Part 3 of 3.
This free, one-day training will provide a step-by-step introduction to the core AWS services for compute, storage, database, and networking.
AWS technical experts will explain key features and use cases, share best practices, walk through technical demos, and be available to answer your questions one-on-one.
Who should attend?
AWSome Day is ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing and how to get started on the AWS Cloud.
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, Training and Certification
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
Join us for this hands-on workshop where you will learn about a number of AWS services you can use to identify and respond to threats in your AWS environments. Learn about the capabilities of Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub as you walk through real-world threat scenarios. For each scenario, we will review methods to detect and respond to threats both manually and automated using services like Amazon CloudWatch Events and AWS Lambda.
Module 1: AWS Introduction and History - AWSome Day Online Conference - APACAmazon Web Services
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Il cloud ibrido fa riferimento all'uso di risorse locali in aggiunta alle risorse pubbliche del cloud. Un cloud ibrido consente a un'organizzazione di migrare applicazioni e dati nel cloud, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, avvicinare le applicazioni ai clienti e creare una soluzione di backup e disaster recovery con una elevata disponibilità. In questa sessione verranno presentate le principali architetture ed i tool AWS per realizzarle.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Amazon Web Services
Security is a growing concern. Misconfigurations and inconsistent deployments provide opportunities for attackers to find vulnerabilities. This underscores the need to enforce policies as more and more production workloads move to the cloud.
In this session, discover how customers are using AWS Service Catalog as a layered defense and an in-depth mechanism to mitigate misconfigurations and variability in workload deployments. Additionally, learn how AWS Control Tower provides guardrails for policy enforcement to help customers like World Bank enforce security and manage compliance.
Speakers:
Kaushik Mohanty, Principal BD, Service Catalog and Control Tower, AWS
Durga Prasad, Manager, Solutions Architect, AWS
Building a well-engaged and secure AWS account access management - FND207-R ...Amazon Web Services
Building a well-managed and secure AWS account access management for enterprise customers and AWS partners is essential for managing a large number of AWS accounts. In this session, we review new features, best practices, and the risks involved when architecting organizational units. We also cover how to build dynamic access structures.
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
Slack stores lots of customer data, and it’s essential that it’s protected. Some customers need tight control over their keys, so Slack worked with AWS KMS to enable customers to revoke data access independently. With Slack’s Enterprise Key Management (EKM) capability, customers control master keys that unlock access to their data from KMS accounts. Using precise, granular KMS access controls, customers allow or deny access to individual channels, workspaces, or Slack channels and audit keys in AWS CloudTrail logs. This session covers KMS and how Slack used KMS to build the EKM capability. Learn how KMS can help you give your customers control over their data.
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, Training and Certification
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
Join us for this hands-on workshop where you will learn about a number of AWS services you can use to identify and respond to threats in your AWS environments. Learn about the capabilities of Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub as you walk through real-world threat scenarios. For each scenario, we will review methods to detect and respond to threats both manually and automated using services like Amazon CloudWatch Events and AWS Lambda.
Module 1: AWS Introduction and History - AWSome Day Online Conference - APACAmazon Web Services
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Il cloud ibrido fa riferimento all'uso di risorse locali in aggiunta alle risorse pubbliche del cloud. Un cloud ibrido consente a un'organizzazione di migrare applicazioni e dati nel cloud, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, avvicinare le applicazioni ai clienti e creare una soluzione di backup e disaster recovery con una elevata disponibilità. In questa sessione verranno presentate le principali architetture ed i tool AWS per realizzarle.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Amazon Web Services
Security is a growing concern. Misconfigurations and inconsistent deployments provide opportunities for attackers to find vulnerabilities. This underscores the need to enforce policies as more and more production workloads move to the cloud.
In this session, discover how customers are using AWS Service Catalog as a layered defense and an in-depth mechanism to mitigate misconfigurations and variability in workload deployments. Additionally, learn how AWS Control Tower provides guardrails for policy enforcement to help customers like World Bank enforce security and manage compliance.
