AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhores práticas da AWS

•Download as PPTX, PDF•

0 likes•141 views

The document discusses best practices for security in cloud adoption and the AWS Well-Architected Framework. It covers defining a security strategy as part of cloud adoption, delivering a security program, operating robust security, controlling identity and access, enabling traceability, protecting the network layer, applying security across layers, and automating security checks and management. Specific AWS services referenced include AWS Organizations, IAM, GuardDuty, VPC, WAF, Config, and automation tools.

© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
FrameworkemSegurançaparaaNuvem
MapeiesuajornadacomasmelhorespráticasdaAWS
MelissaRavanini
ArquitetadeSoluções
ravanini@amazon.com

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda
• Cloud Adoption Framework: perspectiva de segurança
• AWS Well-Architected Framework: pilar de segurança

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWSshared responsibilitymodel

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWScloudadoptionframework

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Definaaestratégia
Identifique os workloads que moverão para
a numve
Identifique stakeholders

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Entregueumprogramadesegurança
Racionalize em cima dos
seus requisitos de
segurança
Defina proteção e controles
de segurança para seus
dados
Documente sua
arquitetura de segurança

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Cartografiadesegurança

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Operaçõesdesegurançarobustas
Deploy da arquitetura
Automação Monitoramento
contínuo
Testes e
Gamedays

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Ident. e controle acesso
Controles e detecção
Segurança Infraestrutura
Proteção de dados
Resposta a incidentes
Semana 1 Semana 2 Semana 5Semana 3 Semana 4
Exemplo de uma Jornada em Segurança

https://console.aws.amazon.com/wellarchitected

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
OqueéoframeworkWell-ArchitecteddaAWS?
Pilares Princípios de
design
Perguntas

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
PilaresdoWell-ArchitecteddaAWS
Seguranç
a
Confiabilidade
Eficiência em
performance
Otimização de
custos
Excelência
operacional

© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AWSTrustedAdvisor
https://console.aws.amazon.com/trustedadvisor

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Melhorespráticas:fortecontrolede identidade
Acesso Root nunca deveria ser utilizado
Considere AWS Organizations
Implemente política de troca de senha
Centralize identidades
Audite periodicamente

© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Cross-accountAccess
https://docs.aws.amazon.com/pt_br/IAM/latest/UserGuide/tutorial_cross-account-with-roles.html

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWSSingleSign-On(SSO)
Serviço AWS GRATUITO de single sign-on (SSO) para centralizer a
gestão de acesso à contas AWS e aplicações de negócio
Centralize a gestão
do acesso à
múltiplas contas
AWS
Fácil de habilitar e
usar
Use suas
identidades atuais
Acesso SSO a
aplicações SAML

© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
AmazonGuard Duty
https://console.aws.amazon.com/guardduty/

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Como:proteçãonacamada derede
Bucket
Instâncias
Região
VPC
Usuários
https://amzn.to/2PbHOpz
Automação de WAF
www.example.com

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Como:automatize verificações
AWS Config  Config Rules
https://console.aws.amazon.com/config

© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Como:gestãoautomatizada
Automation
Patch
manager
State
manager
https://amzn.to/2AaOwSg
https://amzn.to/2DSTLdK
https://amzn.to/2Qihzxm

As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days.

스폰서 발표 세션 | 클라우드 세상에서 CIO로 살아남기 이한주 대표이사, Bespin Global 클라우드 세상에서 CIO로 살아남기 위해서는 어떻게 해야 할까요? 클라우드를 도입하는 건 더이상 선택의 문제가 아닙니다. 우리 삶에 이미 스며들어 비즈니스 연속성을 갖기 위해서 취해야 할 당연한 환경입니다. 이제 클라우드는 얼마나 빨리 최신 기술을 적용하여 시장에 내놓을 수 있는지, 비즈니스 확장과 스피드의 관점으로 바라봐야합니다. 기업에서는 클라우드를 어떻게 접근해야 할까요? 개발자, 운영자 CIO로서 나가야 할 방향과 디지털 트랜스포메이션을 주도해야 하는 CDO로서의 방향은 어떻게 되어야 할까요?

