SlideShare a Scribd company logo

AWS Security Overview and “What’s New”

Amazon Web Services
Amazon Web Services

AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.

Technology
1 of 52
Download to read offline
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fall 2015 AWS Security Roadshow More Secure in the Cloud
Security Roadshow Agenda 1:00 pm – AWS Security Overview + What’s New 2:00 pm – Network Security & Access Control in AWS 2:55 pm – Refreshment Break (15 minutes) 3:10 pm – Protecting Your Data in AWS 4:10 pm – Securing Systems at Cloud Scale 5:00 pm – Closing Remarks + Open Q&A
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Overview + What’s New
1) Why is security such a hot topic? Because it’s important, and it’s hard
2) Why is enterprise security traditionally so hard? Because so much planning is needed
3) Why does planning take so long? Because it requires so many processes
4) Why so many processes? Because mistakes are easy to make and hard to correct
5) Why are mistakes so hard to correct? Lack of visibility Low degree of automation
So where does AWS come in? AWS makes security more agile Lets you move fast while staying safe
New tools to move fast and stay safe Amazon Inspector AWS WAF AWS Config Rules
Making Life Easier
Making life easier Choosing security does not mean giving up on convenience or introducing complexity
Security by Design (SbD)
Security by Design – SbD • Systematic approach to ensure security • Formalizes AWS account design • Automates security controls • Streamlines auditing • Provides control insights throughout the IT management processAWS CloudTrail AWS CloudHSM AWS IAM AWS KMS AWS Config
SbD – Scripting your governance policy Set of CloudFormation templates that accelerate compliance with PCI, HIPAA, FFIEC, FISMA, CJIS Result: Reliable technical implementation of administrative controls
How We Build Our Organization
AWS Security Team Operations Application Security Engineering Compliance Aligned for agility
Security ownership as part of DNA • Promotes culture of “everyone is an owner” for security • Makes security a stakeholder in business success • Enables easier and smoother communication Distributed Embedded
Operating principles Separation of duties Different personnel across service lines Least privilege
Technology to automate operational principles Visibility through automation Shrinking the protection boundaries Ubiquitous encryption
Amazon Inspector (Preview) Security assessment tool analyzing end-to-end application configuration and activity
Why Amazon Inspector? Applications testing key to moving fast but staying safe Security assessment highly manual, resulting in delays or missed security checks Valuable security subject matter experts spending too much time on routine security assessment
Amazon Inspector features Configuration Scanning Engine Activity monitoring Built-in content library Automatable via API Fully auditable
Amazon Inspector rulesets CVE Network Security Best Practices Authentication Best Practices Operating System Best Practices Application Security Best Practices PCI DCSS 3.0 Readiness
Amazon Inspector benefits Increased agility Embedded expertise Improved security posture Streamlined compliance
Getting started
Prioritized findings
Detailed remediation recommendations
AWS WAF
AWS WAF features Web filtering Amazon CloudFront integration Centralized rule management Real-time visibility API automation
AWS WAF benefits Increased protection against web attacks Ease of deployment and maintenance Security embedded in development process
AWS WAF in action AWS Management ConsoleAdmins Developers AWS API Web app in CloudFront Define rules Deploy protection AWS WAF
AWS WAF Partner integrations • Alert Logic, Trend Micro, and Imperva integrating with AWS WAF • Offer additional detection and threat intelligence • Dynamically modify rulesets of AWS WAF for increased protection
AWS Config Rules
AWS Config Rules features Flexible rules evaluated continuously and retroactively Dashboard and reports for common goals Customizable remediation API automation
AWS Config Rules Broad ecosystem of solutions
AWS Config Rules benefits Continuous monitoring for unexpected changes Shared compliance across your organization Simplified management of configuration changes
AWS Config Rules
Putting it all together: Before Auditor: ??? Develops app Reviews app Fixes app Updates app Fixes broken AWS WAF rules Deploys AWS WAF rules Reviews app
Putting it all together: After Auditor has full visibility Defines standards Develops app Fixes app Defines AWS WAF rules Optimizes environment Runs security tests Rapid updates
Security Training
New security training Training Security Fundamentals on AWS (Free online course) Security Operations on AWS (3-day class) Details at aws.amazon.com/training
Certification and education • Security Fundamentals on AWS • Free online course for security auditors and analysts • Security Operations on AWS • 3-day class for security engineers, architects, analysts, and auditors • Security Certification on AWS • Available here at re:Invent for those who have achieved AWS Solutions Architect – Professional certification
Security Partners
AWS Foundation Services Compute Storage Database Network AWS Global Infrastructure RegionsAvailability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network, & Firewall Configuration Customer Applications & Content Security & Compliance is a shared responsibility AWS Marketplace offers customers a choice of security configurations IN the Cloud AWS is responsible for the security OF the Cloud • Infrastructure Security – gateway, firewall, router, WAF, network, UTM • Identity & Access Control - allowed/authorized access • Logging & Monitoring - SIEM/ Governance, Risk, & Compliance (GRC) • Configuration & Vulnerability Analysis – scanning/pen testing and IPS/IDS • Data Protection - DRM/DLP/Encryption • Threat Analytics - continuous monitoring
AWS Marketplace Network/Security Partner Eco-system Infrastructure Security Logging & Monitoring Identity & Access Control Configuration & Vulnerability Analysis Data Protection SaaS SaaS SaaS
The Bottom Line
Design and deploy Define sensible defaults Inherit compliance controls Use available security features Manage templates—not instances
Operate and improve Constantly reduce the role of people Reduce privileged accounts Concentrate on what matters
Conclusions Security is critical We’re creating tools to make it easier We’re creating ways to help you build a world-class team You can move fast and stay safe
Don’t take my word for it… “CIOs and CISOs need to stop obsessing over unsubstantiated cloud security worries, and instead apply their imagination and energy to developing new approaches to cloud control, allowing them to securely, compliantly and reliably leverage the benefits of this increasingly ubiquitous computing model.” Clouds Are Secure: Are You Using Them Securely? Published: 22 September 2015 -- Jay Heiser “”"We worked closely with the Amazon team to develop a security model which we believe enables us to operate more securely in the public cloud than we can even in our own data centers.” – Rob Alexander, CIO Capital One
Thank you!

