The document summarizes an AWS user group meetup happening on November 7th, 2018. It includes an agenda with three presentations on AWS Secrets Manager, AI driven cloud security, and best practices for cloud management. There will be pizza and drinks during a break between the first two presentations. The event is sponsored by PolarSeven, Palo Alto Networks, and CloudHealth.
by Michael St. Onge, Global Cloud Security Architect, AWS
Responding to an incident requires that you’re aware that an incident exists. To be aware that an incident exists, you have to know where to look and what to look for. In this session, you will learn the tools and techniques to take in the breadth of visibility that AWS offers to your environment as well as some ideas on how to inspect events of interest and identify indicators of compromise. Level 200
by Brad Dispensa, Sr. Solutions Architect, AWS
Navigating the various requirements of the GDPR can be complicated. In this session we will mainly focus on Article 32, Security of processing and specifically 32b "the ability to ensure the ongoing confidentiality, integrity, availability and resillience of processing system and services". We will look at various AWS services and other tools to see how security automation helps you implement solutions in regards to Article 32.
AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...Brian Andrzejewski
AWS CloudTrail helps you discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. In this session, you learn about the AWS CloudTrail service and its value for security operations. The session dives deep into sources of data enrichment and reviews how to leverage AWS CloudTrail as part of your security operations and incident response procedures.
YouTube: https://www.youtube.com/watch?v=Tr78kq-Oa70
by Nathan Case, Sr. Consultant, AWS
Insider threat detection! How do we use AWS products to find an insider threat. We will cover Macie, GuardDuty and lambda to review a production account actions and remediate findings as they arise . We will also cover the utilization of CloudWatch to unify our finds into a single pane of glass. Level 400
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments. Level 200
Amazon GuardDuty - Let's Attack My Account! - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- How to safely generate a number of Amazon GuardDuty findings
- How to analyze Amazon GuardDuty findings
- How to think about remediation of threats
Foundations - Understanding the Critical Building Blocks of AWS Identity & Go...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop. Level 200
by Michael St. Onge, Global Cloud Security Architect, AWS
Responding to an incident requires that you’re aware that an incident exists. To be aware that an incident exists, you have to know where to look and what to look for. In this session, you will learn the tools and techniques to take in the breadth of visibility that AWS offers to your environment as well as some ideas on how to inspect events of interest and identify indicators of compromise. Level 200
by Brad Dispensa, Sr. Solutions Architect, AWS
Navigating the various requirements of the GDPR can be complicated. In this session we will mainly focus on Article 32, Security of processing and specifically 32b "the ability to ensure the ongoing confidentiality, integrity, availability and resillience of processing system and services". We will look at various AWS services and other tools to see how security automation helps you implement solutions in regards to Article 32.
AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...Brian Andrzejewski
AWS CloudTrail helps you discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. In this session, you learn about the AWS CloudTrail service and its value for security operations. The session dives deep into sources of data enrichment and reviews how to leverage AWS CloudTrail as part of your security operations and incident response procedures.
YouTube: https://www.youtube.com/watch?v=Tr78kq-Oa70
by Nathan Case, Sr. Consultant, AWS
Insider threat detection! How do we use AWS products to find an insider threat. We will cover Macie, GuardDuty and lambda to review a production account actions and remediate findings as they arise . We will also cover the utilization of CloudWatch to unify our finds into a single pane of glass. Level 400
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments. Level 200
Amazon GuardDuty - Let's Attack My Account! - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- How to safely generate a number of Amazon GuardDuty findings
- How to analyze Amazon GuardDuty findings
- How to think about remediation of threats
Foundations - Understanding the Critical Building Blocks of AWS Identity & Go...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop. Level 200
Let's spend some time prepping for the GuardDuty lab and set everyone up with Amazon account credits. Then we will do a short warm up lab that builds out a real-time serverless dashboard for monitoring account activity using a number of different services. Level 200
by Michael St. Onge, Global Cloud Security Architect, AWS
Events are precursor to incidents, but how do you decide if an event is harmful? Tuning the signal to noise means that every event needs to be inspected and its impact calculated in as short amount of time as possible to stop bad things from happening. In this session, we will dive deep into a few event types to do advanced analysis in pursuit of deciding if it is a security incident, and how to resolve it by the time the alert hits your inbox.
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Using the new AWS Shield Advanced for EC2 to protect your internet-facing game servers
- How to build an architecture best suited for your title
- Best Practices Checklist for your new release
Threat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS SummitAmazon Web Services
In this session, learn how AWS thinks about threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps address these challenges. We also provide an overview of key AWS services that detect and remediate threats to AWS.
