. It also reviews how our customers can build secure applications in GovCloud using the various security features such as IAM and VPC. This presentation also offers a brief overview of FedRAMP, explains the shared responsibility model through customer use cases, and covers how customers can obtain an Authority to Operate.
AWS offers its customers the tools you need to comply with EU privacy laws. This session will summarise how AWS supports your compliance strategy, including compliance with the latest regulatory developments in the EU, including the GDPR. Speaker: Liz Bauza, Senior Corporate Counsel, Amazon Web Services
Deliver Your Agency Mission Faster With cloud.gov | AWS Public Sector Summit...Amazon Web Services
Learn how cloud.gov can help you deliver on federal government agency missions. cloud.gov is a shared service, built by and for the federal government, designed to help you deploy modern web applications in the cloud with substantially reduced infrastructure and security compliance work. cloud.gov is a self-service, Platform as a Service solution that helps you: (1) easily move existing prototypes to a production-ready environment, with reduced “time to ATO”; (2) transfer existing applications from data centers to make them more scalable and reduce costs; and (3) advance your agency’s use of the cloud by providing a place to prototype in a FedRAMP-authorized environment. cloud.gov developers, 18F, will explain its capabilities, what applications are best suited for cloud.gov, pricing, and more practical details that you need. cloud.gov has a FedRAMP Joint Authorization Board (JAB) P-ATO at the Moderate level, and it leverages the AWS GovCloud FedRAMP JAB P-ATO. This session is for both government agency teams and commercial companies that support the federal government. No technical experience is necessary. Learn More: https://aws.amazon.com/government-education/
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...Amazon Web Services
In this session we will explore the current financial regulatory landscape and future compliance trends. We will dive deep on to how to leverage AWS services to implement next generation security and compliance at scale.
Advanced Security Compliance and Risk Management with Xacta 360: Customer Sho...Amazon Web Services
AWS customers from the U.S. federal government showcase their experiences with the advanced features of Xacta 360 to illustrate streamlined compliance processes. The new Xacta 360 from Telos Corporation operationalizes the NIST RMF, using such cutting-edge features as Adaptive Controls Mapping and Advanced Inheritance to smooth the path to compliance and leverages AWS APIs to continuously monitor for changes in risk posture. Learn More: https://aws.amazon.com/government-education/
Sophos join us to cover the AWS Shared Security Model and common threats and consequences that you can face in your AWS environment.
Presented by - Peter Gordon - Senior Cloud Security Architect
View the full presentation here - https://youtu.be/cR2MK0rjmVo
Presented at AWS User Group Sydney
https://www.meetup.com/AWS-Sydney/
Hosted by PolarSeven -http://polarseven.com
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Amazon Web Services
AWS customers benefit from more than 1,800 security and compliance controls. Learn how these features offer visibility, agility, and control, raising the bar on cloud security over legacy environments. AWS Config can help you achieve compliance in real-time. You will have the opportunity to see how AWS Config empowers users to achieve continuous compliance through its AWS Config rules, and when used alongside AWS Lambda.
Myles Hosford, Security Solution Architect, APAC, AWS
James Wilkins, Lead of the Cloud Task Force, Association of Banks Singapore (ABS)
In this session we will explore the current financial regulatory landscape and future compliance trends. We will dive deep on to how to leverage AWS services to implement next generation security and compliance at scale. The session will be delivered by Myles Hosford, APAC Security Solution Architect, and James Wilkins, Lead of the Cloud Task Force for the Association of Banks Singapore (ABS).
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability and control. You have to know what you have and where it is before you can assess the environment against best practices and internal or compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says: "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish.
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 Amazon Web Services
This session will review how AWS allows FinTech’s across APAC to innovate at pace while maintaining the high level of security expected by the financial services community. We will review security domains including Infrastructure Security, Data Protection, Logging & Monitoring, Identity & Access Management and Intrusion Detection.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, the tools and services AWS makes available to customers to secure and manage their resources and best practices on how to use them.
This session is recommended for anyone with questions about how AWS can meet the compliance requirements of their applications.
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014Amazon Web Services
This session brings together the interests of engineering, compliance, and security experts, and shows you how to align your AWS workload to the controls in the HIPAA Security Rule. You hear from customers who process and store Protected Health Information (PHI) on AWS, and you learn how they satisfied their compliance requirements while maintaining agility. This session helps security and compliance experts find out what is technically possible on AWS and learn how implementing the Technical Safeguards in the HIPAA Security Rule can be simple and familiar. We walk through the Technical Safeguards of the Security Rule and map them to AWS features and design choices to help developers, operations teams, and engineers speak the language of their security and compliance peers.
