Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-up Loft

This document discusses AWS security best practices for enterprises. It recommends following AWS security policies and IAM best practices, automating security configurations through tools like CloudFormation, and architecting networks carefully with security groups and subnets. Automating security operations, compliance checks, and incident response is emphasized to manage risks and unknown threats. The document also warns against simply migrating on-premises systems to AWS without redesigning for the cloud.

Meeting PCI DSS Requirements with AWS and CloudPassage

CloudPassage

The document discusses a presentation about meeting PCI DSS requirements using AWS and CloudPassage security tools. It covers what PCI DSS requires, the shared security responsibility model in AWS, CloudPassage Halo security automation capabilities, and a customer case study. CloudPassage Halo provides security controls like firewall management, vulnerability scanning, and compliance monitoring across AWS environments.

A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution

This document discusses the importance of security and operations teams working together. It argues that security can no longer retreat to the perimeter and must rely on operations teams to install monitoring tools and remediate issues. Likewise, operations teams rely on security teams for guidance on building secure systems and feedback on risks. This symbiotic relationship requires continuous feedback through automation and data sharing built on trust. It also emphasizes that people, process, and technology all need attention to foster collaboration between security and operations for rapid incident resolution.

Lacework Kubernetes Meetup | August 28, 2018

The document discusses container and cloud security. It describes Lacework's Polygraph security platform, which provides threat intelligence, detection, visibility, and alerting capabilities across cloud infrastructure, workloads, accounts, VMs, containers and files. It highlights risks like container escapes and privilege escalation. The document also provides examples of container security threats like the Healthz RCE vulnerability and recommendations like implementing multi-factor authentication, pod security policies, and restricting privileges.

AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...

Zero Trust Security is quickly rising as a preferred alternative to traditional security approaches. The key enabling technology underlying the Zero Trust Security approach is Next-Gen Access, which combines the critical capabilities of such technologies as Identity as a Service (IDaaS), enterprise mobility management (EMM), and privileged access management (PAM). In this session, we highlight AWS security best practices in a Zero Trust Security model. Specifically, we explore securing the AWS root account, controlling access to the AWS Management Console and AWS CLI, and managing developer access to Amazon EC2 instances and the containerized applications that run on them. This session is brought to you by AWS partner, Centrify.

James Strong presented on adopting Kubernetes. He began by outlining why Kubernetes may be a good solution based on factors like workload variability and infrastructure management needs. He then discussed steps to adopt containers like establishing local development environments and container security. For adopting Kubernetes, he recommended forming a working group, enabling local development with tools like kind and minikube, creating documentation, and hosting workshops. Key aspects of scaling Kubernetes include logging, monitoring, metrics, security, and provisioning. He stressed the importance of upskilling teams, joining the community, and automation.

Are You Ready for a Cloud Pentest?

AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...

This document provides an overview of automated end-to-end security for AWS. It discusses how the majority of compromises are due to credentials being compromised, failure to patch security flaws, insider threats, or human error. An example compromise is described where a developer at a company accidentally committed SSH keys to GitHub, allowing a hacker to access servers and exfiltrate customer data, resulting in a $148 million settlement. The document then outlines how Lacework can help secure workloads, containers, configuration, AWS accounts, and provide continuous auditing and compliance.

DevSecOps in 10 minutes

DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.

Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018

HashiCorp

Vault is a tool for centrally managing secrets like passwords, API keys, and certificates. It addresses the problem of "secrets sprawl" where credentials are stored insecurely in multiple places like source code, emails, and configuration files. Vault centralizes secrets management, provides access control and auditing, and generates unique short-lived credentials to reduce risk if a secret is compromised. It also supports encrypting sensitive data for additional protection. Implementing Vault involves deciding where it will run, who will manage encryption keys, which secrets it will store, where audit logs will go, and who will operate and configure the system on an ongoing basis.

Securing Applications in the Cloud

Security Innovation

As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment. Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include: • Common cloud threats and vulnerabilities • Exposing data with insufficient Authorization and Authentication • The danger of relying on untrusted components • Distributed Denial of Service (DDoS) and other application attacks • Securing APIs and other defensive measures

Lacework Overview: Security Redefined for Cloud Scale

The document discusses Lacework's cloud security platform. It provides continuous monitoring, compliance checks, and anomaly detection across AWS accounts, configurations, workloads and hosts. Lacework analyzes CloudTrail data and other activities to establish normal behavior baselines and detect deviations that could indicate threats. It aims to provide end-to-end visibility and security across all AWS resources and components through its Polygraph behavioral analysis technology.