Webinar AWS: Ciclo de vida e análise de dados na Nuvem AWS

Amazon Web Services LATAM

Leading Your Team Through a Cloud Transformation - Virtual Transformation Day...

Amazon Web Services

Speaker: Thomas Blood Moving to the cloud can help transform technical and non-technical aspects of your organization, enabling agility, scale, security, and cost savings. However, transformational change requires strong leadership at all levels of the organization. In this session, we will review strategies and best practices to help you lead the organization through a successful cloud journey. AWS Transformation Day is designed for enterprise organizations looking to make the move to the cloud in order to become more responsive, agile and innovative, while still staying secure and compliant. Join us for this virtual event and we'll share our experiences of helping enterprise customers accelerate the pace of migration and adoption of strategic services. We recommend this event for IT and business leaders who are looking to create sustainable benefits and a competitive advantage by using the AWS Cloud.

Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...

Amazon Web Services LATAM

Amazon SageMakerAmazon Web Services

Fundraising Essentials for Every Entrepreneur

Amazon Web Services

Speaker: Mike Wilner, Startup Business Development, Amazon Web Services Is raising venture capital right for you? Join this session to learn about the process that serial founders execute with fundraising. Discover how to prospect the right investors, make contact and frame a fundraising narrative, and generate a sense of urgency with investors to close your round as quickly as possible. Make sure you can fundraise like the most experienced founders to avoid dragging it out.

The Pitch: Essentials for Success, and Blunders to Avoid

Amazon Web Services

Moderator: Jerrod Hill, VC Business Development, Amazon Web Services Panelists: Nyla Koncurat, Managing Partner, Karlani Capital Elizabeth D. Sigety, Esq., Director, Co-Founder, Delaware Crossing Investor Group There's no perfect pitch deck. However, there are elements every investor will be looking for, and that your deck better have. If you are in the school of, “Why do I need a pitch deck at all?” it's time to change your thinking. A spiffy series of slides won't magically get you investors, customers, or those critical early hires. But it's a way in, especially for novice entrepreneurs. In this talk we'll cover what’s critical in a deck, what’s best left out, and how to combine everything to tell a compelling story about yourself and your startup.

Tools for Building your MVP on AWS

Amazon Web Services

Speaker: Alejandra Novack, Developer Relations, Amazon Web Services Early stage startups are time and resource constrained and they need to quickly get to product market fit. In this session you’ll get an overview of how startups build MVPs using services like Amazon API Gateway, AWS Amplify, AWS Lambda, Amazon EKS, Amazon Lightsail, and database options. After this session, you’ll be able to pick the right technologies and use pre-configured architectures to speed up your development.

Inovação Rápida: O caso de negócio para desenvolvimento de aplicações modernas.

Amazon Web Services LATAM

Moving to DevOps

Amazon Web Services

Are you Well Architected?

Amazon Web Services

Most businesses depend on a portfolio of technology solutions to operate and be successful every day. How do you know if you and your team are following best practice, or what the risks in your architectures might be? This session will show how the AWS Well-Architected framework provides prescriptive architectural advice, and how the AWS Well-Architected Tool allows you to measure and improve your technology portfolio. We will explain how other customers are using AWS Well-Architected in their business, and we’ll share insights into what we have learned from reviewing tens of thousands of architectures across Operational Excellence, Security, Reliability, Performance Efficiency, and Cost Optimization.

AWS Initiate Day Dublin 2019 – The Culture of Innovation at Amazon

Amazon Web Services

Before you Build - Customer Driven DevelopmentAmazon Web Services

AWS Initiate Day Dublin 2019 – Migrating Data to the Cloud

Amazon Web Services

AWS Startup Day Santiago - Tools For Building Your Startup

Amazon Web Services LATAM

Keynote

Amazon Web Services

Secure Your Customer Data from Day 1

Amazon Web Services

All companies, regardless of size, should build with protection of customer data as a top priority. This session examines how to achieve this through topics including: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. You'll learn key principles of how to build a secure organization and protect your customers’ data. Don't wait until your first security incident before putting these best practices in place.