Speakers:
Kaushik Mohanty, Principal BD, Service Catalog and Control Tower, AWS
Durga Prasad, Manager, Solutions Architect, AWS
Building a well-engaged and secure AWS account access management - FND207-R ...Amazon Web Services
Building a well-managed and secure AWS account access management for enterprise customers and AWS partners is essential for managing a large number of AWS accounts. In this session, we review new features, best practices, and the risks involved when architecting organizational units. We also cover how to build dynamic access structures.
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
Slack stores lots of customer data, and it’s essential that it’s protected. Some customers need tight control over their keys, so Slack worked with AWS KMS to enable customers to revoke data access independently. With Slack’s Enterprise Key Management (EKM) capability, customers control master keys that unlock access to their data from KMS accounts. Using precise, granular KMS access controls, customers allow or deny access to individual channels, workspaces, or Slack channels and audit keys in AWS CloudTrail logs. This session covers KMS and how Slack used KMS to build the EKM capability. Learn how KMS can help you give your customers control over their data.
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...Amazon Web Services
Many enterprises use Active Directory for authentication, server and workstation management, group policy management, and more. It’s also one of the first applications to be deployed on AWS by those building or migrating Windows applications at scale. There are two primary models for running Active Directory on AWS: AWS Managed Microsoft AD and self-managed Active Directory on Amazon EC2. We discuss best practices for securing Active Directory deployment on AWS and the shared responsibility model for running AWS Managed Microsoft AD. We also examine a reference architecture that follows these best practices. Services include AWS Managed Microsoft AD, Amazon EC2, Amazon EBS, Amazon VPC, and AWS KMS.
Capital One case study: Addressing compliance and security within AWS - FND21...Amazon Web Services
Capital One is a leading global financial institution that has reimagined banking. Attend this session to learn how the company is governing and securing mission-critical infrastructure, its AWS environment, and its users and customers by building an integrated identity governance program that secures the organization and enables its workforce. Capital One shares its successes and lessons learned while building its identity strategy, and it covers what the company recommends that you consider when building or expanding your identity program. Learn how Capital One secures the wallet that it refers to when asking, “What’s in your wallet?”
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard.
AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard.
Build a dashboard using serverless security analytics - SDD201 - AWS re:Infor...Amazon Web Services
In this session, we walk you through a demo of how a security team can build dashboards in minutes without having to gain deep knowledge on analytics. The AWS serverless services we use include AWS WAF logs, AWS Glue, Amazon Athena, and Amazon QuickSight.
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Amazon Web Services
Module 3: Security, Identity and Access Management
This module will cover:
- Data Center Security
- AWS Identity and Access Management (IAM) concepts including users, groups, roles and policies
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019 Amazon Web Services
In agile and elastic environments, having real-time visibility into instances and ensuring that they are secure and compliant is critical. Solutions must work with your DevOps tools to provide visibility without slowing down your release cadence. In this session, Qualys shares how you can implement an AWS golden AMI pipeline that is integrated with Qualys to assess your AMIs and monitor the instances for changes in production. Learn how Ancestry uses Qualys in its CI/CD pipeline to secure its applications and track-approved AMIs. Using Qualys, Ancestry was able to reduce the vulnerabilities in its application deployments by 80 percent in a few months.
Data protection is the highest priority for any organisation, so we answer common questions about GDPR, data residency, freedom of information, and privacy. We also address security-related compliance, risk management strategies, and best practices for securing data on AWS.
Transforming Enterprise IT - Virtual Transformation Day Feb 2019Amazon Web Services
Speaker: Wesley Wilks, Dan Gallivan
As more and more enterprises start down the path of their digital transformation, the pressure on their IT organizations to support innovation across the business couldn’t be higher. In this session, we will outline a number of cutting-edge technologies as well as an operating model that will allow IT to position itself as a business enabler and not a blocker. We will be sharing some mechanisms that will enable the IT organization to meet the pace of innovation that is being set by the business while giving them the flexibility to leverage existing assets.
