SlideShare a Scribd company logo

Automating Security Event Reponse

Amazon Web Services
Amazon Web Services

With security-relevant services such as AWS Config, VPC Flow Logs, Amazon CloudWatch Events, and AWS Lambda, you now have the ability to automatically respond to and process security events that may occur within your AWS environment. These including prevention, detection, response, and remediation. This session covers the process of automating security event response using various AWS building blocks, gaining confidence in your coverage by proactively testing security monitoring and response effectiveness before anyone else does.

Technology
1 of 40
Download to read offline
Automating Security Event Response Steve Turner, Solutions Architect
What to Expect from the Webinar • SecDevOps: What? • Services and features galore: What do I use? • Using relevant services Improve your quality of life
What’s the problem?
Meet Toby, Software developer Flexibility, Speed, Low cost, Reliability, .. .. .. Freedom to be creative ….throughout his professional career of 2 full years! Is a do-er Wants impact
Meet Joe, Mr. Security • Leading cloud adoption efforts • Part of central cloud security team • Manages other infrastructures • Deals with security escalations • Does not like being in critical path • Wants to work smart, but has to work hard Ultimately responsible for security
Security: A lot going on Security Policy Compliance regimes Report compliance Evangelize cloud within the org and outside Put out fires Investigate issues deeply
AWS Tools could help AWS Config Rules AWS CloudTrail AWS Trusted Advisor Amazon CloudWatch Events Amazon VPC Flow Logs AWS WAF AWS Identity & Access Management (IAM)
Security: A lot going on Security Policy Compliance regimes Report compliance Evangelize cloud within the org and outside Put fires out Investigate issues deeply Many Many services Many Many features
POLL Do you automate your security response today?
How do I sustain this?
Joe’s typical tasks 1. Create security policies 2. Assess compliance; help others check for compliance 3. Investigate and analyze relevant information; fix critical security issues quickly 4. Deal with escalations 5. Generate evidence and reports
Create Policies
Policies in code AWS Trusted Advisor Best Practice checks • Get 35+ checks with zero effort • Example: ELBs with missing security groups, S3 Bucket open access permissions, etc. • Create an administrator role in each account • Assume admin role to read check status using TA APIs • DescribeTrustedAdvisorCheckSummaries • DescribeTrustedAdvisorCheckResult Useful for broadly applicable policies with no specific exceptions
AWS Trusted Advisor demo
Policies in code AWS Config Rules Managed and Custom Rules Managed Rules • Pre-built, but need to turn on • Triggered periodically/on changes and apply to specific resources • Modify publishes source on GitHub to customize further Useful for resources with specific policies. Flexible.
AWS Config: Managed Rules demo
Policies in code Custom Rules • Write up your own rules. Ultimate flexibility • Publish your best practices on GitHub • Annotate results to add policy details or tickets
AWS Config: Custom Rules demo
Codify recommendations Also see: https://github.com/awslabs/aws-config-rules
Create Policies in code
Assess Compliance
Assess compliance • Audit assessment is a spot check • Policies in code à Continuous assessments • Self service governance • Prioritize assessments • Find an owner for the result
Options for assessing compliance AWS Config Rules to assess and report configuration compliance • Annotate results with resource owner • Custom Rules integrate with ticketing
AWS Config + Inventory Amazon EC2 Systems Manager and AWS Config will capture • Software Inventory in Amazon EC2 instance • Firewall rules • Patch level • Application version Assess compliance using AWS Config Rules
Inventory Assessment
Create Policies in code Assessment and Governance
Fix violations quickly
Using AWS Config Rules and Amazon CloudWatch Events Use Amazon CloudWatch Events and AWS Lambda triggers to fix things Custom AWS Config Rules for remediation in AWS. Lambda Enable traceability and logging for audit
AWS CloudTrail Data Events for S3 Act on API activity immediately in Amazon CloudWatch Events • Data Events for Amazon Simple Storage Service (S3) • Trigger rules that “fix” the problem • Trace invocations and actions in Amazon CloudWatch Logs
Enforcing Amazon S3 bucket-level security polices
POLL How are you automating your security on AWS today?
Create Policies in code Assessment and Governance Fix Violations
Deal with Escalations
Security Escalations • Logs, activity data is critical • Use automation to increase surveillance on suspicious activity (e.g. AWS CloudTrail is turned off) • Timely response could be to quarantine • SOP should be in code!
Create Policies in code Assessment and Governance Fix Violations Deal with Escalations
Generating Evidence
Reports • Weekly AWS Trusted Advisor reports • Archived AWS CloudTrail activity in Amazon S3 (never delete) • AWS CloudTrail Lookup for 1 week, AWS CloudWatch Logs for longer term lookup • AWS Config Snapshot for broad, point-in-time views • AWS Config GetResourceConfigHistory >get-resource-config-history --resource-type <value> --resource-id <value> [--later-time <value>] [--earlier-time <value>]
POLL When did you last run an AWS Trusted Advisor report?
Create Policies in code Assessment and Governance Fix Violations Deal with Escalations Evidence for Audit
Thank you!

