In this session we will explore the current financial regulatory landscape and future compliance trends. We will dive deep on to how to leverage AWS services to implement next generation security and compliance at scale.
Myles Hosford, Security Solution Architect, APAC, AWS
James Wilkins, Lead of the Cloud Task Force, Association of Banks Singapore (ABS)
In this session we will explore the current financial regulatory landscape and future compliance trends. We will dive deep on to how to leverage AWS services to implement next generation security and compliance at scale. The session will be delivered by Myles Hosford, APAC Security Solution Architect, and James Wilkins, Lead of the Cloud Task Force for the Association of Banks Singapore (ABS).
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, the tools and services AWS makes available to customers to secure and manage their resources and best practices on how to use them.
This session is recommended for anyone with questions about how AWS can meet the compliance requirements of their applications.
You don’t need to be a security expert to protect your organizations data in the cloud. You don’t need to be a security expert to protect your workloads on AWS. You just need to be informed of the many security tools available in AWS, and learn how to use them.
Taking a highly automated approach to security, you can use key features of the AWS Cloud to transform security in your organization. As with infrastructure as an API, security as an API allows you to move rapidly & stay secure. From AWS security groups, to virtual private networks, to security tools, you need to learn how to automate and accelerate.
In this talk, you’ll see how various AWS features and cloud-aware security controls can work together to protect your deployments. Using real-world examples, you’ll come away with an understanding of steps you can take to ensure that you maximize the security of your deployment while minimizing the work it takes to keep it secure.
You will learn a logical approach to modern security that you can immediately apply to your own AWS deployments. You will learn how to use security tools and techniques to help you build with confidence.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that “Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?” That’s the level of granularity you can choose to implement if you wish. In this session, we’ll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
The Automation of Supervision: How Regulators and Audit Teams are using AWS t...Amazon Web Services
Security governance is used to support business objectives by defining policies & controls to manage risk. This session will focus on automation and visibility when using AWS.
Speaker: Brian Wagner, Senior Security Consultant, AWS
Ryan Holland (Cloud Platform Solution Director, Alert Logic) and Pat McDowell (Partner Solution Architect, Amazon Web Services)'s presentation on AWS security services like AWS Inspector, AWS WAF, and AWS Config Rules at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
Myles Hosford, Security Solution Architect, APAC, AWS
James Wilkins, Lead of the Cloud Task Force, Association of Banks Singapore (ABS)
In this session we will explore the current financial regulatory landscape and future compliance trends. We will dive deep on to how to leverage AWS services to implement next generation security and compliance at scale. The session will be delivered by Myles Hosford, APAC Security Solution Architect, and James Wilkins, Lead of the Cloud Task Force for the Association of Banks Singapore (ABS).
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, the tools and services AWS makes available to customers to secure and manage their resources and best practices on how to use them.
This session is recommended for anyone with questions about how AWS can meet the compliance requirements of their applications.
You don’t need to be a security expert to protect your organizations data in the cloud. You don’t need to be a security expert to protect your workloads on AWS. You just need to be informed of the many security tools available in AWS, and learn how to use them.
Taking a highly automated approach to security, you can use key features of the AWS Cloud to transform security in your organization. As with infrastructure as an API, security as an API allows you to move rapidly & stay secure. From AWS security groups, to virtual private networks, to security tools, you need to learn how to automate and accelerate.
In this talk, you’ll see how various AWS features and cloud-aware security controls can work together to protect your deployments. Using real-world examples, you’ll come away with an understanding of steps you can take to ensure that you maximize the security of your deployment while minimizing the work it takes to keep it secure.
You will learn a logical approach to modern security that you can immediately apply to your own AWS deployments. You will learn how to use security tools and techniques to help you build with confidence.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that “Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?” That’s the level of granularity you can choose to implement if you wish. In this session, we’ll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
The Automation of Supervision: How Regulators and Audit Teams are using AWS t...Amazon Web Services
Security governance is used to support business objectives by defining policies & controls to manage risk. This session will focus on automation and visibility when using AWS.