Recommended

Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
Amazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
Amazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
Amazon Web Services
 
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
😸 Richard Spindler
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best Practices
Amazon Web Services
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - Overview
Sai Kesavamatham
 
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveAWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's Perspective
Jason Chan
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
Amazon Web Services
 

Recommended

Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
Amazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
Amazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: Security
Amazon Web Services
 
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
😸 Richard Spindler
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best Practices
Amazon Web Services
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - Overview
Sai Kesavamatham
 
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveAWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's Perspective
Jason Chan
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWS
Amazon Web Services
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
East Midlands Cyber Security Forum
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals
Christopher Caplan
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWS
Amazon Web Services
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud Scale
Amazon Web Services
 
AWS - Security and Compliance Overview
AWS - Security and Compliance OverviewAWS - Security and Compliance Overview
AWS - Security and Compliance Overview
RightScale
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & Compliance
Amazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
LalitMohanSharma8
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security Model
Amazon Web Services
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWS
PolarSeven Pty Ltd
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
Amazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
Amazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
Amazon Web Services
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practices
Sundeep Roxx
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Amazon Web Services
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
Alert Logic
 
Understanding AWS security
Understanding AWS securityUnderstanding AWS security
Understanding AWS security
Amazon Web Services
 
What's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow DublinWhat's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow Dublin
Amazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
Amazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
Amazon Web Services
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
Alert Logic
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS Security
Amazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
Amazon Web Services
 

More Related Content

What's hot

Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
East Midlands Cyber Security Forum
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals
Christopher Caplan
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWS
Amazon Web Services
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud Scale
Amazon Web Services
 
AWS - Security and Compliance Overview
AWS - Security and Compliance OverviewAWS - Security and Compliance Overview
AWS - Security and Compliance Overview
RightScale
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & Compliance
Amazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
LalitMohanSharma8
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security Model
Amazon Web Services
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWS
PolarSeven Pty Ltd
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
Amazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
Amazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
Amazon Web Services
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practices
Sundeep Roxx
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Amazon Web Services
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
Alert Logic
 
Understanding AWS security
Understanding AWS securityUnderstanding AWS security
Understanding AWS security
Amazon Web Services
 
What's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow DublinWhat's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow Dublin
Amazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
Amazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
Amazon Web Services
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
Alert Logic
 

What's hot (20)

Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWS
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud Scale
 
AWS - Security and Compliance Overview
AWS - Security and Compliance OverviewAWS - Security and Compliance Overview
AWS - Security and Compliance Overview
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & Compliance
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security Model
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWS
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practices
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
 
Understanding AWS security
Understanding AWS securityUnderstanding AWS security
Understanding AWS security
 
What's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow DublinWhat's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow Dublin
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
 

Viewers also liked

Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS Security
Amazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
Amazon Web Services
 
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
Amazon Web Services
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar Series
Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWS
Amazon Web Services
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
Amazon Web Services
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennai
vinoth kumar
 
AWS Security & Compliance
AWS Security & ComplianceAWS Security & Compliance
AWS Security & Compliance
Amazon Web Services
 
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
Amazon Web Services
 
Aws 101
Aws 101Aws 101
Aws 101
Patrick Pierson
 
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
Amazon Web Services
 
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
Amazon Web Services
 
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
Amazon Web Services
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301
Amazon Web Services
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWS
Amazon Web Services
 