AWS Cloud Governance & Security through Automation - Atlanta AWS BuildersJames Strong
Is that requirement from NIST 800-53 Controls or NIST 800-190? If you've ever wondered where those pesky cloud security controls come from, this meetup is for you.
In this Meetup, Jame Strong and Jason Lutz from Contino (an AWS Premier Consulting Partner) will discuss how Contino views DevSecOps. They will review the Benefits of DevSecOps:
- Cost Reduction
- Speed of Delivery
- Speed of Recovery
- Security is Federated
- DevSecOps Fosters a Culture of Openness and Transparency
During this Meetup, James and Jason will show you how to harden and secure a container pipeline and AWS network. Briefly, they will demonstrate how to deploy accounts with a Cloud Security Posture and review security best practices from AWS, CIS, and NIST. They will also touch on how to integrate changes in your infrastructure pipelines to adhere to your Enterprise's Security Compliance Guidelines.
If you're interested in integrating security and compliance into your Application and Infrastructure pipelines to realize the benefits of DevSecOps, join us in this virtual meetup.
Presentation recording available here: https://www.youtube.com/watch?v=_oDGZdp62ZU
At the 3/21/2017 IndyAWS Meetup, Justin Kittle, IT Manager at OurHealth, and Noah Jaehnert, Director of Information Security at OurHealth, discussed HIPAA Compliance in the AWS cloud. This presentation includes topics such as healthcare and HIPAA definitions, HIPAA requirements, HIPAA eligible AWS services, the AWS Shared Responsibility Model, meeting AWS' compliance model, and more.
by Fritz Kunstler, Sr. Security Consultant, AWS
AWS Organizations offers policy-based management for multiple AWS Accounts. Learn how Organizations helps you more easily manage policies for groups of accounts and automate account creation.
This session will provide an update on considerations for FIs around security and controls, with specific focus on the recently published Comprehensive Guidance on Cybersecurity Controls Issued by Securities and Futures Commission (SFC). The session will then conclude with an introduction to compliance concepts in the Cloud Using Security by Design principles.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that “Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?” That’s the level of granularity you can choose to implement if you wish. In this session, we’ll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
(Presented by Trend Micro)
In this session, you learn about the AWS shared security model, including considerations and best practices for deploying a secure and compliant application on AWS, and how to leverage the features and APIs provided by AWS. You also learn how to use best-in-class security and compliance solutions that have been optimized for enterprises deploying in AWS.
Key topics covered are Amazon EC2 and Amazon EBS encryption, including several key management methodologies as well as intrusion detection and prevention, anti-malware, anti-virus, integrity monitoring, firewall, and web reputation in the cloud.
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
Organizations like MailControl often discover they need to gain additional visibility into encrypted incoming and outgoing application traffic to detect potential threats or anomalies. F5 BIG-IP Virtual Edition (VE) on Amazon Web Services (AWS) delivers an advanced application delivery controller (ADC) that goes beyond balancing application loads, enabling inspection of inbound and outbound application traffic. Join our webinar with AWS to discover how F5 was able to help MailControl boost their visibility into the email traffic flowing through their application. By using virtualized F5 services on Amazon Web Services (AWS), the organization increased its application monitoring capabilities and improved security for its customers, while simultaneously automating processes to support its agile DevOps process.
Security is such a big subject which means that when you say security depending on the person you talk to they will have one or more of the following topics in their mind: AWS access, Access to your AWS infra, Audit Trails of ho did what in AWS, Securing access to your application, of your application, and OS security. And the list goes on and on. Without pretending I have "THE solution" and "to know it all" let me show you what I did regarding security in the cloud. I will show you how I tried to take security measures on all for me relevant aspects mentioned above and more.
Ryan Holland (Cloud Platform Solution Director, Alert Logic) and Pat McDowell (Partner Solution Architect, Amazon Web Services)'s presentation on AWS security services like AWS Inspector, AWS WAF, and AWS Config Rules at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
AWS Summit Singapore Webinar Edition | Building Tomorrow’s Financial Services...Amazon Web Services
In this session we will explore the current financial regulatory landscape and future compliance trends. We will dive deep on to how to leverage AWS services to implement next generation security and compliance at scale.