Recommended

ENT401 Deep Dive with Amazon EC2 Systems Manager
ENT401 Deep Dive with Amazon EC2 Systems ManagerENT401 Deep Dive with Amazon EC2 Systems Manager
ENT401 Deep Dive with Amazon EC2 Systems Manager
Amazon Web Services
 
WKS401 Deploy a Deep Learning Framework on Amazon ECS and EC2 Spot Instances
WKS401 Deploy a Deep Learning Framework on Amazon ECS and EC2 Spot InstancesWKS401 Deploy a Deep Learning Framework on Amazon ECS and EC2 Spot Instances
WKS401 Deploy a Deep Learning Framework on Amazon ECS and EC2 Spot Instances
Amazon Web Services
 
ENT312 NEW LAUNCH! Better Software Procurement and Management Using AWS Marke...
ENT312 NEW LAUNCH! Better Software Procurement and Management Using AWS Marke...ENT312 NEW LAUNCH! Better Software Procurement and Management Using AWS Marke...
ENT312 NEW LAUNCH! Better Software Procurement and Management Using AWS Marke...
Amazon Web Services
 
ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management Tools ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management Tools
Amazon Web Services
 
AWS APAC Webinar Week - Training & Certification Masterclass
AWS APAC Webinar Week - Training & Certification MasterclassAWS APAC Webinar Week - Training & Certification Masterclass
AWS APAC Webinar Week - Training & Certification Masterclass
Amazon Web Services
 
Deep Dive on Amazon Elastic File System - June 2017 AWS Online Tech Talks
Deep Dive on Amazon Elastic File System - June 2017 AWS Online Tech TalksDeep Dive on Amazon Elastic File System - June 2017 AWS Online Tech Talks
Deep Dive on Amazon Elastic File System - June 2017 AWS Online Tech Talks
Amazon Web Services
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Amazon Web Services
 
Hands On Lab: Introduction to Microsoft SQL Server in AWS - May 2017 AWS Onli...
Hands On Lab: Introduction to Microsoft SQL Server in AWS - May 2017 AWS Onli...Hands On Lab: Introduction to Microsoft SQL Server in AWS - May 2017 AWS Onli...
Hands On Lab: Introduction to Microsoft SQL Server in AWS - May 2017 AWS Onli...
Amazon Web Services
 

Recommended

ENT401 Deep Dive with Amazon EC2 Systems Manager
ENT401 Deep Dive with Amazon EC2 Systems ManagerENT401 Deep Dive with Amazon EC2 Systems Manager
ENT401 Deep Dive with Amazon EC2 Systems Manager
Amazon Web Services
 
WKS401 Deploy a Deep Learning Framework on Amazon ECS and EC2 Spot Instances
WKS401 Deploy a Deep Learning Framework on Amazon ECS and EC2 Spot InstancesWKS401 Deploy a Deep Learning Framework on Amazon ECS and EC2 Spot Instances
WKS401 Deploy a Deep Learning Framework on Amazon ECS and EC2 Spot Instances
Amazon Web Services
 
