In this session, we share best practices and easily-leveraged solutions for enacting autonomous systems in the face of subversion. From gag orders to warrantless searches and seizures, learn about specific tactics to protect and exercise data privacy, both for partners and customers.
AWS re:Invent 2016: Advanced Techniques for Managing Sensitive Data in the Cl...Amazon Web Services
In this session, we discuss compliance programs at AWS, as well as key AWS security best practices for technology and consulting partners. Regardless of whether you have customers with stringent compliance requirements, security should be a top priority when thinking about your customer service model. AWS provides native security tools at all layers with such services AWS Identity and Access Management (IAM) and AWS Key Management Service (AWS KMS), which we dive deep into during this session. We provide a framework for using IAM roles and customer-managed encryption keys to securely interact with your customer's data and also showcase working example code that can be implemented across all compliance frameworks, as well as across applications that do not have specific compliance requirements.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013Amazon Web Services
This session will discuss the options available for encrypting data at rest and key management in AWS. It will focus on two primary scenarios: (1) AWS manages encryption keys on behalf of the customer to provide automated server-side encryption; (2) the customer manages their own encryption keys using partner solutions and/or AWS CloudHSM. Real-world customer examples will be presented to demonstrate adoption drivers of specific encryption technologies in AWS. Netflix Jason Chan will provide an overview of how NetFlix uses CloudHSM for secure key storage.
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
"You’ve made the move to AWS and are now reaping the benefits of decreased costs and increased business agility. How can you reap those same benefits for your cloud security and compliance operations? As building cloud-native applications requires different skill sets, architectures, integrations, and processes, implementing effective, scalable, and robust security for the cloud requires rethinking everything from your security tools to your team culture.
Attend this session to learn how to start down the path toward security and compliance automation and hear how DevSecOps leaders such as Intuit and Capital One are using AWS, DevOps, and automation to transform their security operations.
Session sponsored by evident.io"
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS re:Invent 2016: Advanced Techniques for Managing Sensitive Data in the Cl...Amazon Web Services
In this session, we discuss compliance programs at AWS, as well as key AWS security best practices for technology and consulting partners. Regardless of whether you have customers with stringent compliance requirements, security should be a top priority when thinking about your customer service model. AWS provides native security tools at all layers with such services AWS Identity and Access Management (IAM) and AWS Key Management Service (AWS KMS), which we dive deep into during this session. We provide a framework for using IAM roles and customer-managed encryption keys to securely interact with your customer's data and also showcase working example code that can be implemented across all compliance frameworks, as well as across applications that do not have specific compliance requirements.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013Amazon Web Services
This session will discuss the options available for encrypting data at rest and key management in AWS. It will focus on two primary scenarios: (1) AWS manages encryption keys on behalf of the customer to provide automated server-side encryption; (2) the customer manages their own encryption keys using partner solutions and/or AWS CloudHSM. Real-world customer examples will be presented to demonstrate adoption drivers of specific encryption technologies in AWS. Netflix Jason Chan will provide an overview of how NetFlix uses CloudHSM for secure key storage.
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
"You’ve made the move to AWS and are now reaping the benefits of decreased costs and increased business agility. How can you reap those same benefits for your cloud security and compliance operations? As building cloud-native applications requires different skill sets, architectures, integrations, and processes, implementing effective, scalable, and robust security for the cloud requires rethinking everything from your security tools to your team culture.
Attend this session to learn how to start down the path toward security and compliance automation and hear how DevSecOps leaders such as Intuit and Capital One are using AWS, DevOps, and automation to transform their security operations.
Session sponsored by evident.io"
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss Key Management Service, S3, access controls, and database platform security features.
(SEC301) Strategies for Protecting Data Using Encryption in AWSAmazon Web Services
Protecting sensitive data in the cloud typically requires encryption. Managing the keys used for encryption can be challenging as your sensitive data passes between services and applications. AWS offers several options for using encryption and managing keys to help simplify the protection of your data at rest. This session will help you understand which features are available and how to use them, with emphasis on AWS Key Management Service and AWS CloudHSM. Adobe Systems Incorporated will present their experience using AWS encryption services to solve data security needs.
