SlideShare a Scribd company logo

AWS Inspector Findings: Automate Security with Lambda and SNS

Download as PPTX, PDF
Amazon Web Services
Amazon Web Services

This document discusses Amazon Inspector findings. It begins by introducing Eric Fitzgerald from Amazon and providing context on what Amazon Inspector is. It then discusses findings in more detail - specifically that findings report potential security issues, provide metadata, and can be used to drive automation. It demonstrates how to examine findings through the console and CLI. It also provides examples of how findings can be automatically exported using SNS and Lambda and how Lambda can be used to automatically remediate findings by triggering actions with other AWS services like SSM.

Technology
1 of 15
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Eric Fitzgerald September 2016 Working with Amazon Inspector Findings
Introduction Who’s talking? • Eric Fitzgerald • Principal Engineer on Inspector team What is Inspector? • A security-as-a-service offering in AWS • Inspector assesses your EC2 instances for configuration or operational vulnerabilities • This presentation assumes that you have basic familiarity with Inspector: https://www.youtube.com/watch?v=BksbSqA3j9U
What is Inspector for? • Helping our customers with their part of the shared security model • Vulnerability analysis without having to deploy & manage scan infrastructure • Designed to work in DevOps environments • Highly composable – integrate Inspector however it makes sense to you • Works fine standalone as well • Agent based
Inspector Concepts Target • What to assess • Tags that match against EC2 instances Rules Package • Set of rules (security checks) grouped by security goal • Security best practices, CIS, CVE, behavior monitoring Template • How to assess • Pick a target, pick one or more rules packages, pick a duration Run • An instance of a template – i.e. a “scan” • You can compare the results from run to run Finding • A potential security issue discovered by Inspector <-- This is what we’re going to talk about today In weekly scan starting 2016-09-08, Instance 1 was vulnerable to CVE-2016-5678
What are Findings? • Findings are reports of potential security issues with the objects (assets) that you’re assessing with Inspector • Assessment metadata: createdAt, service, serviceAttributes • Security metadata: severity, confidence, IoC • Describes asset: assetType, assetAttributes • Describes issue: title, description, recommendation • Can store bits of user-provided state- tag-like name/value pairs ”user attributes” • But findings are more than that – they are a language for automation to talk about the security state of the things being protected • Findings are a core element of AWS security services
{ "failedItems": {}, "findings": [ { "assetType": "ec2-instance", "confidence": 10, "numericSeverity": 9.0, "description": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.", "service": "Inspector", "title": "Instance i-0044413a449b423e0 is vulnerable to CVE-2016-3508", "indicatorOfCompromise": false, "assetAttributes": { "ipv4Addresses": [], "agentId": "i-0044413a449b423e0" }, "userAttributes": [], "recommendation": "Use your Operating System's update feature to update package java-1.7.0-openjdk, java-1.7.0-openjdk-1:1.7.0.101- 2.6.6.1.67.amzn1. For more information see [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3508](https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2016-3508)", "updatedAt": 1474922252.15, "attributes": [ { "value": "java-1.7.0-openjdk, java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.67.amzn1", "key": "package_name" }, { "value": "CVE-2016-3508", "key": "CVE_ID" }, { "value": "i-0044413a449b423e0", "key": "INSTANCE_ID" } ], "serviceAttributes": { "assessmentRunArn": "arn:aws:inspector:us-west-2:904328719097:target/0-bRdCL0nH/template/0-E38vEeRS/run/0-v71aypKJ", "rulesPackageArn": "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p" }, "createdAt": 1474922252.15, "severity": "High" } ] }
Aren’t Findings Just Reports • No • Findings tell you only that Inspector found a potential security issue. • Findings are intended to be a low-effort low-overhead way to drive automation – think “event-driven security”. • Reports tell you what was assessed, what was tested for, pass/fail results for each test, etc.- much more comprehensive • We don’t have reports now but we have heard this request from customers. Stay tuned to the AWS blog…
Demo: Examining Findings • Through the user interface • Through the CLI
Automated Export of Findings • Remember composability? Inspector can send notifications to an SNS topic for various operations, including generation of a finding • The notification only contains the finding ARN, so if you want to pass the finding along as plain text, you have to do just a little bit of work – Lambda is good for this • If you want to forward findings as email (including to Jira ServiceDesk), then use Lambda to format the finding as an email and send it via SNS. https://aws.amazon.com/blogs/aws/scale-your- security-vulnerability-testing-with-amazon-inspector/ • If you have a third party tool like Slack that needs API integration, then use Lambda to format the finding and make the API call- there’s a blueprint for that.
Demo – Finding Export with SNS & Lambda
Automatic Remediation of Findings • We’ve heard feedback from customers about including remediation in Inspector. In the meantime… • Remember composability? Event-driven security? • You can use SNS to notify a Lambda function of new findings. Lambda can look at the kind of finding and take an action. • In this case, Lambda looks for CVE findings, and then uses EC2 SSM to tell the system to update itself. • We’re about to publish a blog on this, but here’s a sneak peek!
Demo – Finding Remediation with Lambda and SSM
Takeaways • Findings are a core element of AWS security services that identify potential security issues • They’re easy to build on… remember “Event-driven security” • SSM is a powerful way to take actions in response to findings • SNS & Lambda are the glue that connects findings to actions
Helpful Resources Inspector documentation: https://aws.amazon.com/documentation/inspector Inspector forum: https://forums.aws.amazon.com/forum.jspa?forumID=205& start=0
Thank you!

