AWS Secrets Manager enables customers to securely store and centrally manage secrets like database credentials and API keys. It integrates with services like RDS to allow automated and safe rotation of secrets without breaking applications. Secrets Manager provides fine-grained access control and auditing of secrets through encryption and permissions. Developers can retrieve secrets from applications using SDKs and APIs.
CFP - AWS Community Day 2019
CFP - AWS Community Day 2019
100%
10
One of the best practices in Cloud solutions is reliability and consistency is using credentials and this session explains on how to Implement this practice using AWS Secrets Manager
Screen reader support enabled.
One of the best practices in Cloud solutions is reliability and consistency is using credentials and this session explains on how to Implement this practice using AWS Secrets Manager
This talk was presented at AWS Community Day Bengaluru 2019 by Vijayanirmala, Devops Solution lead, Sonata software limited
Keep It Secret, Keep It Safe Credentials and Secrets Management on AWS - AWS ...Amazon Web Services
Are you hard coding credentials in your software? Do you have passwords you need to centrally manage, while maintaining access control? In this session you will learn the best ways of using the AWS platform to build applications with zero knowledge of the credentials that are used. AWS and Xero will talk about the various methods AWS gives you to ensure you can handle secret values with confidence using automation in a multi-account environment. From IAM Roles, to bearer tokens and automatically rotated secrets, we will walk through a real life application and show how easy it is to keep your secrets safe.
by Dave Dave McDermitt, Advisor – Global Security / Risk / Compliance, AWS Professional Services
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
For customers with hundreds or thousands of secrets, like database credentials and API keys, manually rotating and managing access to those secrets can be complex and cause application disruptions. AWS Secrets Manager protects access to your IT resources by enabling you to easily and centrally rotate and manage access to secrets. In this session, we explore the benefits and key features of Secrets Manager. We demonstrate how to safely rotate secrets, manage access to secrets with fine-grained access policies, and centrally secure and audit your secrets.
AWS Secrets Manager: Best Practices for Managing, Retrieving, and Rotating Se...Amazon Web Services
In this session, learn how to use AWS Secrets Manager to simplify secrets management and empower your developers to move quickly while raising the security bar in your organization. Also, learn how you can use these changes to more easily meet your compliance requirements. Finally, learn how the service enables you to control access to secrets using fine-grained permissions and centrally audit secret rotation for resources in the AWS Cloud, third-party services, and on-premises.
As organisations’ cloud environments continue to scale and grow, how do you ensure that access to resources are being managed securely? How do you scope permissions to achieve least-privilege access control across your AWS environment? This webinar answers these questions, delving into the AWS Identity and Access Management (IAM) web service and looking at how it can help you securely control access to AWS resources.
CFP - AWS Community Day 2019
CFP - AWS Community Day 2019
100%
10
One of the best practices in Cloud solutions is reliability and consistency is using credentials and this session explains on how to Implement this practice using AWS Secrets Manager
Screen reader support enabled.
One of the best practices in Cloud solutions is reliability and consistency is using credentials and this session explains on how to Implement this practice using AWS Secrets Manager
This talk was presented at AWS Community Day Bengaluru 2019 by Vijayanirmala, Devops Solution lead, Sonata software limited
Keep It Secret, Keep It Safe Credentials and Secrets Management on AWS - AWS ...Amazon Web Services
Are you hard coding credentials in your software? Do you have passwords you need to centrally manage, while maintaining access control? In this session you will learn the best ways of using the AWS platform to build applications with zero knowledge of the credentials that are used. AWS and Xero will talk about the various methods AWS gives you to ensure you can handle secret values with confidence using automation in a multi-account environment. From IAM Roles, to bearer tokens and automatically rotated secrets, we will walk through a real life application and show how easy it is to keep your secrets safe.
by Dave Dave McDermitt, Advisor – Global Security / Risk / Compliance, AWS Professional Services
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
For customers with hundreds or thousands of secrets, like database credentials and API keys, manually rotating and managing access to those secrets can be complex and cause application disruptions. AWS Secrets Manager protects access to your IT resources by enabling you to easily and centrally rotate and manage access to secrets. In this session, we explore the benefits and key features of Secrets Manager. We demonstrate how to safely rotate secrets, manage access to secrets with fine-grained access policies, and centrally secure and audit your secrets.