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.). This will include operational reporting through the use of AWS services (e.g. Config/Config Rules, CloudTrail, Inspector, etc.) as well as partner integration capabilities with partner solutions such as Splunk and Allgress for real-time governance, risk, and compliance reporting. Key takeaways from this session include: learning AWS Security best practices and automation capabilities for securing your environment, Automation accelerators for configuration, compliance, and audit reporting using CloudFormation, Config/Config Rules, CloudTrail, Inspector, etc., and ISV integration for real-time notification and reporting for security, compliance, and auditing in the cloud.
This session introduces Lambda@Edge, a new AWS Lambda feature that allows developers to perform simple computations at AWS edge locations in response to CloudFront events. This will be of interest to developers who want to build low-latency, customized web experiences. We cover product functionality and details of the programming model, and we walk through potential use cases.
The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help security professionals thwart cyber security incidents. Within this list of strategies, eight have been identified as essential for government agencies to implement as a security baseline starting point. This session offers customers practical guidance for meeting the ASD Essential Eight using AWS services to help them achieve compliance goals faster and more cost effectively.
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...Amazon Web Services
In this workshop, we help you understand how you can help protect your web applications from threats cost effectively by using AWS WAF and Amazon CloudFront. As attacks and attempts to exploit vulnerabilities in web applications become more sophisticated and automated, having an effective web request filtering solution becomes key to keeping your users' data safe. We will cover common attack vectors and what you can do to mitigate them. You will learn how to leverage AWS WAF in conjunction with Amazon CloudFront to detect unwanted traffic and block it using simple configurations and automations.
Prerequisites:
Participants should have an AWS account established and available for use during the workshop.
Please bring your own laptop.
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish. In this session, we'll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
CloudHSM: Secure, Scalable Key Storage in AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Educate customers in the types of problems CloudHSM solves for them
- Build customer trust in the ability of CloudHSM to secure their workloads and data
- Energize customers to try out the service and use it to transfer and/or modernize workloads in AWS
Secure Content Delivery Using Amazon CloudFront and AWS WAFAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things Amazon CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. You will also learn how you can use AWS Web Application Firewall (AWS WAF) with CloudFront to protect your site. Finally, we will share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting an A+ on SSL labs.
AWS provides several security capabilities and services to increase privacy and control infrastructure access. Built-in firewalls allow you to create private networks within AWS, and also control network access to your instances and subnets. Identity and access management capabilities enable you to define individual user accounts with permissions across AWS resources. AWS also provides tools and features that enable you to see exactly what’s happening in your AWS environment. In this session, you will gain an understanding of preventive and detective controls at the infrastructure level on AWS. We will cover Identity and Access Management as well as the security aspects of Amazon EC2, Virtual Private Cloud (VPC), Elastic Load Balancing (ELB), and CloudTrail.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS provides a range of Compute Services – Amazon EC2, Amazon ECS and AWS Lambda. We will provide an intro level overview of these services and highlight suitable use cases. Amazon Elastic Compute Cloud (Amazon EC2) itself provides a broad selection of instance types to accommodate a diverse mix of workloads. Going a bit deeper on EC2 we will provide background on the Amazon EC2 instance platform, key platform features, and the concept of instance generations. We dive into the current-generation design choices of the different instance families, including the General Purpose, Compute Optimized, Storage Optimized, Memory Optimized, and GPU instance families. We also detail best practices and share performance tips for getting the most out of your Amazon EC2 instances, both from a performance and cost perspective.
Migrating from the data center to the cloud requires users to rethink much of what they do to secure their applications. CloudCheckr CTO Aaron Newman will highlight effective strategies and tools that AWS users can employ to improve their security posture. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, users need to adapt their security architecture to face both compliance and security threats. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
Security is a top priority to both AWS and its customers and many enterprises trust us with some of their most sensitive information, including financial, personal and health information. Learn about the key security features of AWS that these enterprise customers are using to build their own secure applications and secure and encrypt their content. We will also share how you can integrate AWS into your existing security policies and how partners like Trend Micro can help you extend this into the AWS Cloud.
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. This session will show you how to use Lambda functions to automate event response and integrate with your security operations tools. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as Amazon Virtual Private Cloud, Amazon Web Application Firewall, Amazon Shield, and more. You will also learn how to monitor and gain deep visibility into your AWS environment by using highly-scaled solutions such as AWS CloudTrail and AWS CloudWatch.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS re:Invent 2016: Get the Most from AWS KMS: Architecting Applications for ...Amazon Web Services
AWS Key Management Service provides an easy and cost-effective way to secure your data in AWS. In this session, you learn about leveraging the latest features of the service to minimize risk for your data. We also review the recently released Import Key feature that gives you more control over the encryption process by letting you bring your own keys to AWS.
AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...Amazon Web Services
Join Broadspectrum as they share how they achieve their business goals using a cloud-first IT strategy and AWS for "as a Service" deployments. To support new customer projects, Broadspectrum frequently needs to set up new sites or offices. This often requires setting up infrastructure for a specific site for only the duration of the project. Learn how Broadspectrum leverages AWS and Wipro's Boundary Less Data Center Solution to enable on-demand provisioning of "site-in-a-box." Gard Little, analyst from IDC, Stephen Orban, AWS Head of Enterprise Strategy, and Ramesh Nagarajan, SVP of Integrated Services at Wipro, join the discussion. Session sponsored by Wipro.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss Key Management Service, S3, access controls, and database platform security features.
(SEC301) Strategies for Protecting Data Using Encryption in AWSAmazon Web Services
Protecting sensitive data in the cloud typically requires encryption. Managing the keys used for encryption can be challenging as your sensitive data passes between services and applications. AWS offers several options for using encryption and managing keys to help simplify the protection of your data at rest. This session will help you understand which features are available and how to use them, with emphasis on AWS Key Management Service and AWS CloudHSM. Adobe Systems Incorporated will present their experience using AWS encryption services to solve data security needs.
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.). This will include operational reporting through the use of AWS services (e.g. Config/Config Rules, CloudTrail, Inspector, etc.) as well as partner integration capabilities with partner solutions such as Splunk and Allgress for real-time governance, risk, and compliance reporting. Key takeaways from this session include: learning AWS Security best practices and automation capabilities for securing your environment, Automation accelerators for configuration, compliance, and audit reporting using CloudFormation, Config/Config Rules, CloudTrail, Inspector, etc., and ISV integration for real-time notification and reporting for security, compliance, and auditing in the cloud.
This session introduces Lambda@Edge, a new AWS Lambda feature that allows developers to perform simple computations at AWS edge locations in response to CloudFront events. This will be of interest to developers who want to build low-latency, customized web experiences. We cover product functionality and details of the programming model, and we walk through potential use cases.
The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help security professionals thwart cyber security incidents. Within this list of strategies, eight have been identified as essential for government agencies to implement as a security baseline starting point. This session offers customers practical guidance for meeting the ASD Essential Eight using AWS services to help them achieve compliance goals faster and more cost effectively.
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...Amazon Web Services
In this workshop, we help you understand how you can help protect your web applications from threats cost effectively by using AWS WAF and Amazon CloudFront. As attacks and attempts to exploit vulnerabilities in web applications become more sophisticated and automated, having an effective web request filtering solution becomes key to keeping your users' data safe. We will cover common attack vectors and what you can do to mitigate them. You will learn how to leverage AWS WAF in conjunction with Amazon CloudFront to detect unwanted traffic and block it using simple configurations and automations.
Prerequisites:
Participants should have an AWS account established and available for use during the workshop.
Please bring your own laptop.
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish. In this session, we'll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
CloudHSM: Secure, Scalable Key Storage in AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Educate customers in the types of problems CloudHSM solves for them
- Build customer trust in the ability of CloudHSM to secure their workloads and data
- Energize customers to try out the service and use it to transfer and/or modernize workloads in AWS
Secure Content Delivery Using Amazon CloudFront and AWS WAFAmazon Web Services
Whether you are building an e-commerce site or a business application, security is a key consideration when architecting your website or application. In this session, you will learn more about some of the things Amazon CloudFront does behind the scenes to protect the delivery of your content such as OCSP Stapling and Perfect Forward Secrecy. You will also learn how you can use AWS Web Application Firewall (AWS WAF) with CloudFront to protect your site. Finally, we will share best practices on how you can use CloudFront to securely deliver content end-to-end, control who accesses your content, how to shield your origins from the Internet, and getting an A+ on SSL labs.