AWS Transformation Day is designed for enterprise organizations looking to make the move to the cloud in order to become more responsive, agile and innovative, while still staying secure and compliant. Join us for this virtual event and we'll share our experiences of helping enterprise customers accelerate the pace of migration and adoption of strategic services.
We recommend this event for IT and business leaders who are looking to create sustainable benefits and a competitive advantage by using the AWS Cloud.
At AWS, cloud security is our highest priority. All AWS customers inherit the best practices of AWS policies, architecture, and operational processes built to satisfy the requirements of the most security-sensitive organizations in the most highly-regulated industries in the world – including financial services. In this talk, AWS experts discuss the fundamentals of AWS Cloud security, best practices, and services customers can leverage in order to operate and innovate in the cloud – more securely than on premises.
Evolving perimeters with guardrails, not gates: Improving developer agility -...Amazon Web Services
In this session, Comcast discusses its AWS cloud governance strategy, focusing on self-service tooling and account management, and explaining how it improved the developer experience by leveraging federated identities, AWS Organizations, and AWS Identity and Access Management permissions boundaries.
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Amazon Web Services
Customers trust AWS with mission-critical workloads because AWS is designed and built to deliver the most flexible, reliable, scalable, and secure cloud computing environment available today. AWS works to earn that trust by offering transparency, demonstrating consistency, and providing best practices to keep themselves secure. As customers adopt AWS, they traverse several trust-building milestones with due-diligence activities, such as assurance report and AWS Well-Architected Tool reviews and deep dives with AWS subject matter experts. This session addresses these milestones at common AWS adoption stages with examples, questions that customers often ask, and suggestions for how to get started.
Migrare applicazioni e dati, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, creare soluzioni di backup e disaster recovery.
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Amazon Web Services
With Amazon EC2, Amazon EBS, Amazon S3, AWS KMS, and more, Intuit’s data platform was able meet the requirements of high availability and rapid infrastructure scaling for 100 percent of the tax year’s seasonal demands. In this session, Intuit answers questions such as: Which portions of a complex system can be forklifted directly? Which need to be reengineered? How can highly sensitive data be migrated and stored securely in AWS? Are operational best practices in AWS different than those on premises? Intuit shares its strategy for establishing sufficient confidence in your business partners and delivering 100 percent product uptime.
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
Financial Services Firms are moving enterprise workloads to AWS to drive agility and innovation. Being regulated entities, firms need to ensure they have necessary controls in place to attain compliance with the industry regulations.
Find out how Cowen, a leader in diversified financial services, achieved a solution with CTP and AWS. With CTP’s Continuous Compliance for AWS managed service, Cowen has the confidence to move their workloads to AWS and can continuously monitor their applications in AWS against PCI and NIST compliance frameworks
AWS identity services: Enabling and securing your cloud journey - SEC203 - Ne...Amazon Web Services
In this session, we provide an overview of AWS identity services within the context of a typical cloud journey. Learn about each service, the high-level capabilities they provide, and how the services fit and work together to provide you a robust identity foundation. Learn how to better advance your own journey with confidence and speed. Finally, we take a deeper look at several identity-based use cases where the cloud’s power and programmability are radically simplifying implementation and strengthening security.
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...Amazon Web Services
Many enterprises use Active Directory for authentication, server and workstation management, group policy management, and more. It’s also one of the first applications to be deployed on AWS by those building or migrating Windows applications at scale. There are two primary models for running Active Directory on AWS: AWS Managed Microsoft AD and self-managed Active Directory on Amazon EC2. We discuss best practices for securing Active Directory deployment on AWS and the shared responsibility model for running AWS Managed Microsoft AD. We also examine a reference architecture that follows these best practices. Services include AWS Managed Microsoft AD, Amazon EC2, Amazon EBS, Amazon VPC, and AWS KMS.
Capital One case study: Addressing compliance and security within AWS - FND21...Amazon Web Services
Capital One is a leading global financial institution that has reimagined banking. Attend this session to learn how the company is governing and securing mission-critical infrastructure, its AWS environment, and its users and customers by building an integrated identity governance program that secures the organization and enables its workforce. Capital One shares its successes and lessons learned while building its identity strategy, and it covers what the company recommends that you consider when building or expanding your identity program. Learn how Capital One secures the wallet that it refers to when asking, “What’s in your wallet?”