AWS Secrets Manager: Best Practices for Managing, Retrieving, and Rotating Se...Amazon Web Services
In this session, learn how to use AWS Secrets Manager to simplify secrets management and empower your developers to move quickly while raising the security bar in your organization. Also, learn how you can use these changes to more easily meet your compliance requirements. Finally, learn how the service enables you to control access to secrets using fine-grained permissions and centrally audit secret rotation for resources in the AWS Cloud, third-party services, and on-premises.
As organisations’ cloud environments continue to scale and grow, how do you ensure that access to resources are being managed securely? How do you scope permissions to achieve least-privilege access control across your AWS environment? This webinar answers these questions, delving into the AWS Identity and Access Management (IAM) web service and looking at how it can help you securely control access to AWS resources.
How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...Amazon Web Services
The session will focus on the newly-launched security tool Hammer, which Dow Jones developed after identifying a security vulnerability internally. Users will learn more about Hammer and how it solves certain security configuration issues in the AWS cloud. The team behind the development of Hammer will showcase real-world examples of the tool identifying, analyzing and remediating issues, all as part of Dow Jones' commitment to helping everyone in the community as they make the jump to the cloud.
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Insider Threat detection! Working on active systems! How can you find a threat in a current, and realistic production environment. Just like yours. Different ways to find signals in the noise. Bring your questions and logs to discuss.
by Michael St. Onge, Global Cloud Security Architect, AWS
Events are precursor to incidents, but how do you decide if an event is harmful? Tuning the signal to noise means that every event needs to be inspected and its impact calculated in as short amount of time as possible to stop bad things from happening. In this session, we will dive deep into a few event types to do advanced analysis in pursuit of deciding if it is a security incident, and how to resolve it by the time the alert hits your inbox.
by Nathan Case, Sr. Consultant, AWS
Insider threat detection! How do we use AWS products to find an insider threat. We will cover Macie, GuardDuty and lambda to review a production account actions and remediate findings as they arise . We will also cover the utilization of CloudWatch to unify our finds into a single pane of glass. Level 400
by Cameron Worrell, Sr. Solutions Architect, AWS
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
by Greg McConnel, Sr. Security Solutions Architect, AWS
This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.
Identity and access management (IAM) is the security discipline that enables the right individuals to access the right resources at the right times for the right reasons. IAM enables you to securely control access to your application or product services and resources for your users.
Why cloud hacks will keep happening? Unless you learn AWS IAM - you run the risk of running AWS resources insecurely!
You can learn Learn How To Avoid Any Costly Security Breaches Which Can Affect Your Business In As Little As In 3 Hours Or Less" in this course Aws IAM the-cloud-engineer-secure-cloud-handbook "90% OFF" here - http://rite.ly/wTKL
About
Website: https://courses.tetranoodle.com/
Facebook: https://www.facebook.com/tetranoodletech
Twitter: https://twitter.com/TETRANOODLE
Linkedin: https://www.linkedin.com/company/tetranoodle/
YouTube: https://www.youtube.com/channel/UCAiIK20nDamhq70NMnLG8wA
Instagram: https://www.instagram.com/tetranoodle/
Udemy: https://www.udemy.com/user/manujaggarwal
Easily transform compliance to code using AWS Config, Config Rules, and the R...Amazon Web Services
Enterprises find that they have specific requirements imposed by their business, internal policies, or their particular auditors. As an organisation's cloud environments continue to scale and grow, how do you ensure that the number of growing resources are adhering to your security standards and compliance requirements? In this webinar, we'll learn about how to use cloud native services such as AWS config and custom config rules, to automate audits in a rapidly changing environment and ensure we achieve continuous detection of existing and newly launched AWS resources along with their levels of compliance to enterprise security requirements.
Security policies and standards can be difficult to decipher by developers or the business. Using a behaviour driven development approach, we can define our security requirements to scenario based tests in Gherkin, making it easy for developers and the business to understand the requirement. Security Operations teams or developers can then build scenario based tests as well as develop the associated lambda function for their custom Config Rule. The Rules Development Kit (RDK) for Config Rules is an open-source command-line utility designed to help you shorten the development time of custom Config Rules by up to 5 times. In this session, we'll cover how to use the RDK to write unit tests and build the lambda functions for the custom Config Rule in python, and ensure it behaves as per our requirements defined in Gherkin.