AWS provides several security capabilities and services to increase privacy and control infrastructure access. Built-in firewalls allow you to create private networks within AWS, and also control network access to your instances and subnets. Identity and access management capabilities enable you to define individual user accounts with permissions across AWS resources. AWS also provides tools and features that enable you to see exactly what’s happening in your AWS environment. In this session, you will gain an understanding of preventive and detective controls at the infrastructure level on AWS. We will cover Identity and Access Management as well as the security aspects of Amazon EC2, Virtual Private Cloud (VPC), Elastic Load Balancing (ELB), and CloudTrail.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS provides a range of Compute Services – Amazon EC2, Amazon ECS and AWS Lambda. We will provide an intro level overview of these services and highlight suitable use cases. Amazon Elastic Compute Cloud (Amazon EC2) itself provides a broad selection of instance types to accommodate a diverse mix of workloads. Going a bit deeper on EC2 we will provide background on the Amazon EC2 instance platform, key platform features, and the concept of instance generations. We dive into the current-generation design choices of the different instance families, including the General Purpose, Compute Optimized, Storage Optimized, Memory Optimized, and GPU instance families. We also detail best practices and share performance tips for getting the most out of your Amazon EC2 instances, both from a performance and cost perspective.
Migrating from the data center to the cloud requires users to rethink much of what they do to secure their applications. CloudCheckr CTO Aaron Newman will highlight effective strategies and tools that AWS users can employ to improve their security posture. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, users need to adapt their security architecture to face both compliance and security threats. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
Security is a top priority to both AWS and its customers and many enterprises trust us with some of their most sensitive information, including financial, personal and health information. Learn about the key security features of AWS that these enterprise customers are using to build their own secure applications and secure and encrypt their content. We will also share how you can integrate AWS into your existing security policies and how partners like Trend Micro can help you extend this into the AWS Cloud.
SEC304 Advanced Techniques for DDoS Mitigation and Web Application DefenseAmazon Web Services
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. This session will show you how to use Lambda functions to automate event response and integrate with your security operations tools. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as Amazon Virtual Private Cloud, Amazon Web Application Firewall, Amazon Shield, and more. You will also learn how to monitor and gain deep visibility into your AWS environment by using highly-scaled solutions such as AWS CloudTrail and AWS CloudWatch.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS re:Invent 2016: Get the Most from AWS KMS: Architecting Applications for ...Amazon Web Services
AWS Key Management Service provides an easy and cost-effective way to secure your data in AWS. In this session, you learn about leveraging the latest features of the service to minimize risk for your data. We also review the recently released Import Key feature that gives you more control over the encryption process by letting you bring your own keys to AWS.
AWS re:Invent 2016: Enterprise IT as a Service: Empowering the Digital Experi...Amazon Web Services
Join Broadspectrum as they share how they achieve their business goals using a cloud-first IT strategy and AWS for "as a Service" deployments. To support new customer projects, Broadspectrum frequently needs to set up new sites or offices. This often requires setting up infrastructure for a specific site for only the duration of the project. Learn how Broadspectrum leverages AWS and Wipro's Boundary Less Data Center Solution to enable on-demand provisioning of "site-in-a-box." Gard Little, analyst from IDC, Stephen Orban, AWS Head of Enterprise Strategy, and Ramesh Nagarajan, SVP of Integrated Services at Wipro, join the discussion. Session sponsored by Wipro.
Sensitive customer data needs to be protected throughout AWS. This session discusses the options available for encrypting data at rest in AWS. It focuses on several scenarios, including transparent AWS management of encryption keys on behalf of the customer to provide automated server-side encryption and customer key management using partner solutions or AWS CloudHSM. This session is helpful for anyone interested in protecting data stored in AWS.
Any data loss event reinforces the importance of thorough Disaster Recovery (DR) and Business Continuity (BC) planning to rapidly recover from data loss events. Scrupulous DR & BC planning can be the key to staying operational and maintaining key citizen services and support following a data loss event.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
The Video Sales Letter Formula
Video sales letters are everywhere and for good reason... they work!
Here’s why… video sales letters are:
1) Perceived as content
2) Still a novelty in most markets
3) Easy and fast to create (you don’t have to be an expert copywriter or a technical wizard to set one of these up)
But most importantly… video sales letters work because YOU control the sales process... traditional print sales letters allow the reader to scroll down to look at the price or skim the text... good video sales letters give no control to the viewer.
Here are the 3 elements of a video sales letter…
1.) The Headline
2.) The Video Sales Letter
3.) The Buy Button
In addition, there are a few guidelines WE recommend you follow…
Video Sales Letter Length – 12 – 24 minutes has been the sweet spot in our testing.
Ditch the Controls – This may go against usability studies but don’t allow people to pause, fast-forward or rewind the video sales letter.