Speaker: Brian Wagner, Senior Security Consultant, AWS
Ryan Holland (Cloud Platform Solution Director, Alert Logic) and Pat McDowell (Partner Solution Architect, Amazon Web Services)'s presentation on AWS security services like AWS Inspector, AWS WAF, and AWS Config Rules at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
AWS Summit 2014 Brisbane - Breakout 1
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
Implementing Bullet-Proof HIPAA Solutions on AWS (SEC306) | AWS re:Invent 2013Amazon Web Services
Implementing a HIPAA solution presents challenges from day one. Not only are you saddled with seemingly insurmountable regulatory challenges, you also take on the stewardship of people's most deeply personal information. The AWS platform simplifies deployment of HIPAA applications by offering a rich set of dynamic scalability, developer services, high availability options, and strong security. Hosting a HIPAA application on the public cloud may seem pretty scary, but Ideomed solved some of this architecture's most vexing challenges by building a major health portal and deploying it on AWS. Come hear Ideomed CEO Keith Brophy and solution architect Gerry Miller talk first-hand about the challenges and solutions, including CloudHSM encryption, multi-AZ failover, dynamic scaling, and more!
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that "Tom is the only person who can access this data object that I store with Amazon, and he can do so only from his corporate desktop on the corporate network, from Monday–Friday 9–5, and when he uses MFA?" That's the level of granularity you can choose to implement if you wish. In this session, we'll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
Sophos join us to cover the AWS Shared Security Model and common threats and consequences that you can face in your AWS environment.
Presented by - Peter Gordon - Senior Cloud Security Architect
View the full presentation here - https://youtu.be/cR2MK0rjmVo
Presented at AWS User Group Sydney
https://www.meetup.com/AWS-Sydney/
Hosted by PolarSeven -http://polarseven.com
Unified Security through Armor and AWS - DEM05 - Atlanta AWS SummitAmazon Web Services
Migrating mission-critical workloads to the cloud requires specialized expertise and operational evolution. Fortunately, security tools have evolved and are now much easier to implement, use, and scale. In this session, learn what tools are right for your business requirements and how they can effectively reduce operational friction in your journey to the cloud. Hear representatives from Armor discuss how automation has developed a strong combination of security controls in AWS, and learn how Armor designs the proper controls to address potential security gaps. Also, learn how to mitigate risk by utilizing AWS native security controls in conjunction with Armor's security stack. This session is brought to you by AWS partner, Armor.
Segurança é uma das principais características da nuvem da AWS. Nesta apresentação, analisamos o modelo de segurança compartilhada da AWS, e os serviços usados para implementar este modelo.
This session provides real guidance and practical answers to government users’ questions about security and compliance, helping agencies move away from the “worry-based fiction” of the cloud
Speaker: Stephen Squigg, Solutions Architect, Amazon Web Services, APAC
Leveraging AWS for your business provides a catalyst for security programs as customers inherit a faster pace of security innovation simply by using AWS. This session highlights design and architecture patterns customers can employ to measurably improve the security of their organization. In this session, customers explore design patterns for data security using encryption, strong access controls, and least privilege; for implementing detective security controls, such as logging and monitoring, at scale; and for implementing a defense-in-depth network security architecture.
Do you have AWS Accounts that will be subjected to DFARS/NIST 800-171 Controls? What can you leverage to have Continuous Monitoring and Compliance for your AWS Infrastructure? Glad you asked! Evident Security Platform can support you on AWS Commercial Regions and/or AWS GovCloud. Here is how.
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Amazon Web Services
This session covers the shared responsibility model for security and compliance specific to the AWS GovCloud (US) region. This presentation highlights the enhanced security offerings of AWS GovCloud (US), such as FIPS-140 Level 2 encryption, as well as the supported compliance regimes. It also reviews how our customers can build secure applications in GovCloud using the various security features such as IAM and VPC. This presentation also offers a brief overview of FedRAMP, explains the shared responsibility model through customer use cases, and covers how customers can obtain an Authority to Operate.
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
Organizations like MailControl often discover they need to gain additional visibility into encrypted incoming and outgoing application traffic to detect potential threats or anomalies. F5 BIG-IP Virtual Edition (VE) on Amazon Web Services (AWS) delivers an advanced application delivery controller (ADC) that goes beyond balancing application loads, enabling inspection of inbound and outbound application traffic. Join our webinar with AWS to discover how F5 was able to help MailControl boost their visibility into the email traffic flowing through their application. By using virtualized F5 services on Amazon Web Services (AWS), the organization increased its application monitoring capabilities and improved security for its customers, while simultaneously automating processes to support its agile DevOps process.
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
(Presented by Trend Micro)
In this session, you learn about the AWS shared security model, including considerations and best practices for deploying a secure and compliant application on AWS, and how to leverage the features and APIs provided by AWS. You also learn how to use best-in-class security and compliance solutions that have been optimized for enterprises deploying in AWS.