Security Observability for Cloud Based Applications

John Varghese

You can't control what you can't see. Security observability is an intrinsic attribute of an application that provides direct observation of software vulnerabilities and attempted exploits as they happen, in order to allow rapid proactive remediation and prevention. Security Observability can be achieved by taking an instrumentation based approach that provides continuous visibility and exposure of vulnerabilities and threats and their context from within the software itself. This approach is particularly appropriate for cloud-based and hybridized distributed environments, because the instrumentation is agnostic to deployment methodologies and runtime environments. A demonstration will be provided that demonstrates the benefits of this approach for both custom code and open source dependencies, as well as across the software development lifecycle, showing both the rapid pinpointing of line-of-code level vulnerabilities for developers, and realtime exploit prevention in production.

A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution

This document discusses how security and operations teams can work together more effectively. It emphasizes that security can no longer be isolated to the network perimeter and must rely on operations teams to install monitoring tools and remediate issues. Operations teams in turn rely on security teams for guidance on building secure systems. The document argues that both teams need a high-velocity feedback loop built on trust and data sharing. It also provides recommendations for rethinking people, processes, and tools to better support this collaboration, including focusing on empathy over rules, reducing risk through isolation, and leveraging existing communication channels. The overall aim is to enable faster incident response through continuous monitoring, automation, and embracing new deployment models.

Become a Cloud Security Ninja

In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them

Cloud assessments by :- Aakash Goel

OWASP Delhi

Security Spotlight: The Coca Cola Company - CSS ATX 2017

Andrew Delosky from Coca-Cola discusses Coca-Cola's experience moving to the cloud. He debunks common myths about cloud security and discusses how Coca-Cola implements a multi-layered security model in the cloud using tools like security groups, IAM, network segmentation, web application firewalls, and encryption. Delosky also talks about hybrid cloud options, being proactive about security, and how the cloud allows for agile development, DevSecOps, and improved scaling and performance while keeping data secure.

Best Practices for IoT Security in the Cloud

Automated Intrusion Detection and Response on AWS

This document discusses using AWS services to automate intrusion detection and response. It provides examples of using AWS services like EC2, CloudFormation, and VPC to deploy resources and configure them with security features. Code examples are given to start EC2 instances, deploy templates to AWS, and monitor VPC flow logs to detect threats and take actions like snapshotting or terminating instances in response. The document argues that AWS services can improve security operations when best practices are followed, as AWS provides capabilities like built-in logging, inventory, and tools that facilitate automated detection and response.

AWS Frederick Meetup 07192016

Gaurav "GP" Pal

The document discusses AWS security best practices and common mistakes made when using AWS. It provides examples of real security incidents that occurred due to misconfigurations or lack of security controls. The presentation covers topics like identity and access management, network access control, logging and monitoring, compliance frameworks, and security tools that can be used to harden AWS environments. It also describes advanced VPC networking techniques and the DoD security technical implementation guide (STIG) compliance process.

DevSecOps - CrikeyCon 2017

DevSecOps: Let's Write Security Unit Tests

Puma Security, LLC

Lacework | Top 10 Cloud Security Threats

James Condon presented the top 10 threats to cloud security. These included cryptojacking, data leaks from misconfigurations, SSH brute force attacks, data exfiltration by advanced persistent threats, malware like ransomware and coin miners, remote code execution from vulnerabilities, container escapes, server compromises, and malicious insiders. Mitigations involved visibility, access controls, patching, monitoring, and security best practices.

The AWS Shared Responsibility Model in Practice

The document discusses the AWS shared responsibility model. It outlines the security controls that AWS manages, such as identity and access management, encryption, and infrastructure security. It also discusses security controls that customers are responsible for, like access management within their own applications and data protection. The document provides examples of security services like AWS Config Rules, CloudTrail, and Certificate Manager that help customers meet their security responsibilities.

AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)

Learn how to architect for compliance in the AWS cloud and see how your organization can leverage the agility, cost savings, scalability, and flexibility of the cloud while meeting the most stringent regulatory and compliance requirements, including Federal Risk and Authorization Management Program (FedRAMP), ITAR, CJIS, HIPAA, and DoD Cloud Computing Security Requirements Guide (SRG) Levels 2 and 4. Hear best practices and practical use cases for using AWS GovCloud (US) to comply with a variety of regulatory regimes.

AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...