Auto-Play – This is another usability no-no but I’ve never had a click-to-play video outperform an auto-play video sales letter. Set your video sales letter to auto-play.
For more information check out our Video Sales Letter Training at
http://www.videosalesletterformula.com/
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
AWS re:Invent 2016: Automating and Scaling Infrastructure Administration with...Amazon Web Services
In this session, we’ll show how customers can use management tools to standardize the creation of AWS resources and then govern these resources through the lifecycle. By using AWS CloudFormation and AWS Service Catalog to provision resources at scale, AWS Config to audit any changes to the configuration of these resources, Amazon CloudWatch to monitor the health of these resources, and AWS CloudTrail to audit who or what made API calls to these resources, customers can automate and scale the administration of their infrastructure on AWS. They can even go one step further and automate compliance checking and remediation by using AWS Config rules and Amazon CloudWatch Events. We will demo how this is possible by looking at some common use cases.
Protecting a small number of VPCs with a next-generation firewall is relatively easy, but what happens when you have hundreds of VPCs and regularly add more as business groups or new apps come on-line? How can you maintain a prevention architecture without slowing the business? One concept is to build a services VPC that protects your existing and new VPCs. This deep dive session will discuss how to integrate next-generation firewalls in a services VPC with the Palo Alto Networks VM-Series in AWS. Topics will include architectural design considerations, routing recommendations, and dynamic fail-over. Session sponsored by Palo Alto Networks.
Getting Started with the Hybrid Cloud: Enterprise Backup and RecoveryAmazon Web Services
This sessions is for architects and storage admins seeking simple and non-disruptive ways to adopt cloud platforms in their organizations. You will learn how to deliver lower costs and greater scale with nearly seamless integration into your existing B&R processes. Services mentioned: S3, Glacier, Snowball, 3rd party partners, storage gateway, and ingestion services.
Getting Started with the Hybrid Cloud: Enterprise Backup and RecoveryAmazon Web Services
This sessions is for architects and storage admins seeking simple and non-disruptive ways to adopt cloud platforms in their organizations. You will learn how to deliver lower costs and greater scale with nearly seamless integration into your existing B&R processes. Services mentioned: S3, Glacier, Snowball, 3rd party partners, storage gateway, and ingestion services.
Migrating from the data center to the cloud requires users to rethink much of what they do to secure their applications. CloudCheckr COO Aaron Klein will highlight effective strategies and tools that AWS users can employ to improve their security posture. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, users need to adapt their security architecture to face both compliance and security threats. Specific emphasis will be placed upon leveraging native AWS services and the talk will include concrete steps that users can begin employing immediately. Session sponsored by CloudCheckr.
From the Amazon Web Services Singapore Summit 2015 Track 1 Breakout, 'Grow Your SMB Infrastructure on the AWS Cloud' Presented by Mark Statham
Senior Solutions Architect, ASEAN, Amazon Web Services and Head of Solutions Architect, ASEAN, Amazon Web Services
Come learn about new and existing Amazon S3 features that can help you better protect your data, save on cost, and improve usability, security, and performance. We will cover a wide variety of Amazon S3 features and go into depth on several newer features with configuration and code snippets, so you can apply the learnings on your object storage workloads.
Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS Amazon Web Services
In this session we’ll dive deeper into how you can test mobile applications on real devices, using AWS Device Farm, how to get business insights wirh AWS Mobile Analytics and Amazon Redshift, and keep your customers engaged using Amazon SNS Mobile Push and the new Worldwide Delivery of Amazon SNS Messages via SMS.
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAmazon Web Services
How do you protect your private information and customer PII in the cloud when you don’t control all the hardware or software components that might access that information? AWS allows you to offload many management and data-handling tasks, but how do you evaluate the risks to your data as it passes through these services? AWS offers many options for using encryption to protect your data in transit and at rest. A variety of features let you determine how much control you want over your encryption keys in order to meet your security goals. This webinar will help you understand which AWS encryption features are available, when to use them, and how to integrate them in your workloads. In this webinar, you will learn:
• Learn how to think about using encryption to protect your private information in the cloud • Learn how to evaluate key management architectures to determine whether they meet your needs • Learn how to use AWS encryption features to accomplish your data security goals
Who Should Attend: • Developers, DevOps Engineers, and IT Security Administrators
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAmazon Web Services
How do you protect your private information and customer PII in the cloud when you don’t control all the hardware or software components that might access that information? AWS allows you to offload many management and data-handling tasks, but how do you evaluate the risks to your data as it passes through these services? AWS offers many options for using encryption to protect your data in transit and at rest. A variety of features let you determine how much control you want over your encryption keys in order to meet your security goals. This webinar will help you understand which AWS encryption features are available, when to use them, and how to integrate them in your workloads. In this webinar, you will learn:
• Learn how to think about using encryption to protect your private information in the cloud • Learn how to evaluate key management architectures to determine whether they meet your needs • Learn how to use AWS encryption features to accomplish your data security goals.