Advanced Security Compliance and Risk Management with Xacta 360: Customer Sho...Amazon Web Services
AWS customers from the U.S. federal government showcase their experiences with the advanced features of Xacta 360 to illustrate streamlined compliance processes. The new Xacta 360 from Telos Corporation operationalizes the NIST RMF, using such cutting-edge features as Adaptive Controls Mapping and Advanced Inheritance to smooth the path to compliance and leverages AWS APIs to continuously monitor for changes in risk posture. Learn More: https://aws.amazon.com/government-education/
Sophos join us to cover the AWS Shared Security Model and common threats and consequences that you can face in your AWS environment.
Presented by - Peter Gordon - Senior Cloud Security Architect
View the full presentation here - https://youtu.be/cR2MK0rjmVo
Presented at AWS User Group Sydney
https://www.meetup.com/AWS-Sydney/
Hosted by PolarSeven -http://polarseven.com
Achieving Continuous Compliance using AWS Config - AWS Public Sector Summit S...Amazon Web Services
AWS customers benefit from more than 1,800 security and compliance controls. Learn how these features offer visibility, agility, and control, raising the bar on cloud security over legacy environments. AWS Config can help you achieve compliance in real-time. You will have the opportunity to see how AWS Config empowers users to achieve continuous compliance through its AWS Config rules, and when used alongside AWS Lambda.
Myles Hosford, Security Solution Architect, APAC, AWS
James Wilkins, Lead of the Cloud Task Force, Association of Banks Singapore (ABS)
In this session we will explore the current financial regulatory landscape and future compliance trends. We will dive deep on to how to leverage AWS services to implement next generation security and compliance at scale. The session will be delivered by Myles Hosford, APAC Security Solution Architect, and James Wilkins, Lead of the Cloud Task Force for the Association of Banks Singapore (ABS).
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability and control. You have to know what you have and where it is before you can assess the environment against best practices and internal or compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says: "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish.
AWS Security Enabiling Fintech Pace Security AWS Summit SG 2017 Amazon Web Services
This session will review how AWS allows FinTech’s across APAC to innovate at pace while maintaining the high level of security expected by the financial services community. We will review security domains including Infrastructure Security, Data Protection, Logging & Monitoring, Identity & Access Management and Intrusion Detection.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, the tools and services AWS makes available to customers to secure and manage their resources and best practices on how to use them.
This session is recommended for anyone with questions about how AWS can meet the compliance requirements of their applications.
(HLS401) Architecting for HIPAA Compliance on AWS | AWS re:Invent 2014Amazon Web Services
This session brings together the interests of engineering, compliance, and security experts, and shows you how to align your AWS workload to the controls in the HIPAA Security Rule. You hear from customers who process and store Protected Health Information (PHI) on AWS, and you learn how they satisfied their compliance requirements while maintaining agility. This session helps security and compliance experts find out what is technically possible on AWS and learn how implementing the Technical Safeguards in the HIPAA Security Rule can be simple and familiar. We walk through the Technical Safeguards of the Security Rule and map them to AWS features and design choices to help developers, operations teams, and engineers speak the language of their security and compliance peers.
AWS Cloud Governance & Security through Automation - Atlanta AWS BuildersJames Strong
Is that requirement from NIST 800-53 Controls or NIST 800-190? If you've ever wondered where those pesky cloud security controls come from, this meetup is for you.
In this Meetup, Jame Strong and Jason Lutz from Contino (an AWS Premier Consulting Partner) will discuss how Contino views DevSecOps. They will review the Benefits of DevSecOps:
- Cost Reduction
- Speed of Delivery
- Speed of Recovery
- Security is Federated
- DevSecOps Fosters a Culture of Openness and Transparency
During this Meetup, James and Jason will show you how to harden and secure a container pipeline and AWS network. Briefly, they will demonstrate how to deploy accounts with a Cloud Security Posture and review security best practices from AWS, CIS, and NIST. They will also touch on how to integrate changes in your infrastructure pipelines to adhere to your Enterprise's Security Compliance Guidelines.
If you're interested in integrating security and compliance into your Application and Infrastructure pipelines to realize the benefits of DevSecOps, join us in this virtual meetup.
Presentation recording available here: https://www.youtube.com/watch?v=_oDGZdp62ZU
At the 3/21/2017 IndyAWS Meetup, Justin Kittle, IT Manager at OurHealth, and Noah Jaehnert, Director of Information Security at OurHealth, discussed HIPAA Compliance in the AWS cloud. This presentation includes topics such as healthcare and HIPAA definitions, HIPAA requirements, HIPAA eligible AWS services, the AWS Shared Responsibility Model, meeting AWS' compliance model, and more.
by Fritz Kunstler, Sr. Security Consultant, AWS
AWS Organizations offers policy-based management for multiple AWS Accounts. Learn how Organizations helps you more easily manage policies for groups of accounts and automate account creation.
