Here are the slides from the advanced Techniques for securing web applications session delivered by Sundar Jayashekar at the perimeter protection event in Stockholm.
Simplify security with Trend Micro Managed Rules for AWS WAFAmazon Web Services
Here are the slides presented by René Gundersen at the perimeter protection event held in Stockholm on how to simplify security with Trend Micro Managed Rules for AWS WAF
AWS Security Week: Why Your Customers Care About ComplianceAmazon Web Services
AWS Security Week at the San Francisco Loft: Why Your Customers Care About Compliance...and You Should Too!
Presenter: Kristen Haught, AWS Security Assurance
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Amazon Web Services
In this session, you learn pragmatic steps to integrate security controls into DevOps processes in your AWS environment at scale. Cyber security expert and founder of Alert Logic Misha Govshteyn shares insights from high performing teams who are embracing the reality that an agile security program can enable faster and more secure workload deployments. Joining Misha is Joey Peloquin, Director of Cloud Security Operations at Citrix, who discusses Citrix’s DevOps experiences and how they manage their cyber security posture within the AWS Cloud.
Session sponsored by Alert Logic
by Zack Milem, Trend Micro
DevOps can be coded quickly in the cloud, but it still needs to be secured. In this session, we will discuss how an automated security infrastructure can be constructed. Building from the ground up with API driven security controls, a Security Fabric in AWS can be the foundation to deliver a fast and secure environment in the cloud.
You need a new approach to security for serverless applications. Classic approaches just don’t make sense, because tools and process can only take you so far. You need a fresh look at what security means in these environments. Serverless applications let you focus on solving the problem at hand. Gone are most of the worries of traditional solutions. No more support code. No more building out infrastructure to deliver your application. This means you have to do less and get more in return. Classic operations fall by the wayside and you can scale your team in unprecedented ways. But what does this mean for security? No matter the design pattern, you’re always responsible for your data, even if you’re not running the underlying infrastructure. How do you make sure your data is safe and secure if you can’t apply the usual set of security controls? In this session, we explore how serverless designs impact security. We look at how the right approach can modernize your security practice, streamline ops, and reduce your workload. This session introduces a step-by-step security process for serverless applications, using services like AWS WAF, IAM, Amazon CloudWatch, and others to build stronger applications.
Session sponsored by Trend Micro Incorporated
Simplify security with Trend Micro Managed Rules for AWS WAFAmazon Web Services
Here are the slides presented by René Gundersen at the perimeter protection event held in Stockholm on how to simplify security with Trend Micro Managed Rules for AWS WAF
AWS Security Week: Why Your Customers Care About ComplianceAmazon Web Services
AWS Security Week at the San Francisco Loft: Why Your Customers Care About Compliance...and You Should Too!
Presenter: Kristen Haught, AWS Security Assurance
Security and DevOps: Agility and Teamwork - SID315 - re:Invent 2017Amazon Web Services
In this session, you learn pragmatic steps to integrate security controls into DevOps processes in your AWS environment at scale. Cyber security expert and founder of Alert Logic Misha Govshteyn shares insights from high performing teams who are embracing the reality that an agile security program can enable faster and more secure workload deployments. Joining Misha is Joey Peloquin, Director of Cloud Security Operations at Citrix, who discusses Citrix’s DevOps experiences and how they manage their cyber security posture within the AWS Cloud.
Session sponsored by Alert Logic
by Zack Milem, Trend Micro
DevOps can be coded quickly in the cloud, but it still needs to be secured. In this session, we will discuss how an automated security infrastructure can be constructed. Building from the ground up with API driven security controls, a Security Fabric in AWS can be the foundation to deliver a fast and secure environment in the cloud.
You need a new approach to security for serverless applications. Classic approaches just don’t make sense, because tools and process can only take you so far. You need a fresh look at what security means in these environments. Serverless applications let you focus on solving the problem at hand. Gone are most of the worries of traditional solutions. No more support code. No more building out infrastructure to deliver your application. This means you have to do less and get more in return. Classic operations fall by the wayside and you can scale your team in unprecedented ways. But what does this mean for security? No matter the design pattern, you’re always responsible for your data, even if you’re not running the underlying infrastructure. How do you make sure your data is safe and secure if you can’t apply the usual set of security controls? In this session, we explore how serverless designs impact security. We look at how the right approach can modernize your security practice, streamline ops, and reduce your workload. This session introduces a step-by-step security process for serverless applications, using services like AWS WAF, IAM, Amazon CloudWatch, and others to build stronger applications.