ENT312 NEW LAUNCH! Better Software Procurement and Management Using AWS Marke...
ENT312 NEW LAUNCH! Better Software Procurement and Management Using AWS Marke...ENT312 NEW LAUNCH! Better Software Procurement and Management Using AWS Marke...
ENT312 NEW LAUNCH! Better Software Procurement and Management Using AWS Marke...
Amazon Web Services
 
ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management Tools ENT302 Deep Dive on AWS Management Tools
ENT302 Deep Dive on AWS Management Tools
Amazon Web Services
 
AWS APAC Webinar Week - Training & Certification Masterclass
AWS APAC Webinar Week - Training & Certification MasterclassAWS APAC Webinar Week - Training & Certification Masterclass
AWS APAC Webinar Week - Training & Certification Masterclass
Amazon Web Services
 
Deep Dive on Amazon Elastic File System - June 2017 AWS Online Tech Talks
Deep Dive on Amazon Elastic File System - June 2017 AWS Online Tech TalksDeep Dive on Amazon Elastic File System - June 2017 AWS Online Tech Talks
Deep Dive on Amazon Elastic File System - June 2017 AWS Online Tech Talks
Amazon Web Services
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Amazon Web Services
 
Hands On Lab: Introduction to Microsoft SQL Server in AWS - May 2017 AWS Onli...
Hands On Lab: Introduction to Microsoft SQL Server in AWS - May 2017 AWS Onli...Hands On Lab: Introduction to Microsoft SQL Server in AWS - May 2017 AWS Onli...
Hands On Lab: Introduction to Microsoft SQL Server in AWS - May 2017 AWS Onli...
Amazon Web Services
 
Keeping Developers and Auditors Happy in the Cloud
Keeping Developers and Auditors Happy in the Cloud Keeping Developers and Auditors Happy in the Cloud
Keeping Developers and Auditors Happy in the Cloud
Amazon Web Services
 
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
Amazon Web Services
 
AWS Services Overview and Quarterly Update - April 2017 AWS Online Tech Talks
AWS Services Overview and Quarterly Update - April 2017 AWS Online Tech TalksAWS Services Overview and Quarterly Update - April 2017 AWS Online Tech Talks
AWS Services Overview and Quarterly Update - April 2017 AWS Online Tech Talks
Amazon Web Services
 
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
Amazon Web Services
 
Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...
Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...
Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...
Amazon Web Services
 
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
Amazon Web Services
 
Automated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAutomated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWS
Amazon Web Services
 
Get Started & Migrate Your Data to AWS (English Session)
Get Started & Migrate Your Data to AWS (English Session)Get Started & Migrate Your Data to AWS (English Session)
Get Started & Migrate Your Data to AWS (English Session)
Amazon Web Services
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
Amazon Web Services
 
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
Amazon Web Services
 
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornWKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
Amazon Web Services
 
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
Amazon Web Services
 
The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017
Amazon Web Services
 
How HHS agencies are running Mission Critical Systems in the Cloud
How HHS agencies are running Mission Critical Systems in the CloudHow HHS agencies are running Mission Critical Systems in the Cloud
How HHS agencies are running Mission Critical Systems in the Cloud
Amazon Web Services
 
Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...
Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...
Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...
Amazon Web Services
 
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
Amazon Web Services
 
Hands on Lab: Windows Workloads - AWS Online Tech Talks
Hands on Lab: Windows Workloads - AWS Online Tech TalksHands on Lab: Windows Workloads - AWS Online Tech Talks
Hands on Lab: Windows Workloads - AWS Online Tech Talks
Amazon Web Services
 
Adopting DevOps at Scale on AWS with VirtusaPolaris
Adopting DevOps at Scale on AWS with VirtusaPolarisAdopting DevOps at Scale on AWS with VirtusaPolaris
Adopting DevOps at Scale on AWS with VirtusaPolaris
Amazon Web Services
 
ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...
ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...
ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...
Amazon Web Services
 
ENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New LaunchesENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New Launches
Amazon Web Services
 
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Amazon Web Services
 
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
Amazon Web Services
 

More Related Content

What's hot

ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
Amazon Web Services
 
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
Amazon Web Services
 
Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...
Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...
Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...
Amazon Web Services
 