This session will provide an update on considerations for FIs around security and controls, with specific focus on the recently published Comprehensive Guidance on Cybersecurity Controls Issued by Securities and Futures Commission (SFC). The session will then conclude with an introduction to compliance concepts in the Cloud Using Security by Design principles.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that “Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?” That’s the level of granularity you can choose to implement if you wish. In this session, we’ll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
(Presented by Trend Micro)
In this session, you learn about the AWS shared security model, including considerations and best practices for deploying a secure and compliant application on AWS, and how to leverage the features and APIs provided by AWS. You also learn how to use best-in-class security and compliance solutions that have been optimized for enterprises deploying in AWS.
Key topics covered are Amazon EC2 and Amazon EBS encryption, including several key management methodologies as well as intrusion detection and prevention, anti-malware, anti-virus, integrity monitoring, firewall, and web reputation in the cloud.
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
Organizations like MailControl often discover they need to gain additional visibility into encrypted incoming and outgoing application traffic to detect potential threats or anomalies. F5 BIG-IP Virtual Edition (VE) on Amazon Web Services (AWS) delivers an advanced application delivery controller (ADC) that goes beyond balancing application loads, enabling inspection of inbound and outbound application traffic. Join our webinar with AWS to discover how F5 was able to help MailControl boost their visibility into the email traffic flowing through their application. By using virtualized F5 services on Amazon Web Services (AWS), the organization increased its application monitoring capabilities and improved security for its customers, while simultaneously automating processes to support its agile DevOps process.
Security is such a big subject which means that when you say security depending on the person you talk to they will have one or more of the following topics in their mind: AWS access, Access to your AWS infra, Audit Trails of ho did what in AWS, Securing access to your application, of your application, and OS security. And the list goes on and on. Without pretending I have "THE solution" and "to know it all" let me show you what I did regarding security in the cloud. I will show you how I tried to take security measures on all for me relevant aspects mentioned above and more.
Ryan Holland (Cloud Platform Solution Director, Alert Logic) and Pat McDowell (Partner Solution Architect, Amazon Web Services)'s presentation on AWS security services like AWS Inspector, AWS WAF, and AWS Config Rules at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
Danny Mak, Partner Solutions Architect, APAC shares how to modernize with containers and build using DevOps on AWS during the AWS ASEAN Partner Techshift.
This session will start with an overview of the AWS security & compliance programs that enable financial services institutions to create secure workloads as they move to the cloud. We will dive into Financial Services Institutions (FSI) specific security considerations and regional regulations that may need to be considered.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
Secure your AWS Account and your Organization's Accounts Amazon Web Services
The cloud enables users to run workloads more securely than they could in a traditional data center. However, customers are still not sure how to harden their AWS accounts and resources in order to enforce compliance. Consistency around governance can also be a concern when large customers have multiple accounts. In this session, we show you how to use automation, tools, and techniques to harden and audit your AWS account as well as how to leverage AWS Organizations to ensure compliance in your enterprise.
Secure Your AWS Account and Your Organization's Accounts - SID202 - Chicago A...Amazon Web Services
The cloud enables users to run workloads more securely than they could in a traditional data center. However, customers are still not sure how to harden their AWS accounts and resources in order to enforce compliance. Consistency around governance can also be a concern when large customers have multiple accounts. In this session, we show you how to use automation, tools, and techniques to harden and audit your AWS account as well as how to leverage AWS Organizations to ensure compliance in your enterprise.
Automating Compliance for Financial Institutions - AWS Summit SG 2017Amazon Web Services
This session demonstrates how to architect for continuous compliance and security using CloudWatch Events and AWS Config rules. This session focuses on the actual code for the various controls, actions, and remediation features, and how to use various AWS services and features to build them. The demos in this session include CIS Amazon Web Services Foundations validation; examples of custom rules for regulatory compliance and how to automate aspects of incident response.
AWS provides several security capabilities and services to increase privacy and control infrastructure access. Built-in firewalls allow you to create private networks within AWS, and also control network access to your instances and subnets. Identity and access management capabilities enable you to define individual user accounts with permissions across AWS resources. AWS also provides tools and features that enable you to see exactly what’s happening in your AWS environment. In this session, you will gain an understanding of preventive and detective controls at the infrastructure level on AWS. We will cover Identity and Access Management as well as the security aspects of Amazon EC2, Virtual Private Cloud (VPC), Elastic Load Balancing (ELB), and CloudTrail.