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Amazon Web Services
 
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAmazon Web Services
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’ts
AlgoSec
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Amazon Web Services
 

Viewers also liked (20)

Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS Security
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar Series
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS Security
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWS
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennai
 
AWS Security & Compliance
AWS Security & ComplianceAWS Security & Compliance
AWS Security & Compliance
 
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
 
Aws 101
Aws 101Aws 101
Aws 101
 
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
 
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
 
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWS
 
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
 
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’ts
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
 

Similar to AWS Security Overview and “What’s New”

(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?
Amazon Web Services
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About Security
Amazon Web Services
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
Amazon Web Services
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS Cloud
Amazon Web Services
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
Amazon Web Services
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the Cloud
Amazon Web Services
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
Amazon Web Services
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3
Kimberly Macias
 
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
Alert Logic
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS Security
Amazon Web Services
 
(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise
Amazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
Amazon Web Services LATAM
 
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
Amazon Web Services
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program Overview
Amazon Web Services
 
Intro & Security Update
Intro & Security UpdateIntro & Security Update
Intro & Security Update
Amazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel Cloud
Amazon Web Services
 
Getting started with aws security toronto rs
Getting started with aws security toronto rsGetting started with aws security toronto rs
Getting started with aws security toronto rs
Amazon Web Services
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through Automation
Amazon Web Services
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the Cloud
Amazon Web Services
 

Similar to AWS Security Overview and “What’s New” (20)

(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About Security
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS Cloud
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the Cloud
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3
 
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS Security
 
(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program Overview
 
Intro & Security Update
Intro & Security UpdateIntro & Security Update
Intro & Security Update
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel Cloud
 
Getting started with aws security toronto rs
Getting started with aws security toronto rsGetting started with aws security toronto rs
Getting started with aws security toronto rs
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through Automation
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the Cloud
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Amazon Web Services
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Amazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
ViralQR
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Paige Cruz
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
UiPathCommunity
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
Ralf Eggert
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
Thijs Feryn
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
DianaGray10
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
mikeeftimakis1
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
Vlad Stirbu
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
Product School
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 

Recently uploaded (20)

FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.Welocme to ViralQR, your best QR code generator.
Welocme to ViralQR, your best QR code generator.
 
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfObservability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdf
 
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...
 
PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)PHP Frameworks: I want to break free (IPC Berlin 2024)
PHP Frameworks: I want to break free (IPC Berlin 2024)
 
Accelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish CachingAccelerate your Kubernetes clusters with Varnish Caching
Accelerate your Kubernetes clusters with Varnish Caching
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4UiPath Test Automation using UiPath Test Suite series, part 4
UiPath Test Automation using UiPath Test Suite series, part 4
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdfFIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf
 
Introduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - CybersecurityIntroduction to CHERI technology - Cybersecurity
Introduction to CHERI technology - Cybersecurity
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Quantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIsQuantum Computing: Current Landscape and the Future Role of APIs
Quantum Computing: Current Landscape and the Future Role of APIs
 
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
De-mystifying Zero to One: Design Informed Techniques for Greenfield Innovati...
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 

AWS Security Overview and “What’s New”