What to expect:
Learn AWS Config and Config Rules Concepts
Understand best practice and concepts on behaviour driven development for config rules
Learn to develop lambda functions for config rules in python using the Rules Development Kit (RDK)
Discover how to securely set up your environment for deployments
Voice of the Customer: Moving to a secure house in the cloud with cutting-edg...Amazon Web Services
This presentation will focus on security architecture, visibility, detection and response capabilities within AWS. As more and more organizations expand their infrastructure to AWS, selecting solutions/services to maintain visibility and control of sensitive assets is crucial to a successful migration. This highlights that all applicable security and compliance requirements can be met while maintaining flexibility in today’s cloud first world.
AWS Windsor User Group - June 7th 2018 - Amazon Web Services IAMBrandon Wells
Hi Everyone!
Here's the slide presentation from our last meeting (07/06/2018).
We did a 101 level overview of AWS Identity and Access Management. The goal was to enable you to create more secure AWS environments & architectures and provide you with IAM best practices.
This session will review how to secure your enterprise adoption of AWS at scale. At AWS security is job zero and at the heart of everything we build. This session will review the patterns of usage for AWS Identity and Access Management, AWS Key Management Service, AWS CloudTrail, AWS Config, Amazon GuardDuty AWS Systems Manager Parameter Store, Amazon EC2 Run Command, AWS Single Sign-On, AWS WAF, AWS Shield, and AWS Service Catalog to an create end-to-end security approach for your AWS cloud adoption. You will gain insight how these AWS services come together to increase your security posture in ways that are unique to AWS workloads.
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...Amazon Web Services
As a leader in its industry, Legendary Entertainment is transforming into a digital business with an aggressive strategy for cloud adoption. In this session, hear from Legendary CISO Dan Meacham and McAfee VP of Cloud Engineering Slawomir Ligier as they discuss how security accelerated that transformation. Topics include Legendary’s primary focus areas for security on AWS, creating a hybrid cloud security platform, gaining visibility into workloads, preventing lateral threat movement and attacks, and building a successful DevOps workflow that integrates security.
Amazon GuardDuty - Let's Attack My Account! - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- How to safely generate a number of Amazon GuardDuty findings
- How to analyze Amazon GuardDuty findings
- How to think about remediation of threats
Foundations - Understanding the Critical Building Blocks of AWS Identity & Go...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop. Level 200
How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...Amazon Web Services
The session will focus on the newly-launched security tool Hammer, which Dow Jones developed after identifying a security vulnerability internally. Users will learn more about Hammer and how it solves certain security configuration issues in the AWS cloud. The team behind the development of Hammer will showcase real-world examples of the tool identifying, analyzing and remediating issues, all as part of Dow Jones' commitment to helping everyone in the community as they make the jump to the cloud.
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Insider Threat detection! Working on active systems! How can you find a threat in a current, and realistic production environment. Just like yours. Different ways to find signals in the noise. Bring your questions and logs to discuss.
by Michael St. Onge, Global Cloud Security Architect, AWS
Events are precursor to incidents, but how do you decide if an event is harmful? Tuning the signal to noise means that every event needs to be inspected and its impact calculated in as short amount of time as possible to stop bad things from happening. In this session, we will dive deep into a few event types to do advanced analysis in pursuit of deciding if it is a security incident, and how to resolve it by the time the alert hits your inbox.
by Nathan Case, Sr. Consultant, AWS
Insider threat detection! How do we use AWS products to find an insider threat. We will cover Macie, GuardDuty and lambda to review a production account actions and remediate findings as they arise . We will also cover the utilization of CloudWatch to unify our finds into a single pane of glass. Level 400
by Cameron Worrell, Sr. Solutions Architect, AWS
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
by Greg McConnel, Sr. Security Solutions Architect, AWS
This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.
Identity and access management (IAM) is the security discipline that enables the right individuals to access the right resources at the right times for the right reasons. IAM enables you to securely control access to your application or product services and resources for your users.
Why cloud hacks will keep happening? Unless you learn AWS IAM - you run the risk of running AWS resources insecurely!