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
Amazon Web Services
 
Automated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAutomated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWS
Amazon Web Services
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
Amazon Web Services
 
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
Amazon Web Services
 
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornWKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
Amazon Web Services
 
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
Amazon Web Services
 
Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...
Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...
Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...
Amazon Web Services
 
Adopting DevOps at Scale on AWS with VirtusaPolaris
Adopting DevOps at Scale on AWS with VirtusaPolarisAdopting DevOps at Scale on AWS with VirtusaPolaris
Adopting DevOps at Scale on AWS with VirtusaPolaris
Amazon Web Services
 
ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...
ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...
ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...
Amazon Web Services
 
ENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New LaunchesENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New Launches
Amazon Web Services
 

What's hot (20)

Keeping Developers and Auditors Happy in the Cloud
Keeping Developers and Auditors Happy in the Cloud Keeping Developers and Auditors Happy in the Cloud
Keeping Developers and Auditors Happy in the Cloud
 
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
ENT311 Maximize Scale and Agility: Automatically Leveraging Best Practices an...
 
AWS Services Overview and Quarterly Update - April 2017 AWS Online Tech Talks
AWS Services Overview and Quarterly Update - April 2017 AWS Online Tech TalksAWS Services Overview and Quarterly Update - April 2017 AWS Online Tech Talks
AWS Services Overview and Quarterly Update - April 2017 AWS Online Tech Talks
 
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...
 
Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...
Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...
Migrate from Oracle to Amazon Aurora using AWS Schema Conversion Tool & AWS D...
 
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
 
Automated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWSAutomated DevOps Workflows with Chef on AWS
Automated DevOps Workflows with Chef on AWS
 
Get Started & Migrate Your Data to AWS (English Session)
Get Started & Migrate Your Data to AWS (English Session)Get Started & Migrate Your Data to AWS (English Session)
Get Started & Migrate Your Data to AWS (English Session)
 
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOpsAutomating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
 
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
How to Manage Inventory, Patching, and System Images for Your Hybrid Cloud wi...
 
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New UnicornWKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
WKS407 Wild Rydes Takes Off – The Dawn of a New Unicorn
 
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
AWS January 2016 Webinar Series - Cloud Data Migration: 6 Strategies for Gett...
 
The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017The State of Serverless Computing | AWS Public Sector Summit 2017
The State of Serverless Computing | AWS Public Sector Summit 2017
 
How HHS agencies are running Mission Critical Systems in the Cloud
How HHS agencies are running Mission Critical Systems in the CloudHow HHS agencies are running Mission Critical Systems in the Cloud
How HHS agencies are running Mission Critical Systems in the Cloud
 
Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...
Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...
Deep Dive: Continuous Delivery for AI Applications with ECS - May 2017 AWS On...
 
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
ENT201 A Tale of Two Pizzas: Accelerating Software Delivery with AWS Develope...
 
Hands on Lab: Windows Workloads - AWS Online Tech Talks
Hands on Lab: Windows Workloads - AWS Online Tech TalksHands on Lab: Windows Workloads - AWS Online Tech Talks
Hands on Lab: Windows Workloads - AWS Online Tech Talks
 
Adopting DevOps at Scale on AWS with VirtusaPolaris
Adopting DevOps at Scale on AWS with VirtusaPolarisAdopting DevOps at Scale on AWS with VirtusaPolaris
Adopting DevOps at Scale on AWS with VirtusaPolaris
 
ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...
ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...
ENT202 Creating Your Virtual Data Center: VPC Fundamentals and Connectivity O...
 
ENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New LaunchesENT302 Deep Dive on AWS Management Tools and New Launches
ENT302 Deep Dive on AWS Management Tools and New Launches
 

Similar to Automating Security Event Reponse

Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Amazon Web Services
 
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
Amazon Web Services
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Amazon Web Services
 
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Amazon Web Services
 

Similar to Automating Security Event Reponse (20)

Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...Scaling Security Operations and Automating Governance: Which AWS Services Sho...
Scaling Security Operations and Automating Governance: Which AWS Services Sho...
 