Session sponsored by Trend Micro Incorporated
AWS Security Week: Humans & Data Don’t Mix - Best Practices to Secure Your CloudAmazon Web Services
AWS Security Week at the San Francisco Loft: Humans & Data Don’t Mix - Best Practices to Secure Your Cloud
Presenter: William Reid, CISM, FIP
Head of Security and Compliance Solution Architecture, AWS
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...Amazon Web Services
Notice: This Workshop requires a laptop computer and an active AWS account with Administrator privileges.
As attacks and attempts to exploit vulnerabilities in web applications become more sophisticated, having an effective web request filtering solution becomes key to keeping your users’ data safe. In this workshop, discover how the OWASP Top 10 list of application security risks can help you secure your web applications. Learn how to use AWS services, such as AWS WAF, to mitigate vulnerabilities. This session includes hands-on labs to help you build a solution. Key learning goals include understanding the breadth and complexity of vulnerabilities customers need to protect from, understanding the AWS tools and capabilities that can help mitigate vulnerabilities, and learning how to configure effective HTTP request filtering rules using AWS WAF.
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...Amazon Web Services
In this session you will learn how to align your AWS environment to industry standard best practices for security. This session covers AWS' prescriptive recommendations for securing cloud workloads, including the the Well-Architected Framework for Security. In addition, see how AWS Security Hub simplifies the task of measuring the security of your workloads.
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017Amazon Web Services
If left unmitigated, Distributed Denial of Service (DDoS) attacks have the potential to harm application availability or impair application performance. DDoS attacks can also act as a smoke screen for intrusion attempts or as a harbinger for attacks against non-cloud infrastructure. Accordingly, it's crucial that developers architect for DDoS resiliency and maintain robust operational capabilities that allow for rapid detection and engagement during high-severity events. In this session, you learn how to build a DDoS-resilient application and how to use services like AWS Shield and Amazon CloudWatch to defend against DDoS attacks and automate response to attacks in progress.
Using Access Advisor to Strike the Balance Between Security and Usability - S...Amazon Web Services
AWS provides a killer feature for security operations teams: Access Advisor. In this session, we discuss how Access Advisor shows the services to which an IAM policy grants access and provides a timestamp for the last time that the role authenticated against that service. At Netflix, we use this valuable data to automatically remove permissions that are no longer used. By continually removing excess permissions, we can achieve a balance of empowering developers and maintaining a best-practice, secure environment.
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017Amazon Web Services
Managed Rules for AWS WAF is a new feature that allows you to purchase Managed Rules from security sellers in the AWS Marketplace. Managed Rules are proactively updated by security sellers as new threats emerge and enable you to easily protect your web applications and APIs from a wide range of Internet threats.
NEW LAUNCH! Amazon Neptune Overview and Customer Use Cases - DAT319 - re:Inve...Amazon Web Services
In this session, we will provide an overview of Amazon Neptune, AWS’s newest database service. Amazon Neptune is a fast, reliable graph database that makes it easy to build applications over highly connected data. We will then explore how Siemens is building a knowledge using Amazon Neptune.
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...Amazon Web Services
Whether you are part of a large organization moving your applications to the cloud, or a new application owner just getting started, you always need a baseline security for your web applications. In addition, large organizations with common security requirements frequently need to standardize their security posture across many applications. With compliance initiatives, such as PCI, OFAC, and GDPR, there is a need to effectively manage this posture with minimal error. In this session, learn how to use services like AWS WAF, AWS Shield, and AWS Firewall Manager to deploy and manage rules and protections uniformly across many accounts and resources. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...Amazon Web Services
A surprising trend is starting to emerge among organizations who are progressing through the cloud maturity lifecycle: major improvements in revenue growth, customer satisfaction, and mission success are being directly attributed to improvements in security and compliance. At one time thought of as speed bumps in the path to deployment, security and compliance are now seen as critical ingredients that help organizations differentiate their offerings in the market, win more deals, and achieve mission-critical goals faster. This session explores how organizations like Jive Software and the National Geospatial Agency use the Evident Security Platform, AWS, and AWS Quick Starts to automate security and compliance processes in their organization to accomplish more, do it faster, and deliver better results.