  • 1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fall 2015 AWS Security Roadshow More Secure in the Cloud
  • 2. Security Roadshow Agenda 1:00 pm – AWS Security Overview + What’s New 2:00 pm – Network Security & Access Control in AWS 2:55 pm – Refreshment Break (15 minutes) 3:10 pm – Protecting Your Data in AWS 4:10 pm – Securing Systems at Cloud Scale 5:00 pm – Closing Remarks + Open Q&A
  • 3. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Overview + What’s New
  • 4. 1) Why is security such a hot topic? Because it’s important, and it’s hard
  • 5. 2) Why is enterprise security traditionally so hard? Because so much planning is needed
  • 6. 3) Why does planning take so long? Because it requires so many processes
  • 7. 4) Why so many processes? Because mistakes are easy to make and hard to correct
  • 8. 5) Why are mistakes so hard to correct? Lack of visibility Low degree of automation
  • 9. So where does AWS come in? AWS makes security more agile Lets you move fast while staying safe
  • 10. New tools to move fast and stay safe Amazon Inspector AWS WAF AWS Config Rules
  • 12. Making life easier Choosing security does not mean giving up on convenience or introducing complexity
  • 14. Security by Design – SbD • Systematic approach to ensure security • Formalizes AWS account design • Automates security controls • Streamlines auditing • Provides control insights throughout the IT management processAWS CloudTrail AWS CloudHSM AWS IAM AWS KMS AWS Config
  • 15. SbD – Scripting your governance policy Set of CloudFormation templates that accelerate compliance with PCI, HIPAA, FFIEC, FISMA, CJIS Result: Reliable technical implementation of administrative controls
  • 16. How We Build Our Organization
  • 17. AWS Security Team Operations Application Security Engineering Compliance Aligned for agility
  • 18. Security ownership as part of DNA • Promotes culture of “everyone is an owner” for security • Makes security a stakeholder in business success • Enables easier and smoother communication Distributed Embedded
  • 19. Operating principles Separation of duties Different personnel across service lines Least privilege
  • 20. Technology to automate operational principles Visibility through automation Shrinking the protection boundaries Ubiquitous encryption
  • 21. Amazon Inspector (Preview) Security assessment tool analyzing end-to-end application configuration and activity
  • 22. Why Amazon Inspector? Applications testing key to moving fast but staying safe Security assessment highly manual, resulting in delays or missed security checks Valuable security subject matter experts spending too much time on routine security assessment
  • 23. Amazon Inspector features Configuration Scanning Engine Activity monitoring Built-in content library Automatable via API Fully auditable
  • 24. Amazon Inspector rulesets CVE Network Security Best Practices Authentication Best Practices Operating System Best Practices Application Security Best Practices PCI DCSS 3.0 Readiness
  • 25. Amazon Inspector benefits Increased agility Embedded expertise Improved security posture Streamlined compliance
  • 30. AWS WAF features Web filtering Amazon CloudFront integration Centralized rule management Real-time visibility API automation
  • 31. AWS WAF benefits Increased protection against web attacks Ease of deployment and maintenance Security embedded in development process
  • 32. AWS WAF in action AWS Management ConsoleAdmins Developers AWS API Web app in CloudFront Define rules Deploy protection AWS WAF
  • 33. AWS WAF Partner integrations • Alert Logic, Trend Micro, and Imperva integrating with AWS WAF • Offer additional detection and threat intelligence • Dynamically modify rulesets of AWS WAF for increased protection
  • 35. AWS Config Rules features Flexible rules evaluated continuously and retroactively Dashboard and reports for common goals Customizable remediation API automation
  • 36. AWS Config Rules Broad ecosystem of solutions
  • 37. AWS Config Rules benefits Continuous monitoring for unexpected changes Shared compliance across your organization Simplified management of configuration changes
  • 39. Putting it all together: Before Auditor: ??? Develops app Reviews app Fixes app Updates app Fixes broken AWS WAF rules Deploys AWS WAF rules Reviews app
  • 40. Putting it all together: After Auditor has full visibility Defines standards Develops app Fixes app Defines AWS WAF rules Optimizes environment Runs security tests Rapid updates
  • 42. New security training Training Security Fundamentals on AWS (Free online course) Security Operations on AWS (3-day class) Details at aws.amazon.com/training
  • 43. Certification and education • Security Fundamentals on AWS • Free online course for security auditors and analysts • Security Operations on AWS • 3-day class for security engineers, architects, analysts, and auditors • Security Certification on AWS • Available here at re:Invent for those who have achieved AWS Solutions Architect – Professional certification
  • 45. AWS Foundation Services Compute Storage Database Network AWS Global Infrastructure RegionsAvailability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network, & Firewall Configuration Customer Applications & Content Security & Compliance is a shared responsibility AWS Marketplace offers customers a choice of security configurations IN the Cloud AWS is responsible for the security OF the Cloud • Infrastructure Security – gateway, firewall, router, WAF, network, UTM • Identity & Access Control - allowed/authorized access • Logging & Monitoring - SIEM/ Governance, Risk, & Compliance (GRC) • Configuration & Vulnerability Analysis – scanning/pen testing and IPS/IDS • Data Protection - DRM/DLP/Encryption • Threat Analytics - continuous monitoring
  • 46. AWS Marketplace Network/Security Partner Eco-system Infrastructure Security Logging & Monitoring Identity & Access Control Configuration & Vulnerability Analysis Data Protection SaaS SaaS SaaS
  • 48. Design and deploy Define sensible defaults Inherit compliance controls Use available security features Manage templates—not instances
  • 49. Operate and improve Constantly reduce the role of people Reduce privileged accounts Concentrate on what matters
  • 50. Conclusions Security is critical We’re creating tools to make it easier We’re creating ways to help you build a world-class team You can move fast and stay safe
  • 51. Don’t take my word for it… “CIOs and CISOs need to stop obsessing over unsubstantiated cloud security worries, and instead apply their imagination and energy to developing new approaches to cloud control, allowing them to securely, compliantly and reliably leverage the benefits of this increasingly ubiquitous computing model.” Clouds Are Secure: Are You Using Them Securely? Published: 22 September 2015 -- Jay Heiser “”"We worked closely with the Amazon team to develop a security model which we believe enables us to operate more securely in the public cloud than we can even in our own data centers.” – Rob Alexander, CIO Capital One