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard.
AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard.
Build a dashboard using serverless security analytics - SDD201 - AWS re:Infor...Amazon Web Services
In this session, we walk you through a demo of how a security team can build dashboards in minutes without having to gain deep knowledge on analytics. The AWS serverless services we use include AWS WAF logs, AWS Glue, Amazon Athena, and Amazon QuickSight.
Module 3: Security, Identity and Access Management - AWSome Day Online Confer...Amazon Web Services
Module 3: Security, Identity and Access Management
This module will cover:
- Data Center Security
- AWS Identity and Access Management (IAM) concepts including users, groups, roles and policies
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019 Amazon Web Services
In agile and elastic environments, having real-time visibility into instances and ensuring that they are secure and compliant is critical. Solutions must work with your DevOps tools to provide visibility without slowing down your release cadence. In this session, Qualys shares how you can implement an AWS golden AMI pipeline that is integrated with Qualys to assess your AMIs and monitor the instances for changes in production. Learn how Ancestry uses Qualys in its CI/CD pipeline to secure its applications and track-approved AMIs. Using Qualys, Ancestry was able to reduce the vulnerabilities in its application deployments by 80 percent in a few months.
Data protection is the highest priority for any organisation, so we answer common questions about GDPR, data residency, freedom of information, and privacy. We also address security-related compliance, risk management strategies, and best practices for securing data on AWS.
Transforming Enterprise IT - Virtual Transformation Day Feb 2019Amazon Web Services
Speaker: Wesley Wilks, Dan Gallivan
As more and more enterprises start down the path of their digital transformation, the pressure on their IT organizations to support innovation across the business couldn’t be higher. In this session, we will outline a number of cutting-edge technologies as well as an operating model that will allow IT to position itself as a business enabler and not a blocker. We will be sharing some mechanisms that will enable the IT organization to meet the pace of innovation that is being set by the business while giving them the flexibility to leverage existing assets.
AWS Transformation Day is designed for enterprise organizations looking to make the move to the cloud in order to become more responsive, agile and innovative, while still staying secure and compliant. Join us for this virtual event and we'll share our experiences of helping enterprise customers accelerate the pace of migration and adoption of strategic services.
We recommend this event for IT and business leaders who are looking to create sustainable benefits and a competitive advantage by using the AWS Cloud.
At AWS, cloud security is our highest priority. All AWS customers inherit the best practices of AWS policies, architecture, and operational processes built to satisfy the requirements of the most security-sensitive organizations in the most highly-regulated industries in the world – including financial services. In this talk, AWS experts discuss the fundamentals of AWS Cloud security, best practices, and services customers can leverage in order to operate and innovate in the cloud – more securely than on premises.
Evolving perimeters with guardrails, not gates: Improving developer agility -...Amazon Web Services
In this session, Comcast discusses its AWS cloud governance strategy, focusing on self-service tooling and account management, and explaining how it improved the developer experience by leveraging federated identities, AWS Organizations, and AWS Identity and Access Management permissions boundaries.
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Amazon Web Services
Customers trust AWS with mission-critical workloads because AWS is designed and built to deliver the most flexible, reliable, scalable, and secure cloud computing environment available today. AWS works to earn that trust by offering transparency, demonstrating consistency, and providing best practices to keep themselves secure. As customers adopt AWS, they traverse several trust-building milestones with due-diligence activities, such as assurance report and AWS Well-Architected Tool reviews and deep dives with AWS subject matter experts. This session addresses these milestones at common AWS adoption stages with examples, questions that customers often ask, and suggestions for how to get started.
Migrare applicazioni e dati, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, creare soluzioni di backup e disaster recovery.
