This document discusses automating security operations on AWS. It begins by noting the large costs of data breaches and intellectual property theft for businesses. It then discusses how AWS can provide more security than an on-premises environment through features like automated logging and monitoring, simplified access controls, and encryption. The document emphasizes that security is a shared responsibility between AWS and the customer, with AWS securing the underlying cloud infrastructure and customers securing their applications and data. It provides examples of AWS security certifications and programs. Finally, it discusses how security automation is key to keeping up with the scale of cloud infrastructure and software delivery.
CEO of Evident.io, Tim Prendergast, sharing insights into the powerful combination of Cloud Security and DevOps practices at Velocity Conference 2015 in Santa Clara, CA USA. Learn how agility, security, and automation can be combined to perform continuous security assessments, real-time automated defensive measures, and other exciting security capabilities!
You run a web business on AWS, and due to your specific business requirements you have a need to perform payment processing. Whether you are selling subscriptions or shipping goods, there are both easy and hard ways to manage payments in a PCI compliant way. Learn tips and techniques from the pros to achieve PCI compliance on AWS without making your life more difficult than necessary.
This document discusses AWS security best practices for enterprises. It recommends following AWS security policies and IAM best practices, automating security configurations through tools like CloudFormation, and architecting networks carefully with security groups and subnets. Automating security operations, compliance checks, and incident response is emphasized to manage risks and unknown threats. The document also warns against simply migrating on-premises systems to AWS without redesigning for the cloud.
Meeting PCI DSS Requirements with AWS and CloudPassageCloudPassage
The document discusses a presentation about meeting PCI DSS requirements using AWS and CloudPassage security tools. It covers what PCI DSS requires, the shared security responsibility model in AWS, CloudPassage Halo security automation capabilities, and a customer case study. CloudPassage Halo provides security controls like firewall management, vulnerability scanning, and compliance monitoring across AWS environments.
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionAmazon Web Services
This document discusses the importance of security and operations teams working together. It argues that security can no longer retreat to the perimeter and must rely on operations teams to install monitoring tools and remediate issues. Likewise, operations teams rely on security teams for guidance on building secure systems and feedback on risks. This symbiotic relationship requires continuous feedback through automation and data sharing built on trust. It also emphasizes that people, process, and technology all need attention to foster collaboration between security and operations for rapid incident resolution.
Lacework Kubernetes Meetup | August 28, 2018Lacework
The document discusses container and cloud security. It describes Lacework's Polygraph security platform, which provides threat intelligence, detection, visibility, and alerting capabilities across cloud infrastructure, workloads, accounts, VMs, containers and files. It highlights risks like container escapes and privilege escalation. The document also provides examples of container security threats like the Healthz RCE vulnerability and recommendations like implementing multi-factor authentication, pod security policies, and restricting privileges.
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...Amazon Web Services
Zero Trust Security is quickly rising as a preferred alternative to traditional security approaches. The key enabling technology underlying the Zero Trust Security approach is Next-Gen Access, which combines the critical capabilities of such technologies as Identity as a Service (IDaaS), enterprise mobility management (EMM), and privileged access management (PAM). In this session, we highlight AWS security best practices in a Zero Trust Security model. Specifically, we explore securing the AWS root account, controlling access to the AWS Management Console and AWS CLI, and managing developer access to Amazon EC2 instances and the containerized applications that run on them. This session is brought to you by AWS partner, Centrify.
This document discusses automating security operations on AWS. It begins by noting the large costs of data breaches and intellectual property theft for businesses. It then discusses how AWS can provide more security than an on-premises environment through features like automated logging and monitoring, simplified access controls, and encryption. The document emphasizes that security is a shared responsibility between AWS and the customer, with AWS securing the underlying cloud infrastructure and customers securing their applications and data. It provides examples of AWS security certifications and programs. Finally, it discusses how security automation is key to keeping up with the scale of cloud infrastructure and software delivery.
CEO of Evident.io, Tim Prendergast, sharing insights into the powerful combination of Cloud Security and DevOps practices at Velocity Conference 2015 in Santa Clara, CA USA. Learn how agility, security, and automation can be combined to perform continuous security assessments, real-time automated defensive measures, and other exciting security capabilities!
You run a web business on AWS, and due to your specific business requirements you have a need to perform payment processing. Whether you are selling subscriptions or shipping goods, there are both easy and hard ways to manage payments in a PCI compliant way. Learn tips and techniques from the pros to achieve PCI compliance on AWS without making your life more difficult than necessary.
This document discusses AWS security best practices for enterprises. It recommends following AWS security policies and IAM best practices, automating security configurations through tools like CloudFormation, and architecting networks carefully with security groups and subnets. Automating security operations, compliance checks, and incident response is emphasized to manage risks and unknown threats. The document also warns against simply migrating on-premises systems to AWS without redesigning for the cloud.