Security Framework Shakedown

Amazon Web Services

Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way

Amazon Web Services

DevOps is currently one of the most sought after engineering models. One reason is that it helps enterprise transformations. The Amazon transformation to DevOps was born out of the desire to be even more customer obsessed, more agile, and more innovative. Come and learn from our journey as we share the playbook that helped us successfully implement and adopt DevOps as well as the lessons we learned the hard way.

What's hot

개발자를 위한 Alexa - 나만의 음성 비서 앱 만들기, Peter Moon, Senior Developer Manager, Amazon...

Amazon Web Services Korea

Welcome To Day OneAmazon Web Services

Machine Learning Key Lessons Learned for DevelopersAmazon Web Services

클라우드 세상에서 CIO로 살아남기 - 이한주 대표이사, Bespin Global :: AWS Summit Seoul 2019

Amazon Web Services Korea

Webinar AWS: Ciclo de vida e análise de dados na Nuvem AWS

Amazon Web Services LATAM

Leading Your Team Through a Cloud Transformation - Virtual Transformation Day...

Amazon Web Services

Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...

Amazon Web Services LATAM

Amazon SageMakerAmazon Web Services

Fundraising Essentials for Every Entrepreneur

Amazon Web Services

The Pitch: Essentials for Success, and Blunders to Avoid

Amazon Web Services

Tools for Building your MVP on AWS

Amazon Web Services

Inovação Rápida: O caso de negócio para desenvolvimento de aplicações modernas.

Amazon Web Services LATAM

Moving to DevOps

Amazon Web Services

Are you Well Architected?

Amazon Web Services

AWS Initiate Day Dublin 2019 – The Culture of Innovation at Amazon

Amazon Web Services

Before you Build - Customer Driven DevelopmentAmazon Web Services

AWS Initiate Day Dublin 2019 – Migrating Data to the Cloud

Amazon Web Services

AWS Startup Day Santiago - Tools For Building Your Startup

Amazon Web Services LATAM

Keynote

Amazon Web Services

Secure Your Customer Data from Day 1

Amazon Web Services

What's hot (20)

개발자를 위한 Alexa - 나만의 음성 비서 앱 만들기, Peter Moon, Senior Developer Manager, Amazon...

Welcome To Day One

Machine Learning Key Lessons Learned for Developers

클라우드 세상에서 CIO로 살아남기 - 이한주 대표이사, Bespin Global :: AWS Summit Seoul 2019

Webinar AWS: Ciclo de vida e análise de dados na Nuvem AWS

Leading Your Team Through a Cloud Transformation - Virtual Transformation Day...

Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...

Amazon SageMaker

Fundraising Essentials for Every Entrepreneur

The Pitch: Essentials for Success, and Blunders to Avoid

Tools for Building your MVP on AWS

Inovação Rápida: O caso de negócio para desenvolvimento de aplicações modernas.

Moving to DevOps

Are you Well Architected?

AWS Initiate Day Dublin 2019 – The Culture of Innovation at Amazon

Before you Build - Customer Driven Development

AWS Initiate Day Dublin 2019 – Migrating Data to the Cloud

AWS Startup Day Santiago - Tools For Building Your Startup

Keynote

Secure Your Customer Data from Day 1

Similar to AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhores práticas da AWS

Security Framework Shakedown

Amazon Web Services

Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way

Amazon Web Services

Building the Technical Foundation for Your Security Practice (GPSCT205) - AWS...

Amazon Web Services

Security is job zero at AWS. Come and learn how to build a modern security practice on AWS and supercharge it with AWS partners and serverless automation. Learn about the Security Perspectives found the AWS Well-Architected Framework, which equip your security program to not only keep your environment secure but also move fast. Learn advanced techniques to empower your teams with Amazon GuardDuty so you can elevate your team's ability to identify, protect, detect, respond, and recover from security events.

Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...

Amazon Web Services

Introduction to the Well-Architected Framework and Tool - SVC212 - Santa Clar...

Amazon Web Services

Most modern businesses depend on a portfolio of technology solutions to operate and be successful every day. How do you know whether your team is following best practices or the risks in your architectures? This session shows how the AWS Well-Architected Framework provides prescriptive advice on best practices and how the AWS Well-Architected Tool enables you to measure and improve your technology portfolio. We explain how other customers are using AWS Well-Architected in their businesses, and we share what we learned from reviewing tens of thousands of architectures across operational excellence, security, reliability, performance efficiency, and cost optimization.