You can learn Learn How To Avoid Any Costly Security Breaches Which Can Affect Your Business In As Little As In 3 Hours Or Less" in this course Aws IAM the-cloud-engineer-secure-cloud-handbook "90% OFF" here - http://rite.ly/wTKL
About
Website: https://courses.tetranoodle.com/
Facebook: https://www.facebook.com/tetranoodletech
Twitter: https://twitter.com/TETRANOODLE
Linkedin: https://www.linkedin.com/company/tetranoodle/
YouTube: https://www.youtube.com/channel/UCAiIK20nDamhq70NMnLG8wA
Instagram: https://www.instagram.com/tetranoodle/
Udemy: https://www.udemy.com/user/manujaggarwal
Easily transform compliance to code using AWS Config, Config Rules, and the R...Amazon Web Services
Enterprises find that they have specific requirements imposed by their business, internal policies, or their particular auditors. As an organisation's cloud environments continue to scale and grow, how do you ensure that the number of growing resources are adhering to your security standards and compliance requirements? In this webinar, we'll learn about how to use cloud native services such as AWS config and custom config rules, to automate audits in a rapidly changing environment and ensure we achieve continuous detection of existing and newly launched AWS resources along with their levels of compliance to enterprise security requirements.
Security policies and standards can be difficult to decipher by developers or the business. Using a behaviour driven development approach, we can define our security requirements to scenario based tests in Gherkin, making it easy for developers and the business to understand the requirement. Security Operations teams or developers can then build scenario based tests as well as develop the associated lambda function for their custom Config Rule. The Rules Development Kit (RDK) for Config Rules is an open-source command-line utility designed to help you shorten the development time of custom Config Rules by up to 5 times. In this session, we'll cover how to use the RDK to write unit tests and build the lambda functions for the custom Config Rule in python, and ensure it behaves as per our requirements defined in Gherkin.
What to expect:
Learn AWS Config and Config Rules Concepts
Understand best practice and concepts on behaviour driven development for config rules
Learn to develop lambda functions for config rules in python using the Rules Development Kit (RDK)
Discover how to securely set up your environment for deployments
Voice of the Customer: Moving to a secure house in the cloud with cutting-edg...Amazon Web Services
This presentation will focus on security architecture, visibility, detection and response capabilities within AWS. As more and more organizations expand their infrastructure to AWS, selecting solutions/services to maintain visibility and control of sensitive assets is crucial to a successful migration. This highlights that all applicable security and compliance requirements can be met while maintaining flexibility in today’s cloud first world.
AWS Windsor User Group - June 7th 2018 - Amazon Web Services IAMBrandon Wells
Hi Everyone!
Here's the slide presentation from our last meeting (07/06/2018).
We did a 101 level overview of AWS Identity and Access Management. The goal was to enable you to create more secure AWS environments & architectures and provide you with IAM best practices.
This session will review how to secure your enterprise adoption of AWS at scale. At AWS security is job zero and at the heart of everything we build. This session will review the patterns of usage for AWS Identity and Access Management, AWS Key Management Service, AWS CloudTrail, AWS Config, Amazon GuardDuty AWS Systems Manager Parameter Store, Amazon EC2 Run Command, AWS Single Sign-On, AWS WAF, AWS Shield, and AWS Service Catalog to an create end-to-end security approach for your AWS cloud adoption. You will gain insight how these AWS services come together to increase your security posture in ways that are unique to AWS workloads.
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...Amazon Web Services
As a leader in its industry, Legendary Entertainment is transforming into a digital business with an aggressive strategy for cloud adoption. In this session, hear from Legendary CISO Dan Meacham and McAfee VP of Cloud Engineering Slawomir Ligier as they discuss how security accelerated that transformation. Topics include Legendary’s primary focus areas for security on AWS, creating a hybrid cloud security platform, gaining visibility into workloads, preventing lateral threat movement and attacks, and building a successful DevOps workflow that integrates security.
Amazon GuardDuty - Let's Attack My Account! - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- How to safely generate a number of Amazon GuardDuty findings
- How to analyze Amazon GuardDuty findings
- How to think about remediation of threats
Foundations - Understanding the Critical Building Blocks of AWS Identity & Go...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop. Level 200
Your security is our number one priority. In this session, we'll review best practices that will make your AWS platform even more secure. Using a number of services such as IAM, KMS, CloudTrail, Inspector, etc, we'll show you easy, concrete steps that you can take in minutes to significantly raise your security level.
Mike Allen's AWS + OWASP talk "AWS secret manager for protecting and rotating...AWS Chicago
Turbo talk 1: "AWS secret manager for protecting and rotating credentials" - Mike Allen, CIO at Morningstar // @mikeoninfosec
OWASP + AWS user groups: Using the OWASP Top 10 in AWS
Data protection using encryption in AWS - SEC201 - Santa Clara AWS SummitAmazon Web Services
Encryption is an essential tool for protecting data, and your key management practices provide the means to control access to sensitive and regulated information. In this session, we provide an overview of AWS Key Management Service (AWS KMS) and show you how it integrates with encryption capabilities across AWS. We describe how customers can use AWS KMS features to gain additional control over their keys and satisfy compliance requirements. Representatives from Slack join us to describe how the company used AWS KMS to give its customers increased control and visibility over the data that Slack protects on their behalf.