Meeting PCI DSS Requirements with AWS and CloudPassageCloudPassage
The document discusses a presentation about meeting PCI DSS requirements using AWS and CloudPassage security tools. It covers what PCI DSS requires, the shared security responsibility model in AWS, CloudPassage Halo security automation capabilities, and a customer case study. CloudPassage Halo provides security controls like firewall management, vulnerability scanning, and compliance monitoring across AWS environments.
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionAmazon Web Services
This document discusses the importance of security and operations teams working together. It argues that security can no longer retreat to the perimeter and must rely on operations teams to install monitoring tools and remediate issues. Likewise, operations teams rely on security teams for guidance on building secure systems and feedback on risks. This symbiotic relationship requires continuous feedback through automation and data sharing built on trust. It also emphasizes that people, process, and technology all need attention to foster collaboration between security and operations for rapid incident resolution.
Lacework Kubernetes Meetup | August 28, 2018Lacework
The document discusses container and cloud security. It describes Lacework's Polygraph security platform, which provides threat intelligence, detection, visibility, and alerting capabilities across cloud infrastructure, workloads, accounts, VMs, containers and files. It highlights risks like container escapes and privilege escalation. The document also provides examples of container security threats like the Healthz RCE vulnerability and recommendations like implementing multi-factor authentication, pod security policies, and restricting privileges.
AWS Security Best Practices in a Zero Trust Security Model - DEM06 - Atlanta ...Amazon Web Services
Zero Trust Security is quickly rising as a preferred alternative to traditional security approaches. The key enabling technology underlying the Zero Trust Security approach is Next-Gen Access, which combines the critical capabilities of such technologies as Identity as a Service (IDaaS), enterprise mobility management (EMM), and privileged access management (PAM). In this session, we highlight AWS security best practices in a Zero Trust Security model. Specifically, we explore securing the AWS root account, controlling access to the AWS Management Console and AWS CLI, and managing developer access to Amazon EC2 instances and the containerized applications that run on them. This session is brought to you by AWS partner, Centrify.
Kubernetes - do or do not, there is no tryJames Strong
James Strong presented on adopting Kubernetes. He began by outlining why Kubernetes may be a good solution based on factors like workload variability and infrastructure management needs. He then discussed steps to adopt containers like establishing local development environments and container security. For adopting Kubernetes, he recommended forming a working group, enabling local development with tools like kind and minikube, creating documentation, and hosting workshops. Key aspects of scaling Kubernetes include logging, monitoring, metrics, security, and provisioning. He stressed the importance of upskilling teams, joining the community, and automation.
Is your company in need of a cloud penetration test on AWS, Azure, or Google? Here are some things you might want to consider before starting your cloud pentest. Also tips for pentesters getting started in the cloud.
AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...Lacework
This document provides an overview of automated end-to-end security for AWS. It discusses how the majority of compromises are due to credentials being compromised, failure to patch security flaws, insider threats, or human error. An example compromise is described where a developer at a company accidentally committed SSH keys to GitHub, allowing a hacker to access servers and exfiltrate customer data, resulting in a $148 million settlement. The document then outlines how Lacework can help secure workloads, containers, configuration, AWS accounts, and provide continuous auditing and compliance.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018HashiCorp
Vault is a tool for centrally managing secrets like passwords, API keys, and certificates. It addresses the problem of "secrets sprawl" where credentials are stored insecurely in multiple places like source code, emails, and configuration files. Vault centralizes secrets management, provides access control and auditing, and generates unique short-lived credentials to reduce risk if a secret is compromised. It also supports encrypting sensitive data for additional protection. Implementing Vault involves deciding where it will run, who will manage encryption keys, which secrets it will store, where audit logs will go, and who will operate and configure the system on an ongoing basis.
As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment.
Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include:
• Common cloud threats and vulnerabilities
• Exposing data with insufficient Authorization and Authentication
• The danger of relying on untrusted components
• Distributed Denial of Service (DDoS) and other application attacks
• Securing APIs and other defensive measures
Lacework Overview: Security Redefined for Cloud ScaleLacework
The document discusses Lacework's cloud security platform. It provides continuous monitoring, compliance checks, and anomaly detection across AWS accounts, configurations, workloads and hosts. Lacework analyzes CloudTrail data and other activities to establish normal behavior baselines and detect deviations that could indicate threats. It aims to provide end-to-end visibility and security across all AWS resources and components through its Polygraph behavioral analysis technology.
Security Observability for Cloud Based ApplicationsJohn Varghese
You can't control what you can't see. Security observability is an intrinsic attribute of an application that provides direct observation of software vulnerabilities and attempted exploits as they happen, in order to allow rapid proactive remediation and prevention. Security Observability can be achieved by taking an instrumentation based approach that provides continuous visibility and exposure of vulnerabilities and threats and their context from within the software itself. This approach is particularly appropriate for cloud-based and hybridized distributed environments, because the instrumentation is agnostic to deployment methodologies and runtime environments. A demonstration will be provided that demonstrates the benefits of this approach for both custom code and open source dependencies, as well as across the software development lifecycle, showing both the rapid pinpointing of line-of-code level vulnerabilities for developers, and realtime exploit prevention in production.