We are all embarking on a journey in the cloud that can be frightening at times, thrilling at others, but at all times filled with pitfalls and scary monsters that threaten the security of our infrastructure, applications, and data. The ultimate reward for all our hard work is to achieve a state of autonomous, self-healing security within our environment--one that can withstand any threats, whether internal or external. In this session, we walk you through the steps you need to be successful in your journey, just like Ellie Mae and many other enterprises and agencies. Your journey starts with security automation, and from there you will push outside of your security comfort zone, thanks to the gift of enhanced visibility and omniscience. Next we use CloudFormation Templates and custom signatures to move through our next security challenge with speed, and finally, we build auto-remediation into our security strategy with AWS Lambda workflows that enable the system to self-correct when misconfigurations occur. This fast-paced session will be filled code, best practices to help you in your quest, and even a few surprises about the ultimate destination of your journey. Session sponsored by Evident.io. AWS Competency Partner

What's hot

Securing aws workloads with embedded application security

John Varghese

Kubernetes - do or do not, there is no try

James Strong

Are You Ready for a Cloud Pentest?

AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...

DevSecOps in 10 minutes

Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018

HashiCorp

Securing Applications in the Cloud

Security Innovation

Lacework Overview: Security Redefined for Cloud Scale

Security Observability for Cloud Based Applications

John Varghese

A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution

Become a Cloud Security Ninja

Cloud assessments by :- Aakash Goel

OWASP Delhi

Security Spotlight: The Coca Cola Company - CSS ATX 2017

Best Practices for IoT Security in the Cloud

Automated Intrusion Detection and Response on AWS

AWS Frederick Meetup 07192016

Gaurav "GP" Pal

DevSecOps - CrikeyCon 2017

DevSecOps: Let's Write Security Unit Tests

Puma Security, LLC

Lacework | Top 10 Cloud Security Threats

The AWS Shared Responsibility Model in Practice

What's hot (20)

Securing aws workloads with embedded application security

Kubernetes - do or do not, there is no try

Are You Ready for a Cloud Pentest?

AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...

DevSecOps in 10 minutes

Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018

Securing Applications in the Cloud

Lacework Overview: Security Redefined for Cloud Scale

Security Observability for Cloud Based Applications

A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution

Become a Cloud Security Ninja

Cloud assessments by :- Aakash Goel

Security Spotlight: The Coca Cola Company - CSS ATX 2017

Best Practices for IoT Security in the Cloud

Automated Intrusion Detection and Response on AWS

AWS Frederick Meetup 07192016

DevSecOps - CrikeyCon 2017

DevSecOps: Let's Write Security Unit Tests

Lacework | Top 10 Cloud Security Threats

The AWS Shared Responsibility Model in Practice

Viewers also liked

AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)

AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...

SEC303 Top 10 AWS Identity and Access Management Best Practices - AWS re:Inve...

The document provides an overview of 10 best practices for AWS Identity and Access Management (IAM). It discusses creating individual users and managing permissions with groups. It also covers granting least privilege, configuring strong password policies, enabling multi-factor authentication for privileged users, using IAM roles for EC2 instances and sharing access. Additional best practices include rotating security credentials regularly, restricting access with conditions, and reducing reliance on root users. The document is copyrighted material from Amazon.

AWS re:Invent 2016: Proactive Security Testing in AWS: From Early Implementat...

AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...

This document discusses continuous compliance for regulated life sciences applications in AWS. It provides an overview of continuous compliance in life sciences, architectural considerations for continuous compliance in AWS, and tools that can help with compliance like CloudTrail, CloudWatch, and Config. It then discusses Merck's journey to continuous compliance, including how they achieved historical auditability, monitoring, control over API permissions, and automated validation of their environments. Their approach leveraged many native AWS services with minimal development needed.

Developing a Continuous Automated Approach to Cloud Security

Many organizations struggle daily with the question - "Where do we stand with our AWS security practices?" With the recent release of the Center for Internet Security's CIS AWS Foundations Benchmark, organizations now have an industry-accepted set of security configuration best practices. These benchmarks, in combination with 3rd party security solutions that support them, can form the foundation for security operations at organizations of all sizes through continuous monitoring and auditing.

Automating Compliance Defense in the Cloud - September 2016 Webinar Series

This document discusses how to automate compliance when using AWS cloud services. It recommends five steps: 1) Partner cloud technology and security experts; 2) Integrate industry standards and regulatory requirements; 3) Create a master design that meets requirements; 4) Enforce deployment according to the design; and 5) Mechanize scalable governance and auditing programs. Following best practices like leveraging CIS benchmarks, creating a "golden environment" configuration, and using AWS Service Catalog can help automate controls and achieve continuous compliance defense in the cloud.

AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...