(SEC301) Encryption and Key Management in AWS | AWS re:Invent 2014Amazon Web Services
Sensitive customer data needs to be protected throughout AWS. This session discusses the options available for encrypting data at rest in AWS. It focuses on several scenarios, including transparent AWS management of encryption keys on behalf of the customer to provide automated server-side encryption and customer key management using partner solutions or AWS CloudHSM. This session is helpful for anyone interested in protecting data stored in AWS.
In this talk I will show how to save secret keys in Docker containers and K8s in production and best practices for saving and securing distribution of secrets. With Docker and k8s secrets we can manage information related to keys that are needed at runtime but cannot be exposed in the Docker image or source code repository. These could be the main talking points:
1.Challenges of security and secret keys in containers
2.Best practices for saving and securing distribution of secrets in Docker Containers
3.Managing secrets in Kubernetes using volumes and sealed-secrets
4.Other tools for distributing secrets in containers like Hashicorp Vault and KeyWhiz
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
XP Days 2019: First secret delivery for modern cloud-native applicationsVlad Fedosov
In this talk we’ll see how Authentication and Secrets delivery work in distributed containerized applications from the inside. We’ll start from the theory of security and will go through the topics like Container Auth Role, Static & Dynamic secrets, Env vars/volumes for secret delivery, Vault & K8S secrets. After this talk you’ll get an understanding how to securely deploy your containerized workloads.
Evolution of kubernetes and uses cases is more valuable when your team can manage secrets in more secure context for all teams!! Involve secure team and dev team for this process is very essential because you need broke this dependency with external-secrets!!
AWS re:Invent 2016: Get the Most from AWS KMS: Architecting Applications for ...Amazon Web Services
AWS Key Management Service provides an easy and cost-effective way to secure your data in AWS. In this session, you learn about leveraging the latest features of the service to minimize risk for your data. We also review the recently released Import Key feature that gives you more control over the encryption process by letting you bring your own keys to AWS.
SID345-AWS Encryption SDK The Busy Engineer’s Guide to Client-Side EncryptionAmazon Web Services
You know you want client-side encryption for your service but you don’t know exactly where to start. Join us for a hands-on workshop where we review some of your client-side encryption options and explore implementing client-side encryption using the AWS Encryption SDK. In this session, we cover the basics of client-side encryption, perform encrypt and decrypt operations using AWS KMS and the AWS Encryption SDK, and discuss security and performance considerations when implementing client-side encryption in your service.
How to implement data encryption at rest in compliance with enterprise requir...Steffen Mazanek
This presentation has been given at the #AWS #Community day #2019 in #Hamburg by Steffen Mazanek and Louay Mresheh. Title has been "How to implement data encryption at rest in compliance with enterprise requirements"
Similar to AWS Atlanta meetup Secrets Manager (20)
AWS Atlanta Meetup for April 2019 going over Systems Manager service and the different features and functions of the service including the Run command, Parameter Store, and Inventory
These slides are from the September 2017 group about the 3 types of Load Balancers in AWS - Classic Load Balancer, Application Load Balancer, and Network Load Balancer
AWS Atlanta meetup CloudFormation conditionals Adam Book
These are the slides from the December 19, 2018 AWS Atlanta Meetup Group. The topic was cloudformation conditionals and using them in your cloud formation templates (both JSON and YAML) to enhance your templates to make them more powerful.
A look at AWS web application firewall service from the September meeting of the Atlanta AWS Meetup group
Looking at how the service works with cloudfront along with it's pricing model compared with other WAF offerings.
A presentation on the microservice Lambda by AWS for creating Lambda packages in the Python language and examples of good and bad use cases for using lambda.
Presented by the AWS Atlanta Meetup group
SSM combined with Simple AD are powerful tools that can help you and your organization get away from things like every user using the Administrator username and password to get into the instances.
These slides are from the AWS Atlanta Meetup group's February 2016 meeting -http://www.meetup.com/AWS-Atlanta/
AWS Atlanta meetup group Slides from March 20th 2015 group presentation with CloudCheckr COO Aaron Klein speaking about Tracking, Allocating and Optimizing AWS Costs.