So You Want to be Well-Architected?

Amazon Web Services

The AWS Well-Architected Framework enables customers to understand best practices around security, reliability, performance, and cost optimisation when building systems on AWS. This approach helps customers make informed decisions and weigh the pros and cons of application design patterns for the cloud. In this session, you'll learn about the Well-Architected Framework, and the steps you can take to help ensure your solution is Well Architected. Speaker: Brian Farnhill, Solutions Architect, AWS

e커머스 통합운영 자동화 사례 및 보안강화 방안 - 양수연 상무, 삼성SDS / 임선진 팀장, 삼성SDS :: AWS Summit Seou...

Amazon Web Services Korea

스폰서 발표 세션 | e커머스 통합운영 자동화 사례 및 보안강화 방안 양수연 상무, 삼성SDS 임선진 팀장, 삼성SDS 최근 많은 기업들이 글로벌 e커머스 사이트를 운영하고 있습니다. 그러나 글로벌 e커머스 시스템은 국가별로 다양한 환경을 수용해야 하기 때문에 개발과 운영이 쉽지 않습니다. 삼성SDS는 이러한 문제점을 해결하기 위해 해외 각지의 개발자들과 협업 체계를 갖추고, 신속하고 효율적인 e커머스 시스템 개발/운영 체계를 구축하였습니다. 본 세션에서는 여기에 적용된 기술과 구현 방법에 대해 설명하고, e커머스의 보안 강화를 위해 적용할 수 있는 Misconfig 진단, Managed CASB 등 보안 서비스에 대해서도 소개해 드립니다.

Using AMS to get FSI Regulated Workloads on the Cloud, Fast - AWS Summit Sydn...

Amazon Web Services

Using AMS to get FSI Regulated Workloads on the Cloud, Fast Discover the different approaches to building effective Operating Models at Cloud Strategy stage using DIY, APN Partner or AWS Services. Then hear how AWS Managed Services (AMS) can help Australia's banks get regulated workloads stood up on cloud and achieve business outcomes faster due to high scale automation. George Watts, Global Operations Integration Practice Manager, Amazon Web Services

How to Do it Right - Your First 90 Days - AWS Summit Sydney 2018

Amazon Web Services

Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...

Amazon Web Services

Security is a growing concern. Misconfigurations and inconsistent deployments provide opportunities for attackers to find vulnerabilities. This underscores the need to enforce policies as more and more production workloads move to the cloud. In this session, discover how customers are using AWS Service Catalog as a layered defense and an in-depth mechanism to mitigate misconfigurations and variability in workload deployments. Additionally, learn how AWS Control Tower provides guardrails for policy enforcement to help customers like World Bank enforce security and manage compliance. Speakers: Kaushik Mohanty, Principal BD, Service Catalog and Control Tower, AWS Durga Prasad, Manager, Solutions Architect, AWS

Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...

Amazon Web Services

Security at the speed of cloud: How to think about it & how you can do it now...

Amazon Web Services

Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...

Amazon Web Services

Liberty Mutual is opinionated about how application teams deliver and deploy code into AWS. Applications must be able to secure all data types, meet security standards, and deploy via automation. Radar is an event-driven, rules-based service for validating and remediating AWS cloud resources, and it ensures that security standards are enforced. In this session, learn about Radar, which is built on AWS and designed to ensure compliance across hundreds of AWS accounts in 14 regions while providing flexibility for rule variation. Whether risks are prevented during continuous integration or detected upon deployment and remediated, the goal is the same: all policy is enforced at the earliest moment of risk.

Privacy by design on AWS - FND202-R - AWS re:Inforce 2019

Amazon Web Services

This workshop is designed to support customers who apply due diligence and discovery efforts around data privacy regulations and compliance frameworks. We provide an introductory overview of AWS and data privacy. We also discuss the AWS shared responsibility model and where data can live in AWS environments. Finally, we give an overview of the available AWS services and features that support data privacy compliance.

Capital One case study: Addressing compliance and security within AWS - FND21...