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionAmazon Web Services
This document discusses how security and operations teams can work together more effectively. It emphasizes that security can no longer be isolated to the network perimeter and must rely on operations teams to install monitoring tools and remediate issues. Operations teams in turn rely on security teams for guidance on building secure systems. The document argues that both teams need a high-velocity feedback loop built on trust and data sharing. It also provides recommendations for rethinking people, processes, and tools to better support this collaboration, including focusing on empathy over rules, reducing risk through isolation, and leveraging existing communication channels. The overall aim is to enable faster incident response through continuous monitoring, automation, and embracing new deployment models.
In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them
Security Spotlight: The Coca Cola Company - CSS ATX 2017Alert Logic
Andrew Delosky from Coca-Cola discusses Coca-Cola's experience moving to the cloud. He debunks common myths about cloud security and discusses how Coca-Cola implements a multi-layered security model in the cloud using tools like security groups, IAM, network segmentation, web application firewalls, and encryption. Delosky also talks about hybrid cloud options, being proactive about security, and how the cloud allows for agile development, DevSecOps, and improved scaling and performance while keeping data secure.
This session will introduce best practices for IoT security in the cloud and the access control mechanisms used by AWS IoT. These mechanisms can be used to not only securely build and provision devices, but also to integrate devices with other AWS services. As a result, you are able to scale and innovate, while maintaining a secure environment.
Automated Intrusion Detection and Response on AWSTeri Radichel
This document discusses using AWS services to automate intrusion detection and response. It provides examples of using AWS services like EC2, CloudFormation, and VPC to deploy resources and configure them with security features. Code examples are given to start EC2 instances, deploy templates to AWS, and monitor VPC flow logs to detect threats and take actions like snapshotting or terminating instances in response. The document argues that AWS services can improve security operations when best practices are followed, as AWS provides capabilities like built-in logging, inventory, and tools that facilitate automated detection and response.
The document discusses AWS security best practices and common mistakes made when using AWS. It provides examples of real security incidents that occurred due to misconfigurations or lack of security controls. The presentation covers topics like identity and access management, network access control, logging and monitoring, compliance frameworks, and security tools that can be used to harden AWS environments. It also describes advanced VPC networking techniques and the DoD security technical implementation guide (STIG) compliance process.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
James Condon presented the top 10 threats to cloud security. These included cryptojacking, data leaks from misconfigurations, SSH brute force attacks, data exfiltration by advanced persistent threats, malware like ransomware and coin miners, remote code execution from vulnerabilities, container escapes, server compromises, and malicious insiders. Mitigations involved visibility, access controls, patching, monitoring, and security best practices.
The AWS Shared Responsibility Model in PracticeAlert Logic
The document discusses the AWS shared responsibility model. It outlines the security controls that AWS manages, such as identity and access management, encryption, and infrastructure security. It also discusses security controls that customers are responsible for, like access management within their own applications and data protection. The document provides examples of security services like AWS Config Rules, CloudTrail, and Certificate Manager that help customers meet their security responsibilities.
AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)Amazon Web Services
Learn how to architect for compliance in the AWS cloud and see how your organization can leverage the agility, cost savings, scalability, and flexibility of the cloud while meeting the most stringent regulatory and compliance requirements, including Federal Risk and Authorization Management Program (FedRAMP), ITAR, CJIS, HIPAA, and DoD Cloud Computing Security Requirements Guide (SRG) Levels 2 and 4. Hear best practices and practical use cases for using AWS GovCloud (US) to comply with a variety of regulatory regimes.
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...Amazon Web Services
We are all embarking on a journey in the cloud that can be frightening at times, thrilling at others, but at all times filled with pitfalls and scary monsters that threaten the security of our infrastructure, applications, and data. The ultimate reward for all our hard work is to achieve a state of autonomous, self-healing security within our environment--one that can withstand any threats, whether internal or external. In this session, we walk you through the steps you need to be successful in your journey, just like Ellie Mae and many other enterprises and agencies. Your journey starts with security automation, and from there you will push outside of your security comfort zone, thanks to the gift of enhanced visibility and omniscience. Next we use CloudFormation Templates and custom signatures to move through our next security challenge with speed, and finally, we build auto-remediation into our security strategy with AWS Lambda workflows that enable the system to self-correct when misconfigurations occur. This fast-paced session will be filled code, best practices to help you in your quest, and even a few surprises about the ultimate destination of your journey. Session sponsored by Evident.io.