2014년 10월 29일에 열린 AWS Enterprise Summit에서의 발표자료입니다. 아마존 웹서비스의 양승도 솔루션스 아키텍트가 진행한 강연입니다.
강연 요약: 보안은 AWS와 고객 모두에게 매우 중요한 사항입니다. 많은 엔터프라이즈 고객들이 AWS를 신뢰해 금융정보나 개인정보 등의 민감한 정보들을 AWS에 저장하고 있습니다. 이 세션에서는 이러한 엔터프라이즈 고객들이 보안성 있는 애플리케이션을 구축하고 중요 정보를 암호화하는 등 보안을 유지하는 데 사용하는 AWS의 주요 보안 기능에 대해 알아보고, 기존의 보안 정책에 맞게 AWS를 사용할 수 있는 방법에 대해서도 알아보겠습니다. 또한 귀사의 현재 보안 태세를 한층 강화할 수 있도록 보안 프로그램과 절차, 모범 사례 등을 소개할 예정입니다.
Amazon Web Services offers a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. Amazon Web Services provides security-specific tools and features across network security, configuration management, access control and data security. In addition, Amazon Web Services provides monitoring and logging tools to provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that Amazon Web Services offers, and the latest security innovations coming from Amazon Web Services.
Andrew Watts-Curnow, Cloud Architect - Professional Services, ASEAN
Because the entire AWS cloud platform is programmable, it turns out that you can program security and compliance in advance of actually instantiating any actual workloads. In this session, we show how you can design a secure and compliant workload and even have it audited by a third-party auditor before creating it for the first time! Once it's created, other facilities provide mechanisms for detecting and alerting a drift from your baseline, and even automatically remediating the drift. Learn how the comprehensive automation available in AWS provides security and compliance professionals an entire new, more efficient, and more effective way to work.
Speaker: John Hildebrand, Solutions Architect, Amazon Web Services
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
This webinar will help you understand more about how AWS practices security, the compliance and certification of the AWS platform, how security is shared between AWS and it’s customers, key AWS security features that customers can build into their own solutions; and where to get training, advice and further information on AWS security.
After IAM and Detective Controls you’ll turn to Infrastructure Security, which means tuning AWS Service configurations, AMI composition, and hardening other digital assets that will be deployed. We will cover how to define networking architecture (e.g. VPC, subnets, security groups); how to develop hardened AMIs based on your requirements; the importance of defining Internet ingress and egress flows, and how to determine Vulnerability Management and operational maintenance cadence.
At our winter East Midlands Cyber Security Forum event, Dave Walker gave a presentation looking at Amazon’s security approach for their web services, outlining the key tools that are available to ensure a secure deployment.
http://qonex.com/east-midlands-cyber-security-forum/
Similar to Achieving Real-time Compliance using AWS Native Services (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
13. Meet Joe Sec
AWS Config is available in all AWS regions
• Continuously monitor configurations
• Record configuration changes
• Trigger compliance-as-code Rules
• Handle multi-Accounts and multi-Regions (NEW)
AWS Config: https://aws.amazon.com/config/
AWS
Config
28. Compliance-as-code 2-Dimension
Security Baseline Controls
Controls Specific to Scenarios
AWS Services Controls
Layersofcontrols
RuleSets on Scenarios
RuleSet on Baseline
Depth of controls
RuleSets on Services
29. Compliance-as-code 2-Dimension
Security Baseline Controls
Controls Specific to Scenarios
AWS Services Controls
Layersofcontrols
RuleSets on Scenarios
RuleSet on Baseline
Depth of controls
RuleSets on Services
30. AWS Services Controls
Compliance-as-code 2-Dimension
Security Baseline Controls
Controls Specific to Scenarios
Layersofcontrols
RuleSets on Scenarios
RuleSet on Baseline
Depth of controls
RuleSets on Services
31. AWS Services Controls
Compliance-as-code 2-Dimension
Security Baseline Controls
Controls Specific to Scenarios
Layersofcontrols
RuleSets on Scenarios
RuleSet on Baseline
Depth of controls
RuleSets on Services
37. Compliance-as-code Engine
Collaborative AWS project:
built from experience with FinServe AWS Customers
and contribution from AWS Services teams.
• Provide a catalog of RuleSets
• Integrate with existing/new operations
• Empower application owners with feedback
• Provide visibility on history and analytics on
compliance data
Github: https://github.com/awslabs/aws-config-engine-for-compliance-as-code
39. 5 Key Learnings
• Start your Flywheel now.
• Be good enough, not perfect.
• Be lean: Go from Dev to Prod.
• Demonstrate value by measuring impact.
• Others & AWS have done it, ask and share.