Amazon Web Services

Capital One is a leading global financial institution that has reimagined banking. Attend this session to learn how the company is governing and securing mission-critical infrastructure, its AWS environment, and its users and customers by building an integrated identity governance program that secures the organization and enables its workforce. Capital One shares its successes and lessons learned while building its identity strategy, and it covers what the company recommends that you consider when building or expanding your identity program. Learn how Capital One secures the wallet that it refers to when asking, “What’s in your wallet?”

In the cloud, the name of the game is securability! - SEP303 - AWS re:Inforce...

Amazon Web Services

Do you ever feel like your efforts with security are futile? Change can lead to new, never-before-recognized opportunities to innovate. Security is no exception. Using measurements to drive us, we have found innovations in security that have led to greater collaboration and carefully curated security outcomes. The cloud has made never-before-seen security capabilities possible. Have you ever imagined talking about the five nines of security? We are! Come join the debate about how to make cloud workloads safer by adopting securability and a bounded measurable means of increasing the safety of software.

Simplify front end apps.pdf

Amazon Web Services

Designing, deploying and maintaining APIs for your mobile application is a challenge. In between authentication, authorization, data access, notifications, offline devices and the usual non functional requirements of availability, scalability and shrinking budgets. During this session, I will show you how to deploy a GraphQL API, without requiring to be an API expert. I will show you how to easily integrate an authentication wall, with minimal coding. By attending this session you will be able to accelerate the development of your web & mobile applications by using simplified backends in the cloud.

AWSome Day Online Conference 2018 - Module 3

Amazon Web Services

AWS DevDay Berlin 2019 - Simplify your Web & Mobile appswith cloud-based ser...

Darko Mesaroš

Designing, deploying and maintaining APIs for your mobile application is a challenge. In between authentication, authorization, data access, notifications, offline devices and the usual non functional requirements of availability, scalability and shrinking budgets.During this session, I will show you how to deploy a GraphQL API, without requiring to be an API expert. I will show you how to easily integrate an authentication wall, with minimal coding. By attending this session you will be able to accelerate the development of your web & mobile applications by using simplified backends in the cloud.

Simplify front end apps.pdf

Amazon Web Services

Similar to AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhores práticas da AWS (20)

Security Framework Shakedown

Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way

Building the Technical Foundation for Your Security Practice (GPSCT205) - AWS...

Leadership session - Governance, risk, and compliance - GRC326-L - AWS re:Inf...

Introduction to the Well-Architected Framework and Tool - SVC212 - Santa Clar...

So You Want to be Well-Architected?

e커머스 통합운영 자동화 사례 및 보안강화 방안 - 양수연 상무, 삼성SDS / 임선진 팀장, 삼성SDS :: AWS Summit Seou...

Using AMS to get FSI Regulated Workloads on the Cloud, Fast - AWS Summit Sydn...

How to Do it Right - Your First 90 Days - AWS Summit Sydney 2018

Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...

Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...

Security at the speed of cloud: How to think about it & how you can do it now...

Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...

Privacy by design on AWS - FND202-R - AWS re:Inforce 2019

Capital One case study: Addressing compliance and security within AWS - FND21...

In the cloud, the name of the game is securability! - SEP303 - AWS re:Inforce...

Simplify front end apps.pdf

AWSome Day Online Conference 2018 - Module 3

AWS DevDay Berlin 2019 - Simplify your Web & Mobile appswith cloud-based ser...

Simplify front end apps.pdf

More from Amazon Web Services LATAM

AWS para terceiro setor - Sessão 1 - Introdução à nuvem

Amazon Web Services LATAM

AWS para terceiro setor - Sessão 2 - Armazenamento e Backup

Amazon Web Services LATAM

AWS para terceiro setor - Sessão 3 - Protegendo seus dados.

Amazon Web Services LATAM

AWS para terceiro setor - Sessão 1 - Introdução à nuvem

Amazon Web Services LATAM

AWS para terceiro setor - Sessão 2 - Armazenamento e Backup

Amazon Web Services LATAM

AWS para terceiro setor - Sessão 3 - Protegendo seus dados.