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
AWS re:Invent 2016: Automated Governance of Your AWS Resources (DEV302)
 
Automated Governance of Your AWS Resources
Automated Governance of Your AWS ResourcesAutomated Governance of Your AWS Resources
Automated Governance of Your AWS Resources
 
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...
 
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...
 
Improving Security Agility using DevSecOps
Improving Security Agility using DevSecOpsImproving Security Agility using DevSecOps
Improving Security Agility using DevSecOps
 
Automated Security & Continuous Compliance on Microsoft Azure
Automated Security & Continuous Compliance on Microsoft AzureAutomated Security & Continuous Compliance on Microsoft Azure
Automated Security & Continuous Compliance on Microsoft Azure
 
(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector(SEC324) NEW! Introducing Amazon Inspector
(SEC324) NEW! Introducing Amazon Inspector
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About Security
 
Governance at Scale
Governance at Scale Governance at Scale
Governance at Scale
 
An Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - WebinarAn Introduction to the AWS Well Architected Framework - Webinar
An Introduction to the AWS Well Architected Framework - Webinar
 
Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...
Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...
Using AWS CloudTrail and AWS Config to Enhance Governance and Compliance of A...
 
Raleigh DevDay 2017: Deep Dive on AWS Management Tools
Raleigh DevDay 2017: Deep Dive on AWS Management ToolsRaleigh DevDay 2017: Deep Dive on AWS Management Tools
Raleigh DevDay 2017: Deep Dive on AWS Management Tools
 
Raleigh DevDay 2017: Are you well architected learn best practices to build r...
Raleigh DevDay 2017: Are you well architected learn best practices to build r...Raleigh DevDay 2017: Are you well architected learn best practices to build r...
Raleigh DevDay 2017: Are you well architected learn best practices to build r...
 
Accelerating your Business with Security
Accelerating your Business with SecurityAccelerating your Business with Security
Accelerating your Business with Security
 
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
Integrating Security into DevOps and CI / CD Environments - Pop-up Loft TLV 2017
 
Accelerating YourBusiness with Security
Accelerating YourBusiness with SecurityAccelerating YourBusiness with Security
Accelerating YourBusiness with Security
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?
 
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
Governance @ Scale: Compliance Automation in AWS | AWS Public Sector Summit 2017
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Amazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
Bhaskar Mitra
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Peter Udo Diehl
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
David Michel
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
Expeed Software
 

Recently uploaded (20)

Search and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical FuturesSearch and Society: Reimagining Information Access for Radical Futures
Search and Society: Reimagining Information Access for Radical Futures
 
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo DiehlFuture Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
Future Visions: Predictions to Guide and Time Tech Innovation, Peter Udo Diehl
 
Demystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John StaveleyDemystifying gRPC in .Net by John Staveley
Demystifying gRPC in .Net by John Staveley
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Key Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdfKey Trends Shaping the Future of Infrastructure.pdf
Key Trends Shaping the Future of Infrastructure.pdf
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptxIOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
IOS-PENTESTING-BEGINNERS-PRACTICAL-GUIDE-.pptx
 
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptxUnpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
Unpacking Value Delivery - Agile Oxford Meetup - May 2024.pptx
 
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
In-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT ProfessionalsIn-Depth Performance Testing Guide for IT Professionals
In-Depth Performance Testing Guide for IT Professionals
 
"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi"Impact of front-end architecture on development cost", Viktor Turskyi
"Impact of front-end architecture on development cost", Viktor Turskyi
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
Exploring UiPath Orchestrator API: updates and limits in 2024 🚀
 
UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2UiPath Test Automation using UiPath Test Suite series, part 2
UiPath Test Automation using UiPath Test Suite series, part 2
 