Key topics covered are Amazon EC2 and Amazon EBS encryption, including several key management methodologies as well as intrusion detection and prevention, anti-malware, anti-virus, integrity monitoring, firewall, and web reputation in the cloud.
This session, co-led by Steve Schmidt, AWS Chief Information Security Officer, and George Stathakopoulos, Amazon.com VP of Information Security, gives a unique view of how a global provider and customer work together to deliver security on a massive scale. Steve and George will show some of the innovations that help their teams deliver world-class security operations at scale. This session is not moderated but is a conversation between two world-class security experts with differing responsibilities for the Amazon.com and Amazon Web Services global security posture. Join this session and walk away with a deeper understanding of the underlying security innovations powering the cloud and how you can enable them in your business.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS Summit 2014 Brisbane - Breakout 1
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
Implementing Bullet-Proof HIPAA Solutions on AWS (SEC306) | AWS re:Invent 2013Amazon Web Services
Implementing a HIPAA solution presents challenges from day one. Not only are you saddled with seemingly insurmountable regulatory challenges, you also take on the stewardship of people's most deeply personal information. The AWS platform simplifies deployment of HIPAA applications by offering a rich set of dynamic scalability, developer services, high availability options, and strong security. Hosting a HIPAA application on the public cloud may seem pretty scary, but Ideomed solved some of this architecture's most vexing challenges by building a major health portal and deploying it on AWS. Come hear Ideomed CEO Keith Brophy and solution architect Gerry Miller talk first-hand about the challenges and solutions, including CloudHSM encryption, multi-AZ failover, dynamic scaling, and more!
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that "Tom is the only person who can access this data object that I store with Amazon, and he can do so only from his corporate desktop on the corporate network, from Monday–Friday 9–5, and when he uses MFA?" That's the level of granularity you can choose to implement if you wish. In this session, we'll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
Sophos join us to cover the AWS Shared Security Model and common threats and consequences that you can face in your AWS environment.
Presented by - Peter Gordon - Senior Cloud Security Architect
View the full presentation here - https://youtu.be/cR2MK0rjmVo
Presented at AWS User Group Sydney
https://www.meetup.com/AWS-Sydney/
Hosted by PolarSeven -http://polarseven.com
Unified Security through Armor and AWS - DEM05 - Atlanta AWS SummitAmazon Web Services
Migrating mission-critical workloads to the cloud requires specialized expertise and operational evolution. Fortunately, security tools have evolved and are now much easier to implement, use, and scale. In this session, learn what tools are right for your business requirements and how they can effectively reduce operational friction in your journey to the cloud. Hear representatives from Armor discuss how automation has developed a strong combination of security controls in AWS, and learn how Armor designs the proper controls to address potential security gaps. Also, learn how to mitigate risk by utilizing AWS native security controls in conjunction with Armor's security stack. This session is brought to you by AWS partner, Armor.
Segurança é uma das principais características da nuvem da AWS. Nesta apresentação, analisamos o modelo de segurança compartilhada da AWS, e os serviços usados para implementar este modelo.
This session provides real guidance and practical answers to government users’ questions about security and compliance, helping agencies move away from the “worry-based fiction” of the cloud
Speaker: Stephen Squigg, Solutions Architect, Amazon Web Services, APAC
Leveraging AWS for your business provides a catalyst for security programs as customers inherit a faster pace of security innovation simply by using AWS. This session highlights design and architecture patterns customers can employ to measurably improve the security of their organization. In this session, customers explore design patterns for data security using encryption, strong access controls, and least privilege; for implementing detective security controls, such as logging and monitoring, at scale; and for implementing a defense-in-depth network security architecture.
Do you have AWS Accounts that will be subjected to DFARS/NIST 800-171 Controls? What can you leverage to have Continuous Monitoring and Compliance for your AWS Infrastructure? Glad you asked! Evident Security Platform can support you on AWS Commercial Regions and/or AWS GovCloud. Here is how.
Secure Applications and FedRAMP in the AWS GovCloud (US) Region (SEC204) | AW...Amazon Web Services
This session covers the shared responsibility model for security and compliance specific to the AWS GovCloud (US) region. This presentation highlights the enhanced security offerings of AWS GovCloud (US), such as FIPS-140 Level 2 encryption, as well as the supported compliance regimes. It also reviews how our customers can build secure applications in GovCloud using the various security features such as IAM and VPC. This presentation also offers a brief overview of FedRAMP, explains the shared responsibility model through customer use cases, and covers how customers can obtain an Authority to Operate.