AWS Competency Partner
Kubernetes - do or do not, there is no tryJames Strong
James Strong presented on adopting Kubernetes. He began by outlining why Kubernetes may be a good solution based on factors like workload variability and infrastructure management needs. He then discussed steps to adopt containers like establishing local development environments and container security. For adopting Kubernetes, he recommended forming a working group, enabling local development with tools like kind and minikube, creating documentation, and hosting workshops. Key aspects of scaling Kubernetes include logging, monitoring, metrics, security, and provisioning. He stressed the importance of upskilling teams, joining the community, and automation.
Is your company in need of a cloud penetration test on AWS, Azure, or Google? Here are some things you might want to consider before starting your cloud pentest. Also tips for pentesters getting started in the cloud.
AWS Security Week | Getting to Continuous Security and Compliance Monitoring ...Lacework
This document provides an overview of automated end-to-end security for AWS. It discusses how the majority of compromises are due to credentials being compromised, failure to patch security flaws, insider threats, or human error. An example compromise is described where a developer at a company accidentally committed SSH keys to GitHub, allowing a hacker to access servers and exfiltrate customer data, resulting in a $148 million settlement. The document then outlines how Lacework can help secure workloads, containers, configuration, AWS accounts, and provide continuous auditing and compliance.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018HashiCorp
Vault is a tool for centrally managing secrets like passwords, API keys, and certificates. It addresses the problem of "secrets sprawl" where credentials are stored insecurely in multiple places like source code, emails, and configuration files. Vault centralizes secrets management, provides access control and auditing, and generates unique short-lived credentials to reduce risk if a secret is compromised. It also supports encrypting sensitive data for additional protection. Implementing Vault involves deciding where it will run, who will manage encryption keys, which secrets it will store, where audit logs will go, and who will operate and configure the system on an ongoing basis.
As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment.
Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include:
• Common cloud threats and vulnerabilities
• Exposing data with insufficient Authorization and Authentication
• The danger of relying on untrusted components
• Distributed Denial of Service (DDoS) and other application attacks
• Securing APIs and other defensive measures
Lacework Overview: Security Redefined for Cloud ScaleLacework
The document discusses Lacework's cloud security platform. It provides continuous monitoring, compliance checks, and anomaly detection across AWS accounts, configurations, workloads and hosts. Lacework analyzes CloudTrail data and other activities to establish normal behavior baselines and detect deviations that could indicate threats. It aims to provide end-to-end visibility and security across all AWS resources and components through its Polygraph behavioral analysis technology.
Security Observability for Cloud Based ApplicationsJohn Varghese
You can't control what you can't see. Security observability is an intrinsic attribute of an application that provides direct observation of software vulnerabilities and attempted exploits as they happen, in order to allow rapid proactive remediation and prevention. Security Observability can be achieved by taking an instrumentation based approach that provides continuous visibility and exposure of vulnerabilities and threats and their context from within the software itself. This approach is particularly appropriate for cloud-based and hybridized distributed environments, because the instrumentation is agnostic to deployment methodologies and runtime environments. A demonstration will be provided that demonstrates the benefits of this approach for both custom code and open source dependencies, as well as across the software development lifecycle, showing both the rapid pinpointing of line-of-code level vulnerabilities for developers, and realtime exploit prevention in production.
A Tale of Security & Ops Teamwork for Rapid Security Incident ResolutionAmazon Web Services
This document discusses how security and operations teams can work together more effectively. It emphasizes that security can no longer be isolated to the network perimeter and must rely on operations teams to install monitoring tools and remediate issues. Operations teams in turn rely on security teams for guidance on building secure systems. The document argues that both teams need a high-velocity feedback loop built on trust and data sharing. It also provides recommendations for rethinking people, processes, and tools to better support this collaboration, including focusing on empathy over rules, reducing risk through isolation, and leveraging existing communication channels. The overall aim is to enable faster incident response through continuous monitoring, automation, and embracing new deployment models.
In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them
Security Spotlight: The Coca Cola Company - CSS ATX 2017Alert Logic
Andrew Delosky from Coca-Cola discusses Coca-Cola's experience moving to the cloud. He debunks common myths about cloud security and discusses how Coca-Cola implements a multi-layered security model in the cloud using tools like security groups, IAM, network segmentation, web application firewalls, and encryption. Delosky also talks about hybrid cloud options, being proactive about security, and how the cloud allows for agile development, DevSecOps, and improved scaling and performance while keeping data secure.
This session will introduce best practices for IoT security in the cloud and the access control mechanisms used by AWS IoT. These mechanisms can be used to not only securely build and provision devices, but also to integrate devices with other AWS services. As a result, you are able to scale and innovate, while maintaining a secure environment.
Automated Intrusion Detection and Response on AWSTeri Radichel
This document discusses using AWS services to automate intrusion detection and response. It provides examples of using AWS services like EC2, CloudFormation, and VPC to deploy resources and configure them with security features. Code examples are given to start EC2 instances, deploy templates to AWS, and monitor VPC flow logs to detect threats and take actions like snapshotting or terminating instances in response. The document argues that AWS services can improve security operations when best practices are followed, as AWS provides capabilities like built-in logging, inventory, and tools that facilitate automated detection and response.