Who Should Attend: • Developers, DevOps Engineers, and IT Security Administrators
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss Key Management Service, S3, access controls, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Sensitive customer data needs to be protected throughout AWS. This session discusses the options available for encrypting data at rest in AWS. It focuses on several scenarios, including transparent AWS management of encryption keys on behalf of the customer to provide automated server-side encryption and customer key management using partner solutions or AWS CloudHSM. This session is helpful for anyone interested in protecting data stored in AWS.
Sensitive customer data needs to be protected throughout AWS. This session discusses the options available for encrypting data at rest in AWS. It focuses on several scenarios, including transparent AWS management of encryption keys on behalf of the customer to provide automated server-side encryption and customer key management using partner solutions or AWS CloudHSM. This session is helpful for anyone interested in protecting data stored in AWS.
With a minimum security baseline in place, you can host data—which means data protection is required. In this session, we discuss defining an encryption strategy and selecting native AWS tools (AWS KMS, AWS CloudHSM) or third-party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
Speaker: Nathan Case - Sr. Solutions Architect, AWS
AWS Cryptography Services – Addressing your data security and compliance need...Amazon Web Services
Applications that handle confidential or sensitive data are subject to many types of regulatory requirements. Organizations rely on HSMs and key management infrastructure to encryption keys and cryptographic operations. AWS Cryptography simplifies the process of securing data in your applications. AWS CloudHSM enables you to easily generate and use your own encryption keys using FIPS 140-2 Level 3-validated HSMs. AWS Key Management Service uses keys to protect data and manage access to keys across on-premises systems and AWS services. AWS Certificate Manager and ACM Private Certificate Authority simplify the issuance, distribution, and management of certificates used in AWS services. In this talk, we explore these services and discuss which are best suited to address your data security and compliance needs.
Quick introduction to AWS KMS. AWS KMS Use cases, Key ownership and management, data key and envelope encryption, Key access policies and permissions, key rotation approach.
(SEC301) Encryption and Key Management in AWS | AWS re:Invent 2014Amazon Web Services
Sensitive customer data needs to be protected throughout AWS. This session discusses the options available for encrypting data at rest in AWS. It focuses on several scenarios, including transparent AWS management of encryption keys on behalf of the customer to provide automated server-side encryption and customer key management using partner solutions or AWS CloudHSM. This session is helpful for anyone interested in protecting data stored in AWS.
AWS re:Invent re:Cap 행사에서 발표된 강연 자료입니다. 아마존 웹서비스의 양승도 솔루션스 아키텍트가 발표한 내용입니다. 새로 발표된 AWS의 보안 및 접근권한 관리 관련 서비스를 이용해 아키텍처를 구축하는 방법에 대해 초점이 맞춰져 있습니다.
내용 요약: AWS 클라우드의 인프라는 현존하는 클라우드 컴퓨팅 환경 중 가장 유연하고 안전하게 작동할 수 있도록 설계되어 고도의 확장성과 안정성을 지닌 플랫폼으로 기능하고 있으며, 고객들은 이를 활용해 애플리케이션과 데이터를 빠르고 안전하게 배포할 수 있습니다. 이번 세션에서는 현존하는 AWS의 보안 및 컴플라이언스 도구들 외에 이번 re:Invent에서 추가된 AWS Key Management Service, AWS Config, 그리고 AWS Service Catalog를 활용해 커스텀 키 관리 및 암호화, 리소스 사용의 가시성 확보와 감사, 표준화된 리소스 할당을 가능하게 하는 법에 대해 알아보겠습니다.
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
by Eric Rose, Sr. Security Consultant, AWS
With a minimum security baseline in place, you can host data—which means data protection is required. In this session, we discuss defining an encryption strategy and selecting native AWS tools (AWS KMS, AWS CloudHSM) or third-party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
This presentation intends to introduce users to AWS KMS service and describes couple of design patterns to implement AWS KMS services in multi-account landing zone. This presentation also covers various KMS keys and how these keys can be used for various encryption operations.