Amazon Web Services LATAM

Automatice el proceso de entrega con CI/CD en AWS

Amazon Web Services LATAM

Automatize seu processo de entrega de software com CI/CD na AWS

Amazon Web Services LATAM

Cómo empezar con Amazon EKS

Amazon Web Services LATAM

Como começar com Amazon EKS

Amazon Web Services LATAM

Ransomware: como recuperar os seus dados na nuvem AWS

Amazon Web Services LATAM

Ransomware: cómo recuperar sus datos en la nube de AWS

Amazon Web Services LATAM

Ransomware: Estratégias de Mitigação

Amazon Web Services LATAM

Ransomware: Estratégias de Mitigación

Amazon Web Services LATAM

Aprenda a migrar y transferir datos al usar la nube de AWS

Amazon Web Services LATAM

Al mover datos a la nube, los clientes deben comprender los métodos óptimos para los diferentes casos de uso, los tipos de datos que están moviendo y los recursos disponibles en la red, entre otros. Las soluciones de migración y transferencia de AWS contemplan desde la migración de datos con conectividad limitada, almacenamiento en la nube híbrida, transferencias frecuentes de archivos B2B, hasta transferencias de datos en línea y sin conexión. En esta sesión, le mostramos cómo puede acelerar la migración y transferencia de datos de manera simplificada desde y hacia la nube de AWS.

Aprenda como migrar e transferir dados ao utilizar a nuvem da AWS

Amazon Web Services LATAM

Ao mover dados para a nuvem, os clientes precisam entender os métodos ideais de movê-los para diferentes casos de uso, os tipos de dados que estão movendo e os recursos de rede disponíveis, entre outras considerações. As soluções de migração e transferência da AWS atendem desde a migração de dados com conectividade limitada, armazenamento em nuvem híbrida, transferências frequentes de arquivos B2B até transferências de dados online e offline. Nessa sessão, mostraremos como você pode simplificar e acelerar sua migração e transferência de dados de e para a nuvem AWS.

Cómo mover a un almacenamiento de archivos administrados

Amazon Web Services LATAM

El almacenamiento de archivos tiene diversos casos de uso; como directorios de usuarios, datos de aplicaciones, archivos multimedia y almacenamiento compartido para cargas de trabajo de alto rendimiento. La administración del almacenamiento de archivos en instalaciones propias suele ser un trabajo pesado, indiferenciado, con altos costos de adquisición, carga operativa para configurar y administra, lo que conlleva a desafíos de escalabilidad. En esta sesión, le mostramos cómo puede aprovechar las soluciones de archivos totalmente administradas de AWS para dejar de preocuparse por la sobrecarga administrativa de configurar, proteger, mantener y realizar copias de seguridad de su infraestructura de archivos.

Simplifique su BI con AWS

Amazon Web Services LATAM

La visualización de datos analíticos es un reto al que se enfrentan muchas organizaciones, el poder crear tableros, alertas, agregar predicciones a sus datos y actuar de acuerdo a estas de manera rápida es una necesidad de todos los negocios actuales. Únase a nuestros arquitectos para aprender como Amazon QuickSight le permite agregar inteligencia de negocios a sus aplicaciones y crear predicciones a futuro de sus datos. Amazon QuickSight es un servicio de inteligencia de negocios escalable y serverless creado para la nube, a través del cual podrá explotar sus datos de negocio para convertirlos en insights para hacer decisiones informadas sobre su negocio sin preocuparse de la gestión, escalamiento y la disponibilidad de la infraestructura de cómputo.

Simplifique o seu BI com a AWS

Amazon Web Services LATAM

A visualização de dados é um desafio que muitas organizações enfrentam hoje. Criar dashboards, alertas, fazer previsões e agir rapidamente de acordo com os insights dos dados é uma necessidade de todas as empresas. Junte-se aos nossos arquitetos para aprender como o Amazon QuickSight o ajudará a adicionar BI aos seus aplicativos. O Amazon Quicksight é um serviço de BI escalável e serverless criado para a nuvem. Com ele, você pode explorar seus dados para obter insights e tomar decisões embasadas em seus negócios, sem se preocupar em gerenciar e dimensionar servidores e manter a disponibilidade de sua infraestrutura.