Recommended

(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon InspectorAmazon Web Services
 
AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day Amazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSAmazon Web Services
 
Announcements for Mobile Developers
Announcements for Mobile DevelopersAnnouncements for Mobile Developers
Announcements for Mobile DevelopersAmazon Web Services
 
網路安全自動化 - 縮短應用維安的作業時間
網路安全自動化 - 縮短應用維安的作業時間網路安全自動化 - 縮短應用維安的作業時間
網路安全自動化 - 縮短應用維安的作業時間Amazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSAmazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudAmazon Web Services
 
Automated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAutomated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAmazon Web Services
 

Recommended

(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon InspectorAmazon Web Services
 
AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day AWS Security in Plain English – AWS Security Day
AWS Security in Plain English – AWS Security Day Amazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSAmazon Web Services
 
Announcements for Mobile Developers
Announcements for Mobile DevelopersAnnouncements for Mobile Developers
Announcements for Mobile DevelopersAmazon Web Services
 
網路安全自動化 - 縮短應用維安的作業時間
網路安全自動化 - 縮短應用維安的作業時間網路安全自動化 - 縮短應用維安的作業時間
網路安全自動化 - 縮短應用維安的作業時間Amazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSAmazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudAmazon Web Services
 
Automated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAutomated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAmazon Web Services
 
Automating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeployAutomating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeployAmazon Web Services
 
(SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive (SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive Amazon Web Services
 
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017Amazon Web Services
 
(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation Options(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation OptionsAmazon Web Services
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...Amazon Web Services
 
Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Amazon Web Services
 
Workshop: We love APIs
Workshop: We love APIsWorkshop: We love APIs
Workshop: We love APIsAmazon Web Services
 
AWS Enterprise Summit Netherlands - WorkSpaces & WorkMail
AWS Enterprise Summit Netherlands - WorkSpaces & WorkMailAWS Enterprise Summit Netherlands - WorkSpaces & WorkMail
AWS Enterprise Summit Netherlands - WorkSpaces & WorkMailAmazon Web Services
 
Building Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar SeriesBuilding Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar SeriesAmazon Web Services
 
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014Amazon Web Services
 
Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Amazon Web Services
 
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesGetting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesAmazon Web Services
 
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013Amazon Web Services
 
February 2016 Webinar Series - Introducing VPC Support for AWS Lambda
February 2016 Webinar Series - Introducing VPC Support for AWS LambdaFebruary 2016 Webinar Series - Introducing VPC Support for AWS Lambda
February 2016 Webinar Series - Introducing VPC Support for AWS LambdaAmazon Web Services
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWSAmazon Web Services
 
AWS APAC Webinar Week - Getting The Most From EC2
AWS APAC Webinar Week - Getting The Most From EC2AWS APAC Webinar Week - Getting The Most From EC2
AWS APAC Webinar Week - Getting The Most From EC2Amazon Web Services
 
SRV201 Getting Started with Docker on AWS
SRV201 Getting Started with Docker on AWSSRV201 Getting Started with Docker on AWS
SRV201 Getting Started with Docker on AWSAmazon Web Services
 
AWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar SeriesAWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar SeriesAmazon Web Services
 
AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013
AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013
AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013Amazon Web Services
 
Srv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoTSrv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoTAmazon Web Services
 
Getting Started with Amazon Redshift
Getting Started with Amazon RedshiftGetting Started with Amazon Redshift
Getting Started with Amazon RedshiftAmazon Web Services
 
Secure your critical workload on AWS
Secure your critical workload on AWSSecure your critical workload on AWS
Secure your critical workload on AWSAmazon Web Services
 

More Related Content

What's hot

Automating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeployAutomating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeployAmazon Web Services
 
(SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive (SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive Amazon Web Services
 
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017Amazon Web Services
 
(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation Options(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation OptionsAmazon Web Services
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...Amazon Web Services
 
Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Amazon Web Services
 
AWS Enterprise Summit Netherlands - WorkSpaces & WorkMail
AWS Enterprise Summit Netherlands - WorkSpaces & WorkMailAWS Enterprise Summit Netherlands - WorkSpaces & WorkMail
AWS Enterprise Summit Netherlands - WorkSpaces & WorkMailAmazon Web Services
 
Building Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar SeriesBuilding Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar SeriesAmazon Web Services
 
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014Amazon Web Services
 
Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Amazon Web Services
 
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesGetting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesAmazon Web Services
 
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013Amazon Web Services
 
February 2016 Webinar Series - Introducing VPC Support for AWS Lambda
February 2016 Webinar Series - Introducing VPC Support for AWS LambdaFebruary 2016 Webinar Series - Introducing VPC Support for AWS Lambda
February 2016 Webinar Series - Introducing VPC Support for AWS LambdaAmazon Web Services
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWSAmazon Web Services
 
AWS APAC Webinar Week - Getting The Most From EC2
AWS APAC Webinar Week - Getting The Most From EC2AWS APAC Webinar Week - Getting The Most From EC2
AWS APAC Webinar Week - Getting The Most From EC2Amazon Web Services
 
SRV201 Getting Started with Docker on AWS
SRV201 Getting Started with Docker on AWSSRV201 Getting Started with Docker on AWS
SRV201 Getting Started with Docker on AWSAmazon Web Services
 
AWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar SeriesAWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar SeriesAmazon Web Services
 
AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013
AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013
AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013Amazon Web Services
 
Srv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoTSrv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoTAmazon Web Services
 

What's hot (20)

Automating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeployAutomating Software Deployments with AWS CodeDeploy
Automating Software Deployments with AWS CodeDeploy
 
(SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive (SEC315) AWS Directory Service Deep Dive
(SEC315) AWS Directory Service Deep Dive
 
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017
Hybrid IT: A Stepping Stone to All-In - Pop-up Loft TLV 2017
 
(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation Options(SEC307) A Progressive Journey Through AWS IAM Federation Options
(SEC307) A Progressive Journey Through AWS IAM Federation Options
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
 
Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...Managing your identities in the cloud with AWS and Microsoft Active Directory...
Managing your identities in the cloud with AWS and Microsoft Active Directory...
 
Workshop: We love APIs
Workshop: We love APIsWorkshop: We love APIs
Workshop: We love APIs
 
AWS Enterprise Summit Netherlands - WorkSpaces & WorkMail
AWS Enterprise Summit Netherlands - WorkSpaces & WorkMailAWS Enterprise Summit Netherlands - WorkSpaces & WorkMail
AWS Enterprise Summit Netherlands - WorkSpaces & WorkMail
 
Building Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar SeriesBuilding Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar Series
 
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
 
Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017Security best practices on AWS - Pop-up Loft TLV 2017
Security best practices on AWS - Pop-up Loft TLV 2017
 
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar SeriesGetting Started with Amazon Inspector - AWS June 2016 Webinar Series
Getting Started with Amazon Inspector - AWS June 2016 Webinar Series
 
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
AWS Elastic Beanstalk under the Hood (DMG301) | AWS re:Invent 2013
 
February 2016 Webinar Series - Introducing VPC Support for AWS Lambda
February 2016 Webinar Series - Introducing VPC Support for AWS LambdaFebruary 2016 Webinar Series - Introducing VPC Support for AWS Lambda
February 2016 Webinar Series - Introducing VPC Support for AWS Lambda
 