Similar to AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303) (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
2. Privacy Concerns for AWS Partners
Prevent unauthorized access to data owned…
- by the partner
- the partner’s customer
- the partner’s partners
Provide evidence of all access to data
3. Ensuring privacy using security controls
• Identity and Access Management
• Encryption at rest techniques you can apply
• Key management strategies
• Logging for audit and assurance
4. Client-side encryption at rest
• You encrypt your data before data submitted to service
• You supply encryption keys OR use keys in your AWS
account
• Requires more developer expertise
• Available AWS clients to help:
• Amazon S3, Amazon EMR File System (EMRFS), Amazon
DynamoDB, AWS Encryption SDK
• Using these clients does not give AWS employees
access to your keys or your data
5. Your
applications
in your data
center
Your key
management
infrastructure in EC2
Your encryption
client application
Your key management
infrastructure Your application
in Amazon EC2
Your encrypted data in select AWS services
Client-side encryption at rest
6. Server-side encryption at rest
• AWS encrypts data on your behalf after the data is
received by service
• Over 23 AWS services support encryption including
Amazon S3, Amazon EBS, Amazon RDS, and AWS
Lambda
• Requires less developer expertise than client-side
• Using server-side encryption does not give AWS
employees access to your keys or your data
9. Key Management Strategies
• Roll your own solution
• Store keys in a different own server/instance
• Use open source software with unique access controls
• Commercial vendors
• Dedicated appliance or virtual appliance to store keys
• AWS CloudHSM
• AWS Key Management Service
10. AWS CloudHSM
• You receive dedicated access to
HSM appliances
• HSMs located in AWS data centers
• Monitored by AWS for power and
network connectivity
• HSMs are inside your Amazon VPC
– isolated from the rest of the
network
• Uses Gemalto SafeNet Luna SA
HSM appliances
• Only you have access to your keys
and operations on the keys using
custom clients – no AWS APIs
CloudHSM
AWS administrator –
Provisions the appliance
You – Control keys and
client crypto operations
Amazon Virtual Private Cloud
11. AWS CloudHSM
Available in nine regions worldwide
• US East (N. Virginia, Ohio), US West (N. California, Oregon), EU
(Frankfurt, Ireland) and Asia Pacific (Sydney, Tokyo, Singapore)
Compliance
• Included in AWS PCI DSS and SOC-1 compliance packages
• FIPS 140-2 level 2 (maintained by Gemalto/SafeNet)
Typical use cases
• Use with Amazon RDS for Oracle TDE
• Partner ecosystem (Oracle, SQL Server, Apache, SafeNet)
• Custom applications using non-AWS SDKs
12. AWS Key Management Service (KMS)
• Managed service that simplifies creation, control,
rotation, and use of encryption keys in your applications
• Integrated with AWS server-side encryption
• Integrated with AWS client-side encryption via SDKs
• Integrated with AWS CloudTrail to provide auditable
logs of key usage for regulatory and compliance
activities
• Available in all commercial regions except China
13. Integration with AWS KMS
Two-tiered key hierarchy using
envelope encryption
• Unique data key encrypts
customer data
• AWS KMS customer
master keys (CMKs)
encrypt data keys
Customer master
keys
Data key 1
S3 object EBS volume Amazon
Redshift
cluster
Data key 2 Data key 3 Data key 4
Custom
application
AWS KMS
14. Integration with AWS KMS
Benefits
• Limits risk of compromised
data key
• Better performance for
encrypting large data
• Easier to manage small
number of CMKs than
millions of data keys
• Centralized access and
audit of key activity
Customer master
keys
Data key 1
S3 object EBS volume Amazon
Redshift
cluster
Data key 2 Data key 3 Data key 4
Custom
application
AWS KMS
15. Customer Master Keys (CMKs) in AWS KMS
Default CMKs
• Generated by AWS and unique to your account
• Usable only by users/roles in your account
• AWS manages key lifecycle, but can’t directly access key material
Custom CMKs
• Generated by AWS, but you manage lifecycle of the CMK
• You control how and when your CMKs can be used and by whom
by defining granular permissions on your keys using IAM and KMS
policies
• AWS can’t directly access key material
16. Import Key: Bring your own keys to AWS KMS
• You control how keys are generated
• You store the master copy of the key outside of AWS
• You can use imported keys with all KMS-integrated services