The document discusses AWS security best practices and common mistakes made when using AWS. It provides examples of real security incidents that occurred due to misconfigurations or lack of security controls. The presentation covers topics like identity and access management, network access control, logging and monitoring, compliance frameworks, and security tools that can be used to harden AWS environments. It also describes advanced VPC networking techniques and the DoD security technical implementation guide (STIG) compliance process.
DevSecOps, or SecDevOps has the ambitious goal of integrating development, security and operations teams together, encouraging faster decision making and reducing issue resolution times. This session will cover the current state of DevOps, how DevSecOps can help, integration pathways between teams and how to reduce fear, uncertainty and doubt. We will look at how to move to security as code, and integrating security into our infrastructure and software deployment processes.
James Condon presented the top 10 threats to cloud security. These included cryptojacking, data leaks from misconfigurations, SSH brute force attacks, data exfiltration by advanced persistent threats, malware like ransomware and coin miners, remote code execution from vulnerabilities, container escapes, server compromises, and malicious insiders. Mitigations involved visibility, access controls, patching, monitoring, and security best practices.
The AWS Shared Responsibility Model in PracticeAlert Logic
The document discusses the AWS shared responsibility model. It outlines the security controls that AWS manages, such as identity and access management, encryption, and infrastructure security. It also discusses security controls that customers are responsible for, like access management within their own applications and data protection. The document provides examples of security services like AWS Config Rules, CloudTrail, and Certificate Manager that help customers meet their security responsibilities.
AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)Amazon Web Services
Learn how to architect for compliance in the AWS cloud and see how your organization can leverage the agility, cost savings, scalability, and flexibility of the cloud while meeting the most stringent regulatory and compliance requirements, including Federal Risk and Authorization Management Program (FedRAMP), ITAR, CJIS, HIPAA, and DoD Cloud Computing Security Requirements Guide (SRG) Levels 2 and 4. Hear best practices and practical use cases for using AWS GovCloud (US) to comply with a variety of regulatory regimes.
AWS re:Invent 2016: The AWS Hero’s Journey to Achieving Autonomous, Self-Heal...Amazon Web Services
We are all embarking on a journey in the cloud that can be frightening at times, thrilling at others, but at all times filled with pitfalls and scary monsters that threaten the security of our infrastructure, applications, and data. The ultimate reward for all our hard work is to achieve a state of autonomous, self-healing security within our environment--one that can withstand any threats, whether internal or external. In this session, we walk you through the steps you need to be successful in your journey, just like Ellie Mae and many other enterprises and agencies. Your journey starts with security automation, and from there you will push outside of your security comfort zone, thanks to the gift of enhanced visibility and omniscience. Next we use CloudFormation Templates and custom signatures to move through our next security challenge with speed, and finally, we build auto-remediation into our security strategy with AWS Lambda workflows that enable the system to self-correct when misconfigurations occur. This fast-paced session will be filled code, best practices to help you in your quest, and even a few surprises about the ultimate destination of your journey. Session sponsored by Evident.io.
AWS Competency Partner
SEC303 Top 10 AWS Identity and Access Management Best Practices - AWS re:Inve...Amazon Web Services
The document provides an overview of 10 best practices for AWS Identity and Access Management (IAM). It discusses creating individual users and managing permissions with groups. It also covers granting least privilege, configuring strong password policies, enabling multi-factor authentication for privileged users, using IAM roles for EC2 instances and sharing access. Additional best practices include rotating security credentials regularly, restricting access with conditions, and reducing reliance on root users. The document is copyrighted material from Amazon.
AWS re:Invent 2016: Proactive Security Testing in AWS: From Early Implementat...Amazon Web Services
Attend this session to learn about security testing your applications in AWS. Effective security testing is challenging, but multiple features and services within AWS make security testing easier. This session covers common approaches to testing, including how we think about testing within AWS, how to apply AWS services to your test setup, remediating findings, and automation.
AWS re:Invent 2016: Continuous Compliance in the AWS Cloud for Regulated Life...Amazon Web Services
This document discusses continuous compliance for regulated life sciences applications in AWS. It provides an overview of continuous compliance in life sciences, architectural considerations for continuous compliance in AWS, and tools that can help with compliance like CloudTrail, CloudWatch, and Config. It then discusses Merck's journey to continuous compliance, including how they achieved historical auditability, monitoring, control over API permissions, and automated validation of their environments. Their approach leveraged many native AWS services with minimal development needed.
Developing a Continuous Automated Approach to Cloud SecurityAmazon Web Services
Many organizations struggle daily with the question - "Where do we stand with our AWS security practices?" With the recent release of the Center for Internet Security's CIS AWS Foundations Benchmark, organizations now have an industry-accepted set of security configuration best practices. These benchmarks, in combination with 3rd party security solutions that support them, can form the foundation for security operations at organizations of all sizes through continuous monitoring and auditing.