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Insider Threat detection! Working on active systems! How can you find a threat in a current, and realistic production environment. Just like yours. Different ways to find signals in the noise. Bring your questions and logs to discuss.
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS SummitAmazon Web Services
In this session, you learn how AWS handles threat detection and remediation. We summarize the challenges of traditional threat detection efforts, and we explain how AWS helps to address these challenges. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty.
by Greg McConnel, Sr. Security Solutions Architect, AWS
This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.
by Gavin Adams, Sr. IoT Specialist SA AWS
Join us for AWS IoT day at the AWS San Francisco Loft. AWS IoT enables you to easily connect and manage millions of devices securely. You can gather data from, run sophisticated analytics on, and take actions in real-time on your diverse fleet of IoT devices from edge to the cloud. You will build IoT applications with AWS IoT experts. AWS IoT provides edge-based software and cloud-based services so you can easily build IoT applications. Edge-based software, including AWS Greengrass, enables you to securely connect devices, gather data and take intelligent actions locally even when Internet connectivity is down. Cloud-based services, including AWS IoT Core, allow you to quickly onboard large and diverse fleets, maintain fleet health, and keep fleets secure.
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...Amazon Web Services
SaaS presents developers with a unique blend of architectural challenges. Supporting a multi-tenant model often means re-thinking your approach to almost every layer of your architecture. Onboarding, security, data partitioning, tenant isolation, identity—these are areas that must be factored into how you design, build, and deploy your SaaS solution. Of course, the best way to wrap your mind around these SaaS architectural principles is to dig into a working example. In this workshop, we’ll expose you to the core concepts of SaaS architecture then dive into a reference SaaS architecture where you can see the moving parts of a SaaS solution in action. The goal here is to provide a series of activities that allow you to interact with a functional solution, introducing code and configuration that realizes and extends the capabilities of this SaaS environment. Through this combination of a brief lecture and hands-on exercises, you’ll get a healthy dose of SaaS best practices all through the lens of a working reference solution.
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS SummitAmazon Web Services
In this session, learn how AWS addresses threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps you address them. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty.
This session will review how to secure your enterprise adoption of AWS at scale. At AWS security is job zero and at the heart of everything we build. This session will review the patterns of usage for AWS Identity and Access Management, AWS Key Management Service, AWS CloudTrail, AWS Config, Amazon GuardDuty AWS Systems Manager Parameter Store, Amazon EC2 Run Command, AWS Single Sign-On, AWS WAF, AWS Shield, and AWS Service Catalog to an create end-to-end security approach for your AWS cloud adoption. You will gain insight how these AWS services come together to increase your security posture in ways that are unique to AWS workloads.
In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them
Intro to Threat Detection & Remediation on AWS: AWS Security Week at the SF LoftAmazon Web Services
Introduction to Threat Detection and Remediation on AWS: AWS Security Week at the San Francisco Loft
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Level: 100
Speaker: Nathan Case - Sr. Solutions Architect, AWS
How to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Understand the features of AWS IoT and how to use them
- Articulate architectures for IoT applications across commercial, consumer, and industrial use cases
- Hints and tips for keeping devices secure
by Jeff Puchalski, Application Security Engineer, AWS
Insider threat detection! How do we use AWS products to find an insider threat. We will cover Macie, GuardDuty and lambda to review a production account actions and remediate findings as they arise . We will also cover the utilization of CloudWatch to unify our finds into a single pane of glass.
Incident Response - Finding a Needle in a Stack of NeedlesAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Events are precursor to incidents, but how do you decide if an event is harmful? Tuning the signal to noise means that every event needs to be inspected and its impact calculated in as short amount of time as possible to stop bad things from happening. In this session, we will dive deep into a few event types to do advanced analysis in pursuit of deciding if it is a security incident, and how to resolve it by the time the alert hits your inbox.
Build HIPAA Eligible Solutions with AWS and APN Partners PPTAmazon Web Services
In this webinar, you’ll learn how AWS HIPAA Eligible Services can help you build secure workloads to handle PHI in compliance with HIPAA and HITRUST standards. AWS Healthcare experts will be joined in this webinar by AWS Partner Network (APN) Partners ClearDATA and Cloudticity.
In this webinar, you'll learn how to create security workspaces for multiple teams through your AWS account. Discover how IAM works and find out how it integrates with AWS services. In addition, learn how AWS Config rules and AWS Cloud Trial can help you identify and rectify misconfiguration issues quickly and effectively.