Automating Security Event Reponse

  • 1. Automating Security Event Response Steve Turner, Solutions Architect
  • 2. What to Expect from the Webinar • SecDevOps: What? • Services and features galore: What do I use? • Using relevant services Improve your quality of life
  • 4. Meet Toby, Software developer Flexibility, Speed, Low cost, Reliability, .. .. .. Freedom to be creative ….throughout his professional career of 2 full years! Is a do-er Wants impact
  • 5. Meet Joe, Mr. Security • Leading cloud adoption efforts • Part of central cloud security team • Manages other infrastructures • Deals with security escalations • Does not like being in critical path • Wants to work smart, but has to work hard Ultimately responsible for security
  • 6. Security: A lot going on Security Policy Compliance regimes Report compliance Evangelize cloud within the org and outside Put out fires Investigate issues deeply
  • 7. AWS Tools could help AWS Config Rules AWS CloudTrail AWS Trusted Advisor Amazon CloudWatch Events Amazon VPC Flow Logs AWS WAF AWS Identity & Access Management (IAM)
  • 8. Security: A lot going on Security Policy Compliance regimes Report compliance Evangelize cloud within the org and outside Put fires out Investigate issues deeply Many Many services Many Many features
  • 9. POLL Do you automate your security response today?
  • 10. How do I sustain this?
  • 11. Joe’s typical tasks 1. Create security policies 2. Assess compliance; help others check for compliance 3. Investigate and analyze relevant information; fix critical security issues quickly 4. Deal with escalations 5. Generate evidence and reports
  • 13. Policies in code AWS Trusted Advisor Best Practice checks • Get 35+ checks with zero effort • Example: ELBs with missing security groups, S3 Bucket open access permissions, etc. • Create an administrator role in each account • Assume admin role to read check status using TA APIs • DescribeTrustedAdvisorCheckSummaries • DescribeTrustedAdvisorCheckResult Useful for broadly applicable policies with no specific exceptions
  • 15. Policies in code AWS Config Rules Managed and Custom Rules Managed Rules • Pre-built, but need to turn on • Triggered periodically/on changes and apply to specific resources • Modify publishes source on GitHub to customize further Useful for resources with specific policies. Flexible.
  • 16. AWS Config: Managed Rules demo
  • 17. Policies in code Custom Rules • Write up your own rules. Ultimate flexibility • Publish your best practices on GitHub • Annotate results to add policy details or tickets
  • 18. AWS Config: Custom Rules demo
  • 22. Assess compliance • Audit assessment is a spot check • Policies in code à Continuous assessments • Self service governance • Prioritize assessments • Find an owner for the result
  • 23. Options for assessing compliance AWS Config Rules to assess and report configuration compliance • Annotate results with resource owner • Custom Rules integrate with ticketing
  • 24. AWS Config + Inventory Amazon EC2 Systems Manager and AWS Config will capture • Software Inventory in Amazon EC2 instance • Firewall rules • Patch level • Application version Assess compliance using AWS Config Rules
  • 26. Create Policies in code Assessment and Governance
  • 28. Using AWS Config Rules and Amazon CloudWatch Events Use Amazon CloudWatch Events and AWS Lambda triggers to fix things Custom AWS Config Rules for remediation in AWS. Lambda Enable traceability and logging for audit
  • 29. AWS CloudTrail Data Events for S3 Act on API activity immediately in Amazon CloudWatch Events • Data Events for Amazon Simple Storage Service (S3) • Trigger rules that “fix” the problem • Trace invocations and actions in Amazon CloudWatch Logs
  • 30. Enforcing Amazon S3 bucket-level security polices
  • 31. POLL How are you automating your security on AWS today?
  • 32. Create Policies in code Assessment and Governance Fix Violations
  • 34. Security Escalations • Logs, activity data is critical • Use automation to increase surveillance on suspicious activity (e.g. AWS CloudTrail is turned off) • Timely response could be to quarantine • SOP should be in code!
  • 35. Create Policies in code Assessment and Governance Fix Violations Deal with Escalations
  • 37. Reports • Weekly AWS Trusted Advisor reports • Archived AWS CloudTrail activity in Amazon S3 (never delete) • AWS CloudTrail Lookup for 1 week, AWS CloudWatch Logs for longer term lookup • AWS Config Snapshot for broad, point-in-time views • AWS Config GetResourceConfigHistory >get-resource-config-history --resource-type <value> --resource-id <value> [--later-time <value>] [--earlier-time <value>]
  • 38. POLL When did you last run an AWS Trusted Advisor report?
  • 39. Create Policies in code Assessment and Governance Fix Violations Deal with Escalations Evidence for Audit