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAmazon Web Services
This document discusses how to automate compliance when using AWS cloud services. It recommends five steps: 1) Partner cloud technology and security experts; 2) Integrate industry standards and regulatory requirements; 3) Create a master design that meets requirements; 4) Enforce deployment according to the design; and 5) Mechanize scalable governance and auditing programs. Following best practices like leveraging CIS benchmarks, creating a "golden environment" configuration, and using AWS Service Catalog can help automate controls and achieve continuous compliance defense in the cloud.
AWS re:Invent 2016: Embracing DevSecOps while Improving Compliance and Securi...Amazon Web Services
This session will demonstrate how to embrace DevSecOps to improve your security and compliance agility and posture within the highly regulated HIPAA environment. We will cover compliance frameworks, data decoupling strategies to fully utilize AWS, and best practices learned from the industry most active cloud adopters.
Evident.io is a company that provides the Evident Security Platform (ESP) to help customers proactively manage security and compliance for their Amazon Web Services (AWS) infrastructure. ESP provides continuous monitoring, risk analysis, guided incident response, and helps customers continuously enforce security policies across all AWS accounts, services, and regions. It automates security tasks that would otherwise be too slow and manual for many organizations. ESP deployed quickly without needing agents or proxies, and gives customers a single view of their entire AWS security posture. Customers said ESP provided critical insights into their AWS security risks and vulnerabilities in near real-time.
Jobvite: A Holistic Approach to SecurityTheodore Kim
AWS Loft presentation on 04/28/16.
You’ve configured host and network based ACLs, enabled CloudTrail logging, encrypted all data at rest (EBS & S3), secured your AMIs, regularly patch EC2 instances, and locked down IAM roles. But are you secure? How do you know if/when a security incident has occurred, detect unauthorized access to data, identify vulnerabilities in your application, block online attacks in real-time, or certify your application as truly secure?
Theodore Kim, VP of Technical Operations at Jobvite, and his team will present a holistic approach to securing your application environment hosted in AWS. Topics will include:
- Do I need an Intrusion Detection/Prevention (IDS/IPS) System?
- How to detect and block network/application intrusion attempts in real time.
- Log file parsing/alerting via Security Information & Event Management (SIEM) systems to identify anomalous system activity.
- An overview of penetration/vulnerability testing services.
- Auditing your environment to identify security vulnerabilities and support compliance efforts.
- How to incorporate security vulnerability scanning into the build and release process.
1. The document discusses how security is changing with new technologies like cloud computing, DevOps, and agile development. Traditional security practices are no longer effective.
2. It advocates migrating security left in the development process so it is designed into applications from the beginning. This allows for a faster security feedback loop.
3. Security needs to be automated and tested using tools and data platforms. Monitoring and inspecting everything is important for the new dynamic environments. Security decisions and controls are also changing to adapt to these new realities.
Developing a Rugged DevOps Approach to Cloud SecurityTechWell
This document summarizes a presentation by Tim Prendergast of Evident.io on developing a rugged DevOps approach to cloud security. It discusses how attackers have advantages over defenders due to their ability to automate attacks. It argues that in order to match attackers, security practices need to be automated and integrated into DevOps workflows through a DevSecOps model. This involves embracing principles like treating security as code, testing security at all stages of development, and ensuring security practices are collaborative rather than siloed. The goal is to minimize the time window attackers have to exploit vulnerabilities before they are detected and remediated.
Putting Cloud Controls to Work!
Threats are evolving, becoming increasingly sophisticated and more numerous as cloud adoption by enterprise is surging. Traditional approaches to securing IT systems have expanded to include new requirements of cloud computing. This webinar outlines how to successfully harden your AWS infrastructure with IAM best practices.
This deck covers:
1) Getting started with the basics
2) How organizations balance the 'need to grant access' with the requirement to secure and protect the business
3) Best practices for managing third-party identities and access control
DevSecOps is propelling forward-thinking organizations by doing something simple – fostering collaboration of seemingly contradictory teams to align their disparate goals into a singular effort.
The document discusses NN Group's approach to security and compliance in the cloud. It outlines key steps taken, including performing a risk assessment, defining compliance and security principles, and implementing a framework for cloud risk control. The roles and responsibilities of NN's AWS team are also discussed. The team aims to provide a compliant AWS platform and base builds that are securely configured, integrated with NN's security tools, and easy for internal customers to use. Technical approaches for platform compliance, base image compliance, security event monitoring, and change control are described.
Justin Fox from NuData Security, A Mastercard Company presents at the Canadian Executive Cloud & DevOps Summit in Toronto, June 9, 2017 on the topic "Security your DevOps Pipeline".