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Amazon Web Services
With Amazon EC2, Amazon EBS, Amazon S3, AWS KMS, and more, Intuit’s data platform was able meet the requirements of high availability and rapid infrastructure scaling for 100 percent of the tax year’s seasonal demands. In this session, Intuit answers questions such as: Which portions of a complex system can be forklifted directly? Which need to be reengineered? How can highly sensitive data be migrated and stored securely in AWS? Are operational best practices in AWS different than those on premises? Intuit shares its strategy for establishing sufficient confidence in your business partners and delivering 100 percent product uptime.
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
Financial Services Firms are moving enterprise workloads to AWS to drive agility and innovation. Being regulated entities, firms need to ensure they have necessary controls in place to attain compliance with the industry regulations.
Find out how Cowen, a leader in diversified financial services, achieved a solution with CTP and AWS. With CTP’s Continuous Compliance for AWS managed service, Cowen has the confidence to move their workloads to AWS and can continuously monitor their applications in AWS against PCI and NIST compliance frameworks
AWS identity services: Enabling and securing your cloud journey - SEC203 - Ne...Amazon Web Services
In this session, we provide an overview of AWS identity services within the context of a typical cloud journey. Learn about each service, the high-level capabilities they provide, and how the services fit and work together to provide you a robust identity foundation. Learn how to better advance your own journey with confidence and speed. Finally, we take a deeper look at several identity-based use cases where the cloud’s power and programmability are radically simplifying implementation and strengthening security.
AWS identity services: Enabling and securing your cloud journey - SEC203 - Ch...Amazon Web Services
In this session, we provide an overview of AWS identity services within the context of a typical cloud journey. We learn about each service, the high-level capabilities each provides, and how they all fit and work together to provide you with a robust identity foundation. We also learn how to better advance your own identity-services cloud journey with confidence and speed. Finally, we look more closely at several identity-based use cases where the power and programmability of the cloud is radically simplifying implementation and strengthening security.
A Practitioner Guide to Securing Your Cloud (Like an Expert)Amazon Web Services
If you're new to AWS, you might think that cloud security is a lot of work. It's not! Across AWS, there are only a few simple patterns you need to know to be effective at security in the cloud.
In this session, we focused on the permissions controls offered by Identity and Access Management (IAM) and the network security controls offered by Virtual Private Cloud (VPC), walked away having seen concrete examples that illustrate the patterns that enable you to secure any workload in AWS.
Identity and access management helps customers protect their applications and resources. In this session, learn how AWS identity services are evolving to provide you with a secure, flexible, and easy solution for managing identities and access on the AWS Cloud.
Deploying critical Microsoft workloads on AWS at Capital One - SDD337 - AWS r...Amazon Web Services
Capital One innovates by leveraging AWS managed services such as AWS Directory Service for Microsoft Active Directory (AWS Managed Microsoft AD), Amazon RDS for SQL Server and EC2 to deploy critical Windows workloads securely in an automated fashion. In this session, attendees will learn how Capital One uses AWS Managed Microsoft AD with their on-premises domain to provide secure and highly available authentication and authorization services for its Windows workloads, such as Amazon RDS for SQL Server. You also learn security best practices for setting up AWS Managed Microsoft AD including implementing MFA, AD Trust options, AWS account isolation, security log collection, and more. In addition, we detail how Capital One uses AWS Managed Microsoft AD and Lambda Functions to simplify and automate Windows workload deployments across multiple AWS accounts and Amazon VPCs.
AWS Shared Security Model
Identity Access Management (IAM)
Governance and Compliance
AWS CloudTrail for audit and change management
AWS Config and Config Rules
How Vanguard and Bloomberg Use AWS PrivateLink (NET323) - AWS re:Invent 2018Amazon Web Services
Vanguard and Bloomberg's use of AWS PrivateLink as they moved from a small number of large accounts to a large number of small accounts reduced blast radius at the management plane but introduced significant complexity at the network layer. In this session, we introduce the type of network segmentation that is required to implement a zero-trust network for a highly regulated financial investment company like Vanguard—one that adds additional complexity.