Session sponsored by Evident.io
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
Across the AWS customer base there's a wide spectrum of experience levels. In this session, we'll dive deep into a number of advanced patterns that some of our most advanced customers are using to make themselves successful. By equipping you with these deep learnings, you'll be able to raise the bar within your organization, allowing you to achieve greater levels of control, speed, and visibility at a greatly accelerated pace.
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...Amazon Web Services
In this session, Verizon and Stelligent demonstrate techniques and approaches on how to validate your security infrastructure during the development process through Continuous Security, and keep it that way through AWS Lambda auto-remediation. Verizon and Stelligent present a hands-on demo of these techniques, and a deep dive into the code that enables these technologies.
Centrally Protect Your AWS Resources with Amazon GuardDuty - AWS Online Tech ...Amazon Web Services
Learning Objectives:
- Learn about the latest developments in AWS security
- Help you structure security controls across your organization
- Awareness of tools that will help you to secure your AWS environment
Do you have on-premises tape backups or expensive VTL hardware? Worried about moving cases of tapes off site? Not sure about the integrity of your data on tape? In this whiteboarding session, learn how to use AWS services, including AWS Storage Gateway, to replace existing traditional tape approaches to backup data.
AWS distinguished engineer Eric Brandwine speaks with hundreds of customers each year, and noticed one question coming up more than any other, "How does AWS operationalize its own security?" In this session, Eric details both strategic and tactical considerations, along with an insider's look at AWS tooling and processes.
Best practices for privileged access & secrets management in the cloud - DEM0...Amazon Web Services
In this session, you learn from real-world scenarios related to privileged access security in cloud environments. Experts from TOTVS and CyberArk provide insights from lessons learned while securing commercial SaaS applications, cloud infrastructure, and internal applications deployed in the cloud. Topics covered include privilege and cloud scenarios (e.g., human access models, support for automation, proactive controls, and programmatic deployment), as well as best practices and augmentation of existing security controls for privilege and secrets management on the AWS Cloud. We also cover limited use of root accounts, considerations for human administrator access in the cloud, and success with hybrid cloud environments.
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Amazon Web Services
What do you do when leadership embraces what was called "shadow IT" as the new path forward? How do you onboard new accounts while simultaneously pushing policy to secure all existing accounts? This session walks through Cisco’s journey consolidating over 700 existing accounts in the Cisco organization, while building and applying Cisco’s new cloud policies. Learn valuable tips and hear about mechanisms used to automate the process. Gain insight into how Cisco integrates AWS’s security and monitoring with Cisco’s enterprise tools, Cisco SSO integration and continuous security auditability on Cisco’s AWS account, and Cisco’s CI/CD pipelines with AWS to ensure secure development.
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...Amazon Web Services
According to Gartner, the IaaS market grew at a blistering 42.8% in 2017—twice as fast as SaaS. And with last year’s high-profile data exposures, the focus on bolstering IaaS security practices has increased. We’ve worked with AWS and hundreds of IaaS security professionals to develop a list of security practices specifically designed to protect AWS environments and the applications and data within them. In this session, you’ll discover: common yet preventable scenarios that can result in the loss of corporate data, security best practices for user and admin behavior monitoring, secure auditable configuration, Amazon S3 data loss and threat prevention, blueprints for how a solution-based approach (including bridging to your on-premises best practices) can provide IaaS visibility and control, step-by-step guidance on how to gain visibility across all workloads, protect against advanced threats, and discover insights into lateral threat movements, and recommendations for creating a successful DevOps workflow that integrates security.
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...Amazon Web Services
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security Services
In this session you will learn how to build a self-defending border to protect your Internet-facing applications. We will show you how you can automatically respond to the dynamic threats facing online assets by using our managed threat detection services combined with information from applications.
Shane Baldacchino, Solutions Architect, Amazon Web Services
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...Amazon Web Services
This is a practical demo-driven session where you will learn about the best practice to protect applications on AWS. We will give an overview of the threats on AWS, discuss why perimeter defense helps with these threats, and discuss some key techniques that use services such as Amazon CloudFront, Route 53, and WAF to protect your web applications. Lastly, you will learn about the best practices to protect different types of applications - Web/APIs, TCP-based, or Gaming.