(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS(SEC304) Architecting for HIPAA Compliance on AWS
(SEC304) Architecting for HIPAA Compliance on AWS
 
AWS APAC Webinar Week - Getting The Most From EC2
AWS APAC Webinar Week - Getting The Most From EC2AWS APAC Webinar Week - Getting The Most From EC2
AWS APAC Webinar Week - Getting The Most From EC2
 
SRV201 Getting Started with Docker on AWS
SRV201 Getting Started with Docker on AWSSRV201 Getting Started with Docker on AWS
SRV201 Getting Started with Docker on AWS
 
AWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar SeriesAWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar Series
 
AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013
AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013
AWS CloudFormation under the Hood (DMG303) | AWS re:Invent 2013
 
Srv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoTSrv204 Getting Started with AWS IoT
Srv204 Getting Started with AWS IoT
 

Viewers also liked

Getting Started with Amazon Redshift
Getting Started with Amazon RedshiftGetting Started with Amazon Redshift
Getting Started with Amazon RedshiftAmazon Web Services
 
Secure your critical workload on AWS
Secure your critical workload on AWSSecure your critical workload on AWS
Secure your critical workload on AWSAmazon Web Services
 
Getting Started with Amazon Aurora
Getting Started with Amazon AuroraGetting Started with Amazon Aurora
Getting Started with Amazon AuroraAmazon Web Services
 
FedRAMP High & AWS GovCloud (US): FISMA High Requirements
FedRAMP High & AWS GovCloud (US): FISMA High RequirementsFedRAMP High & AWS GovCloud (US): FISMA High Requirements
FedRAMP High & AWS GovCloud (US): FISMA High RequirementsAmazon Web Services
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS SecurityAmazon Web Services
 
AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC2...
AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC2...AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC2...
AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC2...Amazon Web Services
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesAmazon Web Services
 
ACCELERATING OTT DELIVERY AND MODERNIZING MEDIA LOGISTICS WITH CLOUD BASED VI...
ACCELERATING OTT DELIVERY AND MODERNIZING MEDIA LOGISTICS WITH CLOUD BASED VI...ACCELERATING OTT DELIVERY AND MODERNIZING MEDIA LOGISTICS WITH CLOUD BASED VI...
ACCELERATING OTT DELIVERY AND MODERNIZING MEDIA LOGISTICS WITH CLOUD BASED VI...Amazon Web Services
 
AWS re:Invent 2016: Getting Started with the Hybrid Cloud: Enterprise Backup ...
AWS re:Invent 2016: Getting Started with the Hybrid Cloud: Enterprise Backup ...AWS re:Invent 2016: Getting Started with the Hybrid Cloud: Enterprise Backup ...
AWS re:Invent 2016: Getting Started with the Hybrid Cloud: Enterprise Backup ...Amazon Web Services
 
AWS re:Invent 2016: FINRA in the Cloud: the Big Data Enterprise (ENT313)
AWS re:Invent 2016: FINRA in the Cloud: the Big Data Enterprise (ENT313)AWS re:Invent 2016: FINRA in the Cloud: the Big Data Enterprise (ENT313)
AWS re:Invent 2016: FINRA in the Cloud: the Big Data Enterprise (ENT313)Amazon Web Services
 
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...Amazon Web Services
 
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...Amazon Web Services
 
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...Amazon Web Services
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon InspectorAmazon Web Services
 

Viewers also liked (16)

Getting Started with Amazon Redshift
Getting Started with Amazon RedshiftGetting Started with Amazon Redshift
Getting Started with Amazon Redshift
 
Secure your critical workload on AWS
Secure your critical workload on AWSSecure your critical workload on AWS
Secure your critical workload on AWS
 
Getting Started with Amazon Aurora
Getting Started with Amazon AuroraGetting Started with Amazon Aurora
Getting Started with Amazon Aurora
 
Big Data Analytics on AWS
Big Data Analytics on AWSBig Data Analytics on AWS
Big Data Analytics on AWS
 
FedRAMP High & AWS GovCloud (US): FISMA High Requirements
FedRAMP High & AWS GovCloud (US): FISMA High RequirementsFedRAMP High & AWS GovCloud (US): FISMA High Requirements
FedRAMP High & AWS GovCloud (US): FISMA High Requirements
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS Security
 
AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC2...
AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC2...AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC2...
AWS re:Invent 2016: Hybrid Architectures: Bridging the Gap to the Cloud( ARC2...
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar Series
 
ACCELERATING OTT DELIVERY AND MODERNIZING MEDIA LOGISTICS WITH CLOUD BASED VI...
ACCELERATING OTT DELIVERY AND MODERNIZING MEDIA LOGISTICS WITH CLOUD BASED VI...ACCELERATING OTT DELIVERY AND MODERNIZING MEDIA LOGISTICS WITH CLOUD BASED VI...
ACCELERATING OTT DELIVERY AND MODERNIZING MEDIA LOGISTICS WITH CLOUD BASED VI...
 
AWS re:Invent 2016: Getting Started with the Hybrid Cloud: Enterprise Backup ...
AWS re:Invent 2016: Getting Started with the Hybrid Cloud: Enterprise Backup ...AWS re:Invent 2016: Getting Started with the Hybrid Cloud: Enterprise Backup ...
AWS re:Invent 2016: Getting Started with the Hybrid Cloud: Enterprise Backup ...
 
AWS re:Invent 2016: FINRA in the Cloud: the Big Data Enterprise (ENT313)
AWS re:Invent 2016: FINRA in the Cloud: the Big Data Enterprise (ENT313)AWS re:Invent 2016: FINRA in the Cloud: the Big Data Enterprise (ENT313)
AWS re:Invent 2016: FINRA in the Cloud: the Big Data Enterprise (ENT313)
 
Cost Optimization at Scale
Cost Optimization at ScaleCost Optimization at Scale
Cost Optimization at Scale
 
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
Best Practices for Managing Security Operations in AWS - March 2017 AWS Onlin...
 
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
 
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
Best Practices for Managing Security Operations in AWS - AWS July 2016 Webina...
 
Getting Started with Amazon Inspector
Getting Started with Amazon InspectorGetting Started with Amazon Inspector
Getting Started with Amazon Inspector
 

Similar to AWS Inspector Findings: Automate Security with Lambda and SNS

DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017Amazon Web Services
 
Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Security Architecture recommendations for your new AWS operation - Pop-up Lof...Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Security Architecture recommendations for your new AWS operation - Pop-up Lof...Amazon Web Services
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxcgt38842
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxjohnpragasam1
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxazida3
 
OWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptxOWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptxnmk42194
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsAmazon Web Services
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Amazon Web Services
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps Kristana Kane
 
Integrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfIntegrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfAmazon Web Services
 
How to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsHow to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsAleksandr Maklakov
 
Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Yan Cui
 
AWS Startup Webinar | Developing on AWS
AWS Startup Webinar | Developing on AWSAWS Startup Webinar | Developing on AWS
AWS Startup Webinar | Developing on AWSAmazon Web Services
 
(DVO303) Scaling Infrastructure Operations with AWS
(DVO303) Scaling Infrastructure Operations with AWS(DVO303) Scaling Infrastructure Operations with AWS
(DVO303) Scaling Infrastructure Operations with AWSAmazon Web Services
 
Scaling security in a cloud environment v0.5 (Sep 2017)
Scaling security in a cloud environment v0.5 (Sep 2017)Scaling security in a cloud environment v0.5 (Sep 2017)
Scaling security in a cloud environment v0.5 (Sep 2017)Dinis Cruz
 
Integrating_Cloud_Development_Security_And_Operations.pdf
Integrating_Cloud_Development_Security_And_Operations.pdfIntegrating_Cloud_Development_Security_And_Operations.pdf
Integrating_Cloud_Development_Security_And_Operations.pdfAmazon Web Services
 

Similar to AWS Inspector Findings: Automate Security with Lambda and SNS (20)

DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017DevOps Tooling - Pop-up Loft TLV 2017
DevOps Tooling - Pop-up Loft TLV 2017
 
Inspector
InspectorInspector
Inspector
 
Inspector
InspectorInspector
Inspector
 
Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Security Architecture recommendations for your new AWS operation - Pop-up Lof...Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Security Architecture recommendations for your new AWS operation - Pop-up Lof...
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
 
OWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptxOWASP_Top_Ten_Proactive_Controls_v2.pptx
OWASP_Top_Ten_Proactive_Controls_v2.pptx
 
OWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptxOWASP_Top_Ten_Proactive_Controls_v32.pptx
OWASP_Top_Ten_Proactive_Controls_v32.pptx
 
Securing Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOpsSecuring Systems at Cloud Scale with DevSecOps
Securing Systems at Cloud Scale with DevSecOps
 
Toward Full Stack Security
Toward Full Stack SecurityToward Full Stack Security
Toward Full Stack Security
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
 
Integrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdfIntegrating-Cloud-Development-Security-And-Operations.pdf
Integrating-Cloud-Development-Security-And-Operations.pdf
 
How to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startupsHow to implement DevSecOps on AWS for startups
How to implement DevSecOps on AWS for startups
 
Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)Serverless in production, an experience report (JeffConf)
Serverless in production, an experience report (JeffConf)
 
AWS Startup Webinar | Developing on AWS
AWS Startup Webinar | Developing on AWSAWS Startup Webinar | Developing on AWS
AWS Startup Webinar | Developing on AWS
 
(DVO303) Scaling Infrastructure Operations with AWS
(DVO303) Scaling Infrastructure Operations with AWS(DVO303) Scaling Infrastructure Operations with AWS
(DVO303) Scaling Infrastructure Operations with AWS
 
Scaling security in a cloud environment v0.5 (Sep 2017)
Scaling security in a cloud environment v0.5 (Sep 2017)Scaling security in a cloud environment v0.5 (Sep 2017)
Scaling security in a cloud environment v0.5 (Sep 2017)
 
Introduction to DevOps on AWS
Introduction to DevOps on AWSIntroduction to DevOps on AWS
Introduction to DevOps on AWS
 
Integrating_Cloud_Development_Security_And_Operations.pdf
Integrating_Cloud_Development_Security_And_Operations.pdfIntegrating_Cloud_Development_Security_And_Operations.pdf
Integrating_Cloud_Development_Security_And_Operations.pdf
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxOnBoard
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsHyundai Motor Group
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhisoniya singh
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?XfilesPro
 

Recently uploaded (20)

Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptxVulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Maximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptxMaximizing Board Effectiveness 2024 Webinar.pptx
Maximizing Board Effectiveness 2024 Webinar.pptx
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter RoadsSnow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | DelhiFULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?How to Remove Document Management Hurdles with X-Docs?
How to Remove Document Management Hurdles with X-Docs?
 