Os benefícios de migrar seus workloads de Big Data para a AWS

Amazon Web Services LATAM

More from Amazon Web Services LATAM (20)

AWS para terceiro setor - Sessão 1 - Introdução à nuvem

AWS para terceiro setor - Sessão 2 - Armazenamento e Backup

AWS para terceiro setor - Sessão 3 - Protegendo seus dados.

AWS para terceiro setor - Sessão 1 - Introdução à nuvem

AWS para terceiro setor - Sessão 2 - Armazenamento e Backup

AWS para terceiro setor - Sessão 3 - Protegendo seus dados.

Automatice el proceso de entrega con CI/CD en AWS

Automatize seu processo de entrega de software com CI/CD na AWS

Cómo empezar con Amazon EKS

Como começar com Amazon EKS

Ransomware: como recuperar os seus dados na nuvem AWS

Ransomware: cómo recuperar sus datos en la nube de AWS

Ransomware: Estratégias de Mitigação

Ransomware: Estratégias de Mitigación

Aprenda a migrar y transferir datos al usar la nube de AWS

Aprenda como migrar e transferir dados ao utilizar a nuvem da AWS

Cómo mover a un almacenamiento de archivos administrados

Simplifique su BI con AWS

Simplifique o seu BI com a AWS

Os benefícios de migrar seus workloads de Big Data para a AWS

Recently uploaded

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Product School

Connector Corner: Automate dynamic content and events by pushing a button

DianaGray10

Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to: Create a campaign using Mailchimp with merge tags/fields Send an interactive Slack channel message (using buttons) Have the message received by managers and peers along with a test email for review But there’s more: In a second workflow supporting the same use case, you’ll see: Your campaign sent to target colleagues for approval If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team But—if the “Reject” button is pushed, colleagues will be alerted via Slack message Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors. And... Speakers: Akshay Agnihotri, Product Manager Charlie Greenberg, Host

Designing Great Products: The Power of Design and Leadership by Chief Designe...

Product School

Leading Change strategies and insights for effective change management pdf 1.pdf

OnBoard

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

Product School

DevOps and Testing slides at DASA Connect

Kari Kakkonen

Knowledge engineering: from people to machines and back

Elena Simperl

How world-class product teams are winning in the AI era by CEO and Founder, P...

Product School

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

When stars align: studies in data quality, knowledge graphs, and machine lear...

Elena Simperl

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

JMeter webinar - integration with InfluxDB and Grafana

RTTS

Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application. In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics. Length: 30 minutes Session Overview ------------------------------------------- During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana: - What out-of-the-box solutions are available for real-time monitoring JMeter tests? - What are the benefits of integrating InfluxDB and Grafana into the load testing stack? - Which features are provided by Grafana? - Demonstration of InfluxDB and Grafana using a practice web application To view the webinar recording, go to: https://www.rttsweb.com/jmeter-integration-webinar

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Product School

Neuro-symbolic is not enough, we need neuro-*semantic*

Frank van Harmelen

Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”. All of this illustrated with link prediction over knowledge graphs, but the argument is general.

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

ODC, Data Fabric and Architecture User Group

CatarinaPereira64715

Recently uploaded (20)

From Siloed Products to Connected Ecosystem: Building a Sustainable and Scala...

Connector Corner: Automate dynamic content and events by pushing a button

Designing Great Products: The Power of Design and Leadership by Chief Designe...

Leading Change strategies and insights for effective change management pdf 1.pdf

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

From Daily Decisions to Bottom Line: Connecting Product Work to Revenue by VP...

DevOps and Testing slides at DASA Connect

Knowledge engineering: from people to machines and back

How world-class product teams are winning in the AI era by CEO and Founder, P...

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

When stars align: studies in data quality, knowledge graphs, and machine lear...

Accelerate your Kubernetes clusters with Varnish Caching

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

JMeter webinar - integration with InfluxDB and Grafana

UiPath Test Automation using UiPath Test Suite series, part 4

GraphRAG is All You need? LLM & Knowledge Graph

Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...