AWS Security Week: Humans & Data Don’t Mix - Best Practices to Secure Your CloudAmazon Web Services
AWS Security Week at the San Francisco Loft: Humans & Data Don’t Mix - Best Practices to Secure Your Cloud
Presenter: William Reid, CISM, FIP
Head of Security and Compliance Solution Architecture, AWS
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...Amazon Web Services
Notice: This Workshop requires a laptop computer and an active AWS account with Administrator privileges.
As attacks and attempts to exploit vulnerabilities in web applications become more sophisticated, having an effective web request filtering solution becomes key to keeping your users’ data safe. In this workshop, discover how the OWASP Top 10 list of application security risks can help you secure your web applications. Learn how to use AWS services, such as AWS WAF, to mitigate vulnerabilities. This session includes hands-on labs to help you build a solution. Key learning goals include understanding the breadth and complexity of vulnerabilities customers need to protect from, understanding the AWS tools and capabilities that can help mitigate vulnerabilities, and learning how to configure effective HTTP request filtering rules using AWS WAF.
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...Amazon Web Services
In this session you will learn how to align your AWS environment to industry standard best practices for security. This session covers AWS' prescriptive recommendations for securing cloud workloads, including the the Well-Architected Framework for Security. In addition, see how AWS Security Hub simplifies the task of measuring the security of your workloads.
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017Amazon Web Services
If left unmitigated, Distributed Denial of Service (DDoS) attacks have the potential to harm application availability or impair application performance. DDoS attacks can also act as a smoke screen for intrusion attempts or as a harbinger for attacks against non-cloud infrastructure. Accordingly, it's crucial that developers architect for DDoS resiliency and maintain robust operational capabilities that allow for rapid detection and engagement during high-severity events. In this session, you learn how to build a DDoS-resilient application and how to use services like AWS Shield and Amazon CloudWatch to defend against DDoS attacks and automate response to attacks in progress.
Using Access Advisor to Strike the Balance Between Security and Usability - S...Amazon Web Services
AWS provides a killer feature for security operations teams: Access Advisor. In this session, we discuss how Access Advisor shows the services to which an IAM policy grants access and provides a timestamp for the last time that the role authenticated against that service. At Netflix, we use this valuable data to automatically remove permissions that are no longer used. By continually removing excess permissions, we can achieve a balance of empowering developers and maintaining a best-practice, secure environment.
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017Amazon Web Services
Managed Rules for AWS WAF is a new feature that allows you to purchase Managed Rules from security sellers in the AWS Marketplace. Managed Rules are proactively updated by security sellers as new threats emerge and enable you to easily protect your web applications and APIs from a wide range of Internet threats.
NEW LAUNCH! Amazon Neptune Overview and Customer Use Cases - DAT319 - re:Inve...Amazon Web Services
In this session, we will provide an overview of Amazon Neptune, AWS’s newest database service. Amazon Neptune is a fast, reliable graph database that makes it easy to build applications over highly connected data. We will then explore how Siemens is building a knowledge using Amazon Neptune.
Orchestrate Perimeter Security Across Distributed Applications (SEC326) - AWS...Amazon Web Services
Whether you are part of a large organization moving your applications to the cloud, or a new application owner just getting started, you always need a baseline security for your web applications. In addition, large organizations with common security requirements frequently need to standardize their security posture across many applications. With compliance initiatives, such as PCI, OFAC, and GDPR, there is a need to effectively manage this posture with minimal error. In this session, learn how to use services like AWS WAF, AWS Shield, and AWS Firewall Manager to deploy and manage rules and protections uniformly across many accounts and resources. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...Amazon Web Services
A surprising trend is starting to emerge among organizations who are progressing through the cloud maturity lifecycle: major improvements in revenue growth, customer satisfaction, and mission success are being directly attributed to improvements in security and compliance. At one time thought of as speed bumps in the path to deployment, security and compliance are now seen as critical ingredients that help organizations differentiate their offerings in the market, win more deals, and achieve mission-critical goals faster. This session explores how organizations like Jive Software and the National Geospatial Agency use the Evident Security Platform, AWS, and AWS Quick Starts to automate security and compliance processes in their organization to accomplish more, do it faster, and deliver better results.