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
Organizations like MailControl often discover they need to gain additional visibility into encrypted incoming and outgoing application traffic to detect potential threats or anomalies. F5 BIG-IP Virtual Edition (VE) on Amazon Web Services (AWS) delivers an advanced application delivery controller (ADC) that goes beyond balancing application loads, enabling inspection of inbound and outbound application traffic. Join our webinar with AWS to discover how F5 was able to help MailControl boost their visibility into the email traffic flowing through their application. By using virtualized F5 services on Amazon Web Services (AWS), the organization increased its application monitoring capabilities and improved security for its customers, while simultaneously automating processes to support its agile DevOps process.
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
(Presented by Trend Micro)
In this session, you learn about the AWS shared security model, including considerations and best practices for deploying a secure and compliant application on AWS, and how to leverage the features and APIs provided by AWS. You also learn how to use best-in-class security and compliance solutions that have been optimized for enterprises deploying in AWS.
Key topics covered are Amazon EC2 and Amazon EBS encryption, including several key management methodologies as well as intrusion detection and prevention, anti-malware, anti-virus, integrity monitoring, firewall, and web reputation in the cloud.
This session, co-led by Steve Schmidt, AWS Chief Information Security Officer, and George Stathakopoulos, Amazon.com VP of Information Security, gives a unique view of how a global provider and customer work together to deliver security on a massive scale. Steve and George will show some of the innovations that help their teams deliver world-class security operations at scale. This session is not moderated but is a conversation between two world-class security experts with differing responsibilities for the Amazon.com and Amazon Web Services global security posture. Join this session and walk away with a deeper understanding of the underlying security innovations powering the cloud and how you can enable them in your business.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
by Bill Reid, Leader, North American Solutions Architects
Security and Compliance Specialists AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
Customers using AWS benefit from over 1,800 security and compliance controls built into the AWS platform and operations. In this session, you will learn how to take advantage of the advanced security features of the AWS platform to gain the visibility, agility, and control needed to be more secure in the cloud than in legacy environments. We will take a look at innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the shared security responsibility model and ways you can inherit security controls from the rich compliance and accreditation programs maintained by AWS. Learn More: https://aws.amazon.com/government-education/
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
Accelerating cloud adoption for your regulated workloads - AWS PS Summit Canb...Amazon Web Services
How can you architect your applications for regulatory and organisational compliance? How can you automate security, auditability, and governance controls using best practice? In this session, Accenture draws from real-world examples to showcase how the cloud can strengthen your security and compliance posture, while ensuring maximum agility – articulated through the lifecycle of an application moving to the cloud.
Speaker: Chris Fleischmann, Managing Director, Journey To Cloud, Accenture
Level: 200
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.). This will include operational reporting through the use of AWS services (e.g. Config/Config Rules, CloudTrail, Inspector, etc.) as well as partner integration capabilities with partner solutions such as Splunk and Allgress for real-time governance, risk, and compliance reporting. Key takeaways from this session include: learning AWS Security best practices and automation capabilities for securing your environment, Automation accelerators for configuration, compliance, and audit reporting using CloudFormation, Config/Config Rules, CloudTrail, Inspector, etc., and ISV integration for real-time notification and reporting for security, compliance, and auditing in the cloud.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Level: 100
Speaker: Don Edwards - Sr. Technical Delivery Manager, AWS
Compliance in the Cloud Using “Security by Design” PrinciplesAmazon Web Services
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.).
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish. In this session, we'll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
Get ahead of cloud network security trends and practices in 2020Cynthia Hsieh
- Cloud security is just security. An evolution
- 3 Stages of Digital Transformation
- A new security model
- Security model in AWS
- Automate with integrated services
- AWS security solutions
- Barriers and common seen practices
- “Unboxing” cloud network security
- Cloud-Native Network Security Service
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops.
Speaker: Bill Reid - Sr Mgr, Solutions Architecture, AWS
AWS Security, Identity, & Compliance - An Overview: AWS Security Week at the San Francisco Loft
Presenter: William Reid, CISM, FIP
Head of Security and Compliance Solution Architecture, AWS
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
2. “CS can potentially offer a number of advantages, which include economies
of scale, cost-savings, access to quality system administration as well as
operations that adhere to uniform security standards and best practices.”