Neuro-symbolic is not enough, we need neuro-*semantic*

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

ODC, Data Fabric and Architecture User Group

AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhores práticas da AWS

2. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. FrameworkemSegurançaparaaNuvem MapeiesuajornadacomasmelhorespráticasdaAWS MelissaRavanini ArquitetadeSoluções ravanini@amazon.com

4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda • Cloud Adoption Framework: perspectiva de segurança • AWS Well-Architected Framework: pilar de segurança

8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Definaaestratégia Identifique os workloads que moverão para a numve Identifique stakeholders

9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Entregueumprogramadesegurança Racionalize em cima dos seus requisitos de segurança Defina proteção e controles de segurança para seus dados Documente sua arquitetura de segurança

11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Operaçõesdesegurançarobustas Deploy da arquitetura Automação Monitoramento contínuo Testes e Gamedays

12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Ident. e controle acesso Controles e detecção Segurança Infraestrutura Proteção de dados Resposta a incidentes Semana 1 Semana 2 Semana 5Semana 3 Semana 4 Exemplo de uma Jornada em Segurança

13. https://console.aws.amazon.com/wellarchitected

14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. OqueéoframeworkWell-ArchitecteddaAWS? Pilares Princípios de design Perguntas

15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. PilaresdoWell-ArchitecteddaAWS Seguranç a Confiabilidade Eficiência em performance Otimização de custos Excelência operacional

17.

18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Melhorespráticas:fortecontrolede identidade Acesso Root nunca deveria ser utilizado Considere AWS Organizations Implemente política de troca de senha Centralize identidades Audite periodicamente

21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWSSingleSign-On(SSO) Serviço AWS GRATUITO de single sign-on (SSO) para centralizer a gestão de acesso à contas AWS e aplicações de negócio Centralize a gestão do acesso à múltiplas contas AWS Fácil de habilitar e usar Use suas identidades atuais Acesso SSO a aplicações SAML

22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Melhorespráticas:fortecontrolede identidade Nunca armazene credenciais ou senhas em código Reforce o uso de MFA Use papéis do IAM para serviços Estabeleça poíticas de menor privilégio Use credenciais temporárias

23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Melhorespráticas:habilite rastreabilidade Considere Amazon GuardDuty Configure log de aplicação e infraestrutura Centralize usando um SIEM Monitore proativamente Reveja regularmente novidades e melhores práticas

25. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Melhorespráticas:proteçãoderede Amazon CloudFront + AWS WAF Amazon VPC e security groups Conectividade privada– Transit Gateway, VPN, AWS Direct Connect Endpoints dos serviços Reforce permissão a nível de serviço

26. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Como:proteçãonacamada derede Bucket Instâncias Região VPC Usuários https://amzn.to/2PbHOpz Automação de WAF www.example.com

27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Melhorespráticas:apliquesegurançaem todasas camadas Proteja sistemas operacionais e mude configurações padrão Use anti-malware + ferramentas de detecção de intrusão Escaneie sua infraestrutura Escaneie seu código Instale patches contra vulnerabilidades

28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Como:automatize verificações AWS Config  Config Rules https://console.aws.amazon.com/config

29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Como:gestãoautomatizada Automation Patch manager State manager https://amzn.to/2AaOwSg https://amzn.to/2DSTLdK https://amzn.to/2Qihzxm

30.

31. Obrigada!

Editor's Notes

x
x
Se você não tem um check list de controle de segurança, escolha algum, como por exemplo o ISO ou o NIST, ou Central for Internet Security, Security Controls…
Pensando em metodologia ágil, temos sprints semanais… IAM: não esquecer de falar Federação Infra: WAF, SG, Route Tables, ACLs, Data protection: Encryption in transit and at rest Response plans e procedures: alarmes, monitoramento, notificações
Monitoramento de credenciais -> veja se estão usando
Se você está usando roles, você já está usando credenciais temporárias via STS (security token service)
GuardDuty: free-tier; VPC Flow logs, DNS logs, Cloud Trail logs Cloudwatch logs and alerts SIEM: Security Information and Event Management
Marketplace Inspector
OWASP (open source): Open Web Application Security Project

AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhores práticas da AWS

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhores práticas da AWS

Similar to AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhores práticas da AWS (20)

More from Amazon Web Services LATAM

More from Amazon Web Services LATAM (20)

Recently uploaded

Recently uploaded (20)

AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhores práticas da AWS

Editor's Notes