Session sponsored by Evident.io
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
Across the AWS customer base there's a wide spectrum of experience levels. In this session, we'll dive deep into a number of advanced patterns that some of our most advanced customers are using to make themselves successful. By equipping you with these deep learnings, you'll be able to raise the bar within your organization, allowing you to achieve greater levels of control, speed, and visibility at a greatly accelerated pace.
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...Amazon Web Services
In this session, Verizon and Stelligent demonstrate techniques and approaches on how to validate your security infrastructure during the development process through Continuous Security, and keep it that way through AWS Lambda auto-remediation. Verizon and Stelligent present a hands-on demo of these techniques, and a deep dive into the code that enables these technologies.
Centrally Protect Your AWS Resources with Amazon GuardDuty - AWS Online Tech ...Amazon Web Services
Learning Objectives:
- Learn about the latest developments in AWS security
- Help you structure security controls across your organization
- Awareness of tools that will help you to secure your AWS environment
Do you have on-premises tape backups or expensive VTL hardware? Worried about moving cases of tapes off site? Not sure about the integrity of your data on tape? In this whiteboarding session, learn how to use AWS services, including AWS Storage Gateway, to replace existing traditional tape approaches to backup data.
AWS distinguished engineer Eric Brandwine speaks with hundreds of customers each year, and noticed one question coming up more than any other, "How does AWS operationalize its own security?" In this session, Eric details both strategic and tactical considerations, along with an insider's look at AWS tooling and processes.
Best practices for privileged access & secrets management in the cloud - DEM0...Amazon Web Services
In this session, you learn from real-world scenarios related to privileged access security in cloud environments. Experts from TOTVS and CyberArk provide insights from lessons learned while securing commercial SaaS applications, cloud infrastructure, and internal applications deployed in the cloud. Topics covered include privilege and cloud scenarios (e.g., human access models, support for automation, proactive controls, and programmatic deployment), as well as best practices and augmentation of existing security controls for privilege and secrets management on the AWS Cloud. We also cover limited use of root accounts, considerations for human administrator access in the cloud, and success with hybrid cloud environments.
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Amazon Web Services
What do you do when leadership embraces what was called "shadow IT" as the new path forward? How do you onboard new accounts while simultaneously pushing policy to secure all existing accounts? This session walks through Cisco’s journey consolidating over 700 existing accounts in the Cisco organization, while building and applying Cisco’s new cloud policies. Learn valuable tips and hear about mechanisms used to automate the process. Gain insight into how Cisco integrates AWS’s security and monitoring with Cisco’s enterprise tools, Cisco SSO integration and continuous security auditability on Cisco’s AWS account, and Cisco’s CI/CD pipelines with AWS to ensure secure development.
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...Amazon Web Services
According to Gartner, the IaaS market grew at a blistering 42.8% in 2017—twice as fast as SaaS. And with last year’s high-profile data exposures, the focus on bolstering IaaS security practices has increased. We’ve worked with AWS and hundreds of IaaS security professionals to develop a list of security practices specifically designed to protect AWS environments and the applications and data within them. In this session, you’ll discover: common yet preventable scenarios that can result in the loss of corporate data, security best practices for user and admin behavior monitoring, secure auditable configuration, Amazon S3 data loss and threat prevention, blueprints for how a solution-based approach (including bridging to your on-premises best practices) can provide IaaS visibility and control, step-by-step guidance on how to gain visibility across all workloads, protect against advanced threats, and discover insights into lateral threat movements, and recommendations for creating a successful DevOps workflow that integrates security.
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...Amazon Web Services
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security Services
In this session you will learn how to build a self-defending border to protect your Internet-facing applications. We will show you how you can automatically respond to the dynamic threats facing online assets by using our managed threat detection services combined with information from applications.
Shane Baldacchino, Solutions Architect, Amazon Web Services
Layered Perimeter Protection for Apps Running on AWS (CTD201-R1) - AWS re:Inv...Amazon Web Services
This is a practical demo-driven session where you will learn about the best practice to protect applications on AWS. We will give an overview of the threats on AWS, discuss why perimeter defense helps with these threats, and discuss some key techniques that use services such as Amazon CloudFront, Route 53, and WAF to protect your web applications. Lastly, you will learn about the best practices to protect different types of applications - Web/APIs, TCP-based, or Gaming.