Interact Differently: Get More From Your Tools Through Exposed APIsKevin Fealey
This document summarizes a presentation about automating application security tools and customizing their outputs. It discusses automating simple tests that tools can detect quickly and accurately. It also discusses customizing dashboards and reports to track desired metrics and see results from different tools in one place. The presentation encourages attendees to integrate tools through their APIs and code their own plugins and parsers to solve problems with their workflows.
Hard Lessons Learned from defending Adobe Creative Cloud on AWS! Insight into implementing a solid Security Architecture based on a mutual conversation between DevOps and SecOps!
Security Alert - Expert Uncovers the "Dirty Little Secret" of IBM i SecurityHelpSystems
1) An expert uncovered the "dirty little secret" of IBM i security - that while the operating system has strong security features, they are often not implemented or configured properly, leaving systems vulnerable.
2) A study of anonymous IBM i audit data found that security controls like passwords, privileged user management, and exit point monitoring are often not configured securely, showing that improvement is still needed industry-wide.
3) Businesses are encouraged to take action to secure their IBM i systems rather than doing nothing, including controlling privileged users, limiting broad authorities, and monitoring security features.
Achieving Visible Security at Scale with the NIST Cybersecurity FrameworkKevin Fealey
In 2011, Marc Andreessen said "software is eating the world." Today, that statement is truer than ever. Businesses in every industry - from retail, to energy, to financial - are essentially software companies, with millions of lines of custom source code being written and managed in-house. Additionally, advances in the Software Development Life Cycle (SDLC) and the emergence of DevOps have allowed some organizations to deploy new code from development to production dozens of time each day. Traditional approaches to securing such large quantities of code, especially at the speed of current development, have proven to be ineffective, as is evident by recent public data breaches of both public and private sector organizations; as well as the resulting legislation, like Presidential Executive Order (EO) 13636, Improving Critical Infrastructure Cybersecurity. The only way for cybersecurity teams to keep up with their development counterparts is to automate, but where should they start?
The NIST Cybersecurity Framework provides guidance for organizations interested in establishing or improving a cybersecurity program. Today, a security automation plan is a crucial aspect of any cybersecurity program.
This talk will describe how the NIST Cybersecurity Framework can be used to establish and implement a plan for integrating security-automation activities into any security program. We'll describe the latest trends in security-automation and DevOps, including how to automatically identify security-best practices being followed, and anti-patterns that indicate a potential risk. Attendees will learn how to consolidate this data in a centralized dashboard of their choosing, and how such information can be automatically distributed to stakeholders throughout their organization.
In the coming years, with the growth of Internet of Things (IoT) and Cloud, organizations will become more and more reliant on custom software. Cybersecurity teams who fail to begin automating soon will only continue to fall further behind and put their organizations at greater risk. The NIST Cybersecurity Framework provides the foundation for such teams to establish their roadmap to security, and this talk will build on that foundation to highlight some potential paths.
Automating Your Tools: How to Free Up Your Security Professionals for Actual ...Kevin Fealey
Kevin Fealey of Aspect Security will present on automating application security tools to free up security professionals for more important tasks. He will discuss how integrating both open source and commercial security tools into the software development lifecycle as automated "sensors" can provide continuous visibility and real-time intelligence. By automating simple security checks, teams can focus on real security challenges rather than low-hanging fruit. Examples and lessons learned will be shared. The presentation aims to bridge the gap between how development has adopted DevOps practices while security still relies on outdated paradigms.
Proven Practices for Office 365 Deployment, Security and ManagementPerficient, Inc.
This document discusses best practices for deploying Office 365. It recommends identifying a pilot group and considering workloads like OneDrive for Business or Office 365 ProPlus to get started. It warns against common mistakes like excluding important groups from planning or lack of understanding of product functionality. The document also discusses identity and authentication as first steps, specifically leveraging existing directories to reduce management overhead and providing single sign-on without new passwords. It highlights Centrify Identity Service as a solution that simplifies and secures Office 365 deployment through automated provisioning, mobile management, multifactor authentication policies and support for thousands of applications through single sign-on.
From an Experience of Vulnerability ReportingKaoru Maeda
An experience of vulnerability reporting when Lepidum found OpenSSL's bug "CCS Injection Vulnerability".
Presented in the Rump Session, SSR 2015, Tokyo.
http://ssr2015.com/
1. MITRE ATT&CK provides a taxonomy of techniques used by cyber adversaries to help organizations understand the threats they face, improve detection, and increase response capabilities.
2. The presenters demonstrated how ATT&CK can be used to focus logging efforts, build a balanced security monitoring program, and evaluate new security tools based on their coverage of real-world attack techniques.
3. Tracking security program maturity against the ATT&CK framework over time can help reduce gaps, ensure priorities remain risk-based, and demonstrate progress to stakeholders.