AWS identity services - Enabling & securing your cloud journey - SEC202 - San...Amazon Web Services
Throughout your journey to the AWS Cloud, you will encounter and rely on a number of AWS identity services. In this session, we provide an overview of AWS identity services within the context of a typical cloud journey. Learn about each service, the capabilities it provides, and how the services fit and work together to provide you with a robust foundation and enable you to advance your journey with confidence and speed. Finally, we take a deeper look at a number of identity-based use cases, where the power and programmability of the cloud is radically simplifying implementation and strengthening security.
In this session, learn how to address threat detection and remediation at AWS. We summarize the challenges of traditional threat-detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty. Be sure to also check out the corresponding Threat Detection chalk talk.
A Practitioner's Guide to Securing Your Cloud (Like an Expert) (SEC203-R1) - ...Amazon Web Services
New to AWS? Given the number of AWS services there are, you may think that it’s going to take a lot of work to get your security house in order in the cloud. In fact, across AWS, there are only a few simple patterns you need to know to be effective at security in the cloud. In this session, we’ll focus on the permissions controls offered by Identity and Access Management (IAM) and the network security controls offered by Virtual Private Cloud (VPC). You’ll walk away having seen concrete examples that illustrate the patterns that enable you to properly secure any workload in AWS.
Best practices for choosing identity solutions for applications + workloads -...Amazon Web Services
Identity requirements for consumer-facing applications differ significantly from those for workforce applications and cloud resources. Learn the best practices for choosing the right identity platform on AWS for your consumer-facing applications and for centrally managing access to all your business applications and AWS resources. Come learn about the proper use cases for implementing single sign-on (SSO) and Amazon Cognito, security best practices, and configuration guidance.
Threat detection and mitigation at AWS - SEC201 - New York AWS SummitAmazon Web Services
In this session, learn how to address threat detection and remediation at AWS. We summarize the challenges of traditional threat-detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty. Be sure to also check out the corresponding Threat Detection chalk talk.
Module 3: Security, Identity and Access Management
This module will cover:
Data Center Security
AWS Identity and Access Management (IAM) concepts including users, groups, roles and policies
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019 Amazon Web Services
The services that make up AWS are many and varied, but the set of concepts you need to secure your data and infrastructure is simple and straightforward. By the end of this session, you will know the fundamental patterns that you can apply to secure any workload you run in AWS with confidence. We cover the basics of network security, the process of reading and writing access management policies, and data encryption.
Most organizations are great at securing their network, operating system, databases, and applications. However, even for those organizations that have been in the cloud for a few years, many are still learning how to set up the proper mechanisms to identify, protect, detect, respond and recover at the AWS layer. We will explore services like AWS Identity and AWS Access and Identity Management (IAM), AWS Key Management Service (KMS), Amazon Simple Storage Service (S3), Amazon Virtual Private Cloud (VPC), Amazon CloudWatch Logs, and Amazon GuardDuty.
Jeff Lombardo - Enforcing access control in depth with AWS - v1.2.pdfJean-François LOMBARDO
Infrastructure Security services are seen as the traditional mechanisms for enforcing protection of data. But now Identity and Access Management has to be considered too to prevent illegitimate access to information, unauthorized usage of services, and tampering of data. This is why, at AWS, Identity and Access Management oriented services is global service in our portfolio. Implementing a least privileged model for your workload requires that you consider what each component must have as permissions. For example: is it better to assign an IAM role to your Compute instance or to impersonate the initial requestor with their roles and permissions? Are the attributes of the requestor important for your access control logic? Can the context of the request influence how the resource should be disclosed?
Answering those questions will allow you to design and implement access control thanks to a composition of multiple mechanisms. Through this session, we will describe how a very simple web store application will benefit from implementing: identity federation, attribute-based access control, and security token exchange through the usage of the appropriate AWS services.
Discover what the PROTECTED certification means for your organisation and how the status can help you build applications on Amazon Web Services (AWS) that meet the Australian government’s security requirements for highly sensitive workloads.
Similar to AWS Security, IAM, Databases, Elasticity, Management Tools - AWSome Day Philadelphia 2019 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.