MAS Outsourcing Guidelines 2016
MAS Outsourcing Guidelines
3. ABS Cloud Implementation Guide
“The guiding principle that information security controls in the Cloud must be at least
as strong as what the FIs would have implemented had the operations been
performed in-house should apply”
Due Diligence Data Protection Disaster Recovery
11. Next Generation Security Benefits
Automate
with deeply
integrated
security services
Inherit
global
security and
compliance
controls
Highest
standards
for privacy
and data
security
Largest
network
of security
partners and
solutions
Scale with
superior visibility
and control
12. AWS Identity & Access
Management (IAM)
AWS Organizations
AWS Cognito
AWS Directory Service
AWS Single Sign-On
AWS CloudTrail
AWS Config
Amazon
CloudWatch
Amazon GuardDuty
VPC Flow Logs
Amazon EC2
Systems Manager
AWS Shield
AWS Web Application
Firewall (WAF)
Amazon Inspector
Amazon Virtual Private
Cloud (VPC)
AWS Key Management
Service (KMS)
AWS CloudHSM
Amazon Macie
Certificate Manager
Server Side Encryption
AWS Config Rules
AWS Lambda
Identity
Detective
control
Infrastructure
security
Incident
response
Data
protection
AWS Security Services
13. Define, enforce, and audit
user permissions across
AWS services, actions
and resources.
Identity & access
management
Identity and access
management
FINE GRAINED ACCESS
CONTROL
MULTI FACTOR
AUTHENTICATION
14. Gain the visibility you need
to spot issues before they
impact the business, improve
your security posture, and
reduce the risk profile of
your environment.
Detective
control
AMAZON GUARD DUTY –
INTELLIGENT THREAT DETECTION
15. Reduce surface area to manage
and increase privacy for and
control of your overall
infrastructure on AWS.
Infrastructure
security
ATTACKERS
AWS CUSTOMERS AWS CUSTOMERS AWS CUSTOMERS
16. In addition to our automatic
data encryption and
management services,
employ more features for
data protection.
(including data management, data
security, and encryption key storage)
Data
protection
Elastic Load
Balancing
Amazon
CloudFront
ACM
Certificate
AWS Certificate
Manager
Developers
17. During an incident, containing the
event and returning to a known
good state are important elements
of a response plan. AWS provides
the following
tools to automate aspects of this
best practice.
Incident
response
Amazon
CloudWatch
CloudWatch
Event
Lambda
Function
AWS Lambda
Automated Response
18. Next Generation Security Postures
Everything as
Code
Ubiquitous
Encryption
Automated
Compliance
No SSH or RDP
for Admin
SSH
20. AWS Systems Manager Components
Run command State manager Inventory Maintenance window
Patch manager Automation Parameter store Documents
21. • Remotely manage thousands of
Windows and Linux instances running
on Amazon EC2 or on-premises
• Control user actions and scope with
secure, granular access control
• Safely execute changes with rate control
to reduce blast radius
• Audit every user action with change
tracking
Operations at scale without SSH/RDP
AWS Cloud
Corporate data
center
IT Admin, DevOps
Engineer
Role-based Access
Control
24. Everything as Code: Your Security Controls
REGULATORY CONTROLS INDUSTRY CONTROLS
25. Everything as Code
security group
S3
bucket (encrypted
AES256)
AWS KMS
Amazon Virtual Private Cloud
security group
EC2 instance
WEB
ü Cyber Security
ü IT Audit
ü Application
ü Operations
APP
Logging &
Monitoring
VPC Security
29. Everything as Code: Audit
Any IP on the
Internet
Telnet, insecure,
clear-text
protocol
Mis-configuration prevented & detected BEFORE the
environment is even built!
34. Controls and Visibility
CloudTrail provides:
• Who decrypted data
• When data was decrypted
• Where data was decrypted from
• Stored for audit and inspection
KMS CloudTrail S3Consumer
requests
39. Automating Compliance: Encryption
User launches a new
server without
encryption
Automated
response to
perform
encryption
Automated
response to
terminate
server
AWS Config reviews change
against controls you define
in near real-time
43. Design Principles
ü Implement a strong identity foundation
ü Enable traceability
ü Apply security at all layers
ü Automate security best practices
ü Protect data in transit and at rest
ü Prepare for security events
?AWS Well Architected: Security
44. “CIOs and CISOs need to stop obsessing over
unsubstantiated cloud security worries, and instead
apply their imagination and energy to developing new
approaches to cloud control, allowing them to securely,
compliantly, and reliably leverage the benefits of this
increasingly ubiquitous computing model.”
Source: Clouds Are Secure: Are You Using Them Securely?