Security & Compliance in the cloud - Pop-up Loft Tel AvivAmazon Web Services
This document discusses security and compliance in the cloud using Amazon Web Services (AWS). It begins by presenting certifications that AWS has obtained, including ISO 27001, ISO 27018 for protection of personally identifiable information, and ISO 27017 for cloud service provider codes of conduct. It then discusses how the shared responsibility model in the cloud shifts responsibility for security of the cloud to AWS and security in the cloud to the customer. The document outlines several AWS security tools and features that can help customers achieve security and compliance, such as AWS Trusted Advisor, AWS Config, Amazon Inspector, and AWS WAF. It emphasizes that AWS offers rich security capabilities and that customers can prepare for, prevent, detect, and respond to security issues in the
This document discusses security teams and technology in a cloud world. It notes that security is now everyone's responsibility rather than isolated to one team. Modern security requires new skills from specialists like basic coding knowledge and a user-focused perspective. The document advocates distributing security specialists throughout teams rather than keeping them isolated. It also presents opportunities that cloud infrastructure provides for faster deployment times and continuous monitoring through automation and aggregation of security data.
SecureSet WarGames - Logging and Packet Capture TrainingGreg Foss
This document contains a presentation on logging and packet capture techniques for cybersecurity. It begins with introductions and an overview of why logging and packet capture are important for incident response and investigations. It then covers topics like log formats, locations, and management; actively detecting attacks using log data; introduction to packet capture and analyzing network traffic; and a packet capture challenge. The presentation emphasizes that logs and network data are critical sources of evidence for understanding what happens in a system or network.
"Running enterprise workloads with sensitive data in AWS is hard and requires an in-depth understanding about software-defined security risks. At re:Invent 2014, Intuit and AWS presented ""Enterprise Cloud Security via DevSecOps"" to help the community understand how to embrace AWS features and a software-defined security model. Since then, we've learned quite a bit more about running sensitive workloads in AWS.
We've evaluated new security features, worked with vendors, and generally explored how to develop security-as-code skills. Come join Intuit and AWS to learn about second-year lessons and see how DevSecOps is evolving. We've built skills in security engineering, compliance operations, security science, and security operations to secure AWS-hosted applications. We will share stories and insights about DevSecOps experiments, and show you how to crawl, walk, and then run into the world of DevSecOps."
Similar to Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-up Loft (20)
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
AI 101: An Introduction to the Basics and Impact of Artificial IntelligenceIndexBug
Imagine a world where machines not only perform tasks but also learn, adapt, and make decisions. This is the promise of Artificial Intelligence (AI), a technology that's not just enhancing our lives but revolutionizing entire industries.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
HCL Notes und Domino Lizenzkostenreduzierung in der Welt von DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-und-domino-lizenzkostenreduzierung-in-der-welt-von-dlau/
DLAU und die Lizenzen nach dem CCB- und CCX-Modell sind für viele in der HCL-Community seit letztem Jahr ein heißes Thema. Als Notes- oder Domino-Kunde haben Sie vielleicht mit unerwartet hohen Benutzerzahlen und Lizenzgebühren zu kämpfen. Sie fragen sich vielleicht, wie diese neue Art der Lizenzierung funktioniert und welchen Nutzen sie Ihnen bringt. Vor allem wollen Sie sicherlich Ihr Budget einhalten und Kosten sparen, wo immer möglich. Das verstehen wir und wir möchten Ihnen dabei helfen!
Wir erklären Ihnen, wie Sie häufige Konfigurationsprobleme lösen können, die dazu führen können, dass mehr Benutzer gezählt werden als nötig, und wie Sie überflüssige oder ungenutzte Konten identifizieren und entfernen können, um Geld zu sparen. Es gibt auch einige Ansätze, die zu unnötigen Ausgaben führen können, z. B. wenn ein Personendokument anstelle eines Mail-Ins für geteilte Mailboxen verwendet wird. Wir zeigen Ihnen solche Fälle und deren Lösungen. Und natürlich erklären wir Ihnen das neue Lizenzmodell.
Nehmen Sie an diesem Webinar teil, bei dem HCL-Ambassador Marc Thomas und Gastredner Franz Walder Ihnen diese neue Welt näherbringen. Es vermittelt Ihnen die Tools und das Know-how, um den Überblick zu bewahren. Sie werden in der Lage sein, Ihre Kosten durch eine optimierte Domino-Konfiguration zu reduzieren und auch in Zukunft gering zu halten.
Diese Themen werden behandelt
- Reduzierung der Lizenzkosten durch Auffinden und Beheben von Fehlkonfigurationen und überflüssigen Konten
- Wie funktionieren CCB- und CCX-Lizenzen wirklich?
- Verstehen des DLAU-Tools und wie man es am besten nutzt
- Tipps für häufige Problembereiche, wie z. B. Team-Postfächer, Funktions-/Testbenutzer usw.
- Praxisbeispiele und Best Practices zum sofortigen Umsetzen