AWS Inspector Findings: Automate Security with Lambda and SNS

  • 1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Eric Fitzgerald September 2016 Working with Amazon Inspector Findings
  • 2. Introduction Who’s talking? • Eric Fitzgerald • Principal Engineer on Inspector team What is Inspector? • A security-as-a-service offering in AWS • Inspector assesses your EC2 instances for configuration or operational vulnerabilities • This presentation assumes that you have basic familiarity with Inspector: https://www.youtube.com/watch?v=BksbSqA3j9U
  • 3. What is Inspector for? • Helping our customers with their part of the shared security model • Vulnerability analysis without having to deploy & manage scan infrastructure • Designed to work in DevOps environments • Highly composable – integrate Inspector however it makes sense to you • Works fine standalone as well • Agent based
  • 4. Inspector Concepts Target • What to assess • Tags that match against EC2 instances Rules Package • Set of rules (security checks) grouped by security goal • Security best practices, CIS, CVE, behavior monitoring Template • How to assess • Pick a target, pick one or more rules packages, pick a duration Run • An instance of a template – i.e. a “scan” • You can compare the results from run to run Finding • A potential security issue discovered by Inspector <-- This is what we’re going to talk about today In weekly scan starting 2016-09-08, Instance 1 was vulnerable to CVE-2016-5678
  • 5. What are Findings? • Findings are reports of potential security issues with the objects (assets) that you’re assessing with Inspector • Assessment metadata: createdAt, service, serviceAttributes • Security metadata: severity, confidence, IoC • Describes asset: assetType, assetAttributes • Describes issue: title, description, recommendation • Can store bits of user-provided state- tag-like name/value pairs ”user attributes” • But findings are more than that – they are a language for automation to talk about the security state of the things being protected • Findings are a core element of AWS security services
  • 6. { "failedItems": {}, "findings": [ { "assetType": "ec2-instance", "confidence": 10, "numericSeverity": 9.0, "description": "Unspecified vulnerability in Oracle Java SE 6u115, 7u101, and 8u92; Java SE Embedded 8u91; and JRockit R28.3.10 allows remote attackers to affect availability via vectors related to JAXP, a different vulnerability than CVE-2016-3500.", "service": "Inspector", "title": "Instance i-0044413a449b423e0 is vulnerable to CVE-2016-3508", "indicatorOfCompromise": false, "assetAttributes": { "ipv4Addresses": [], "agentId": "i-0044413a449b423e0" }, "userAttributes": [], "recommendation": "Use your Operating System's update feature to update package java-1.7.0-openjdk, java-1.7.0-openjdk-1:1.7.0.101- 2.6.6.1.67.amzn1. For more information see [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3508](https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2016-3508)", "updatedAt": 1474922252.15, "attributes": [ { "value": "java-1.7.0-openjdk, java-1.7.0-openjdk-1:1.7.0.101-2.6.6.1.67.amzn1", "key": "package_name" }, { "value": "CVE-2016-3508", "key": "CVE_ID" }, { "value": "i-0044413a449b423e0", "key": "INSTANCE_ID" } ], "serviceAttributes": { "assessmentRunArn": "arn:aws:inspector:us-west-2:904328719097:target/0-bRdCL0nH/template/0-E38vEeRS/run/0-v71aypKJ", "rulesPackageArn": "arn:aws:inspector:us-west-2:758058086616:rulespackage/0-9hgA516p" }, "createdAt": 1474922252.15, "severity": "High" } ] }
  • 7. Aren’t Findings Just Reports • No • Findings tell you only that Inspector found a potential security issue. • Findings are intended to be a low-effort low-overhead way to drive automation – think “event-driven security”. • Reports tell you what was assessed, what was tested for, pass/fail results for each test, etc.- much more comprehensive • We don’t have reports now but we have heard this request from customers. Stay tuned to the AWS blog…
  • 8. Demo: Examining Findings • Through the user interface • Through the CLI
  • 9. Automated Export of Findings • Remember composability? Inspector can send notifications to an SNS topic for various operations, including generation of a finding • The notification only contains the finding ARN, so if you want to pass the finding along as plain text, you have to do just a little bit of work – Lambda is good for this • If you want to forward findings as email (including to Jira ServiceDesk), then use Lambda to format the finding as an email and send it via SNS. https://aws.amazon.com/blogs/aws/scale-your- security-vulnerability-testing-with-amazon-inspector/ • If you have a third party tool like Slack that needs API integration, then use Lambda to format the finding and make the API call- there’s a blueprint for that.
  • 10. Demo – Finding Export with SNS & Lambda
  • 11. Automatic Remediation of Findings • We’ve heard feedback from customers about including remediation in Inspector. In the meantime… • Remember composability? Event-driven security? • You can use SNS to notify a Lambda function of new findings. Lambda can look at the kind of finding and take an action. • In this case, Lambda looks for CVE findings, and then uses EC2 SSM to tell the system to update itself. • We’re about to publish a blog on this, but here’s a sneak peek!
  • 12. Demo – Finding Remediation with Lambda and SSM
  • 13. Takeaways • Findings are a core element of AWS security services that identify potential security issues • They’re easy to build on… remember “Event-driven security” • SSM is a powerful way to take actions in response to findings • SNS & Lambda are the glue that connects findings to actions
  • 14. Helpful Resources Inspector documentation: https://aws.amazon.com/documentation/inspector Inspector forum: https://forums.aws.amazon.com/forum.jspa?forumID=205& start=0

Editor's Notes

  1. Who Work on internal-facing tools to keep AWS secure, and external-facing security services
  2. Shared security model: AWS is responsible for security OF the cloud Customer is responsible for security of their stuff IN the cloud Inspector aims to reduce customer burden - pay as you go, only for what you use, no infrastructure to deploy and maintain DevOps, aka “Continuous Integration/Continuous Deployment” (CI/CD) AWS uses this kind of process. Inspector was originally conceived for internal use and fits this model; kick of an assessment during your test phase and make test passage contingent on no findings that you care about It agent-based  We know you hate this but the alternative is give us a big pile of credentials.
  3. Target: in the future, more matching options- IP address, hostname, boolean operators, etc., and more object types
  4. Recommendation – ALL FINDINGS ARE ACTIONABLE Future – integrate once