• You can define an optional expiration time
• You can delete and re-import the key at any time to control
when AWS can use it to encrypt/decrypt data on your behalf
• Works with standards-based key management infrastructure,
including SafeNet Gemalto and Thales e-Security
17. Import Key: Bring your own keys to AWS KMS
Import encrypted key material
under the KMS CMK key ID;
set optional expiration period
Import
Your key material
protected in KMS
Download a public
wrapping key
KMS
Download
RSA public key
Create customer master key
(CMK) container
Empty CMK container
with unique key ID
KMS
Creates
Export your key material
encrypted under the public
wrapping key Your key
management
infrastructure
Export
Your 256-bit key
material encrypted
under KMS public key
18. Workloads enabled by Import Key
• A bank customer can generate and store the master copy of their
key material in a FIPS 140-2 validated solution to satisfy their
InfoSec requirements
• A pharma customer could make keys available only during
processing of drug trial data in EMR/Amazon Redshift
• When processing is finished, expire/delete the keys so that data
stored at rest in AWS cannot be decrypted
• A government customer that needs access to data for many years
doesn’t have to trust AWS to never lose their keys
19. Audit key usage/data access with AWS CloudTrail
“eventName":“Decrypt", This KMS API was called…
“eventTime":"2016-08-18T18:13:07Z", ...at this time...
“requestParameters": {
“keyId”: “1234abcd-12ab-34cd-56ef-1234567890ab”, ...in reference to this key...
“encryptionContext":"volumeid-12345”} …to protect this resource...
“sourceIPAddress”:"42.23.141.114”, ...from this address...
“userIdentity": {
{"arn":"arn:aws:iam::111122223333:user/User123”} …by this AWS user in this
account.
• Automation: CloudWatch alarms or events on CloudTrail logs
• Reconciliation: find anomalous key usage by generating audit logs
in your application and comparing it to CloudTrail logs
20. AWS KMS assurances: Why trust AWS?
• There are no tools in place to access your physical key
material
• Your plaintext keys are never stored in nonvolatile
memory
• You control who has permissions to use your keys
• Separation of duties between systems that use master
keys and ones that use data keys
• Multiparty controls for all maintenance of KMS systems
that use your master keys
21. AWS KMS assurances: compliance
• AWS Service Organization Controls (SOC 1, SOC 2,
SOC 3)
• PCI-DSS Level 1
• ISO 27017, ISO 27018, ISO 9001
• In evaluation for FIPS 140-2 and FedRAMP
22. Comparison of key management options
KMS CloudHSM
AWS Marketplace
Partner Solutions
DIY
Where keys are
generated and stored
AWS, or Imported by
you
In AWS, on an HSM
that you control
Your network or in
EC2 instance
Your network or in
AWS
Where keys are used AWS services or your
applications
AWS or your
applications
Your network or your
EC2 instance
Your network or your
EC2 instance
How to control key use Policy you define;
enforced by AWS
Custom code +
SafeNet APIs
Vendor-specific
management
Config files, vendor-
specific management
Responsibility for
performance/scale
AWS You You You
Integration with AWS
services?
Yes Limited Limited Limited
Pricing model Per key/usage Per hour Per hour/per year Variable
23. Law enforcement requests for encrypted data
• We can’t predict what law enforcement will ask for
• We have no tools to decrypt your data or your keys
outside of the existing APIs you call that cause your data
to be decrypted
• We only consider responding to requests if the target is
our customer
• We tell law enforcement to talk to you if the target is your
customer, even if their data is hosted in our infrastructure
24. AWS do’s and don’ts you can count on
We Do…
• …challenge overly broad government subpoenas
• …advocate for modern privacy laws
• …oppose legislation that would weaken information security
• …notify customers before disclosing content information
• …offer strong encryption and key management options
• …recommend security best practices
We Do Not…
• …disclose customer information unless legally required
• …participate in government programs to capture customer data
https://aws.amazon.com/blogs/security/privacy-and-data-security/
25. Call to action
• Enable encryption at rest
• What is your key management strategy?
• Is KMS right for your customers?
• Is Import Key right for your customers?
• Does your customer need a dedicated HSM to store keys?
• Customers have customers, too (privacy preservation can be
recursive)