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útokyVladimir Simek
DDoS a další webové útoky (XSS, SQL injection) vedené na vaši infrastrukturu mohou negativně ovlivnit dostupnost vašich aplikací, ohrozit jejich bezpečnost a zvyšovat vaše náklady. Jestli se zajímáte o ochranu webových aplikací, sledujte další díl našeho Česko-Slovenského AWS webináře a dozvíte se víc o doporučených postupech i tom, jak používat služby Amazon CloudFront, AWS WAF, AWS Firewall Manager a AWS Shield.
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Amazon Web Services
"In this workshop, you learn how to deploy AWS WAF in front of your application, how to set up AWS WAF full logging for compliance and monitoring purposes, and how to increase your security posture by creating custom rules using Amazon Elasticsearch Service with Kibana. You also learn how to protect your application against bad bots, web scrapers, and scanners by configuring bad and benign bot signatures and then automating your AWS WAF rules by parsing AWS WAF full logs using an AWS Lambda function.
All attendees need a laptop, an active AWS Account, an AWS IAM Administrator, and a familiarity with core AWS services."
Managed Rules for AWS WAF is a new feature that allows you to purchase Managed Rules from security sellers in the AWS Marketplace. Managed Rules are proactively updated by security sellers as new threats emerge and enable you to easily protect your web applications and APIs from a wide range of Internet threats.
Learning Objectives:
- Learn about requirements for AWS Firewall Manager, like AWS Organizations
- Learn how to keep new Web applications in compliance across the org from day one
- Learn how Firewall Manager supports your custom WAF rules as well as Managed Rules for AWS WAF
Lock it Down: How to Secure your AWS Account and your Organization's AccountsAmazon Web Services
The cloud enables users to run workloads in a more secure fashion than what typically can be done in a traditional data-center. However, customers are still not sure how to actually harden their AWS accounts and resources and make sure compliance is being enforced. When large customers have multiple accounts, ensuring consistency around governance can also be of concern. In this session, we will review how to use automation, tools, and techniques to harden and audit your AWS account and also how to leverage AWS Organizations to ensure compliance in your enterprise.
Security Framework Shakedown: Chart Your Journey with AWS Best PracticesAmazon Web Services
As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days.
In these slides, you’ll learn to use AWS tools to secure your environment and maintain a high bar in cloud security. We'll deep dive into the features of AWS CloudTrail, AWS Guard Duty, AWS Inspector, AWS WAF and Shield, and more. We'll also cover how to keep your credentials safe in the cloud using AWS Secrets Manager.
[NEW LAUNCH!] Introducing AWS App Mesh – service mesh on AWS (CON367) - AWS r...Amazon Web Services
AWS App Mesh is a service mesh that makes it easy to monitor and control communications for containerized microservices running on AWS. Join us to learn about how AWS can give you end-to-end visibility, and help manage traffic routing to ensure high availability for your services. We will cover the benefits of service mesh, capabilities provided by AWS App Mesh and how you can use AWS App Mesh with AWS, partner, and community tools.
Integrating network and API security into your application lifecycle - DEM07 ...Amazon Web Services
In this session, we discuss the contention between traditional network security practices and the agile development processes typically associated with cloud computing. We also introduce new approaches used by Fortinet customers that help cloud teams and security teams share a common language and secure their business more effectively—without introducing additional friction and operational overhead.
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...Amazon Web Services
Learning Objectives:
- Get an inside look into Managed Rules for AWS WAF
- Learn how to set up Managed Rules for AWS WAF and the best practices
- Learn about the security experts that offer Managed Rules for AWS WAF
AWS Security Week: Intro To Threat Detection & RemediationAmazon Web Services
AWS Security Week at the San Francisco Loft: Introduction to Threat Detection and Remediation on AWS
Presenter: Jeff Levine, Sr. Security Solutions Architect, AWS
Accelerate and secure your applications running on AWS - SVC208 - Santa Clara...Amazon Web Services
This is a practical, demo-driven session where you learn best practice for protecting applications on AWS. We provide an overview of the threats on AWS, discuss why perimeter defense helps with these threats, and discuss some key techniques that use services
Similar to Advanced Techniques for Securing Web Applications (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.