Sub topics include Instance and Service Tagging strategies in AWS for Master and child account management.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
3. Audit and monitor the use of secrets, and rotate secrets without risk of breaking
applications
Store and manage access to secrets securely and at scale
AWS Secrets manager enables customers to rotate, manage, and retrieve
database credentials,API Keys, and other secrets throughout their lifecycle.
Avoid dealing with secrets in their applications
IT ADMINS
SECURITYADMINS
DEVELOPERS
4.
5. Rotates Secrets Safely Manages access with fine-grained
policies
Secure and audit secrets centrally Pay as you go
6. • Built in integrations for rotating MySQL, PostgreSQL, and
AmazonAurora on RDS
• Extensible with Lambda
• Use versioning so that applications don’t break when
secrets are rotated
Photo by Isis França on Unsplash
7.
8.
9.
10. The stored secret might resemble the following:
In Secrets Manager, a secret is
typically a set of credentials
(username and password) and
the connection details that you
use to access a secured service.
{
“host”:”ProdServer-01.databases.example.com”,
“port”: “8888”,
“username”: “administrator”
“password”: “MyS3cretP@ssword”,
“dbname”: “MyDatabase”,
“engine”: “mysql”
}
11. Component AWS Secrets Manger HashiCorpVault
Pricing 0.40 per secret per month
0.05 per 10,000 API calls
Opensource – need to pay for EC2 instance cost
Management AWS Managed Service You Manage
API / SDK integration Fully integrated Fully integrated
Native Integrations KMS Terraform
13. 1. Sign in to the AWS Secrets Manager console at https://console.aws.amazon.com/secretsmanager/.
2. On the secrets list page choose Store a new secret.
3. On the Store a new secret page, choose Other type of secret.
4. For Select the encryption key, choose DefaultEncryptionKey.You aren't charged by AWS KMS if you
use the default AWS managed key that Secrets Manager creates in your account.
5. Under Credentials you want to store, choose Secret key : Secret value so that you can type the secret
as key-value pairs.
6. In the first text box, type username. In the second box, type: myserviceusername.
7. Choose +Add row to add a second key-value pair.
8. In the first box, type password. In the second box, type: MyVerySecureP@ssw0rd!.
9. Choose Plaintext above the boxes to see the JSON version of the secret text that will be stored in
the SecretString field of the secret.
10. For Select the encryption key, leave it set at the default value DefaultEncryptionKey.
11. Choose Next.
12. Under Secret name and description, for Secret name, type tutorials/MyFirstTutorialSecret.This stores
your secret in the virtual folder "tutorials".
To create and store your secret
14. 12. Under Secret name and description, for Secret name, type tutorials/MyFirstTutorialSecret.This stores
your secret in the virtual folder "tutorials".
13. For Description, type something like: The secret I created for the first tutorial.
14. Choose Next.
15. In this tutorial, we don't use rotation, so choose Disable automatic rotation, and then choose Next.
16. On the Review page, you can check all of the settings you chose. Also, be sure to review the Sample
code section that has cut-and-paste–enabled code that you can put into your own apps to use this secret
to retrieve the credentials. Each tab has the same code in different programming languages.
17. To save your changes, choose Store.
To create and store your secret
15. 1. On the secrets list page, choose the name of the new secret that you created in the previous section.
The details page for your secret appears.
2. In the Credential data section, choose Retrieve secret value.
3. You can view your secret as either key-value pairs, or as a JSON text structure.
To create and store your secret (Via the AWS Console)
1. Open a command prompt where you can run the AWS CLI.
2. Type the following command:
aws secretsmanager describe-secret --secret-id
tutorials/MyFirstTutorialSecret
3. Type the following command to see the encrypted secret:
aws secretsmanager get-secret-value --secret-id
tutorials/MyFirstTutorialSecret --version-stage AWSCURRENT
To create and store your secret (Via the AWS CLI)
Editor's Notes
This allows you to quickly get progress updates across all of your migrations, easily identify and troubleshoot any issues, and reduce the overall time and effort spent on your migration projects.
The first thing you need to do is understand what is a configuration item
Even though you access the hub console from Oregon, you can move into any region as long as the migration tool supports it.
Even though you access the hub console from Oregon, you can move into any region as long as the migration tool supports it.
Even though you access the hub console from Oregon, you can move into any region as long as the migration tool supports it.