AWS Cloud Governance & Security through Automation - Atlanta AWS BuildersJames Strong
Is that requirement from NIST 800-53 Controls or NIST 800-190? If you've ever wondered where those pesky cloud security controls come from, this meetup is for you.
In this Meetup, Jame Strong and Jason Lutz from Contino (an AWS Premier Consulting Partner) will discuss how Contino views DevSecOps. They will review the Benefits of DevSecOps:
- Cost Reduction
- Speed of Delivery
- Speed of Recovery
- Security is Federated
- DevSecOps Fosters a Culture of Openness and Transparency
During this Meetup, James and Jason will show you how to harden and secure a container pipeline and AWS network. Briefly, they will demonstrate how to deploy accounts with a Cloud Security Posture and review security best practices from AWS, CIS, and NIST. They will also touch on how to integrate changes in your infrastructure pipelines to adhere to your Enterprise's Security Compliance Guidelines.
If you're interested in integrating security and compliance into your Application and Infrastructure pipelines to realize the benefits of DevSecOps, join us in this virtual meetup.
by Brad Dispensa, Sr. Solutions Architect, AWS
Operating a security practice on AWS brings many new challenges that haven't been faced in data center environments. The dynamic nature of infrastructure, the relationship between development team members and their applications, and the architecture paradigms have all changed as a result of building software on top of AWS. In this session we will cover how you can use secure configuration and automation to monitor, audit, and enforce your security policies within an AWS environment. Level 200
Let's spend some time prepping for the GuardDuty lab and set everyone up with Amazon account credits. Then we will do a short warm up lab that builds out a real-time serverless dashboard for monitoring account activity using a number of different services. Level 200
by Michael St. Onge, Global Cloud Security Architect, AWS
Events are precursor to incidents, but how do you decide if an event is harmful? Tuning the signal to noise means that every event needs to be inspected and its impact calculated in as short amount of time as possible to stop bad things from happening. In this session, we will dive deep into a few event types to do advanced analysis in pursuit of deciding if it is a security incident, and how to resolve it by the time the alert hits your inbox.
Protect Your Game Servers from DDoS Attacks - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Using the new AWS Shield Advanced for EC2 to protect your internet-facing game servers
- How to build an architecture best suited for your title
- Best Practices Checklist for your new release
Threat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS SummitAmazon Web Services
In this session, learn how AWS thinks about threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps address these challenges. We also provide an overview of key AWS services that detect and remediate threats to AWS.
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Insider Threat detection! Working on active systems! How can you find a threat in a current, and realistic production environment. Just like yours. Different ways to find signals in the noise. Bring your questions and logs to discuss.
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS SummitAmazon Web Services
In this session, you learn how AWS handles threat detection and remediation. We summarize the challenges of traditional threat detection efforts, and we explain how AWS helps to address these challenges. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty.
by Greg McConnel, Sr. Security Solutions Architect, AWS
This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.
by Gavin Adams, Sr. IoT Specialist SA AWS
Join us for AWS IoT day at the AWS San Francisco Loft. AWS IoT enables you to easily connect and manage millions of devices securely. You can gather data from, run sophisticated analytics on, and take actions in real-time on your diverse fleet of IoT devices from edge to the cloud. You will build IoT applications with AWS IoT experts. AWS IoT provides edge-based software and cloud-based services so you can easily build IoT applications. Edge-based software, including AWS Greengrass, enables you to securely connect devices, gather data and take intelligent actions locally even when Internet connectivity is down. Cloud-based services, including AWS IoT Core, allow you to quickly onboard large and diverse fleets, maintain fleet health, and keep fleets secure.
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...Amazon Web Services
SaaS presents developers with a unique blend of architectural challenges. Supporting a multi-tenant model often means re-thinking your approach to almost every layer of your architecture. Onboarding, security, data partitioning, tenant isolation, identity—these are areas that must be factored into how you design, build, and deploy your SaaS solution. Of course, the best way to wrap your mind around these SaaS architectural principles is to dig into a working example. In this workshop, we’ll expose you to the core concepts of SaaS architecture then dive into a reference SaaS architecture where you can see the moving parts of a SaaS solution in action. The goal here is to provide a series of activities that allow you to interact with a functional solution, introducing code and configuration that realizes and extends the capabilities of this SaaS environment. Through this combination of a brief lecture and hands-on exercises, you’ll get a healthy dose of SaaS best practices all through the lens of a working reference solution.
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS SummitAmazon Web Services
In this session, learn how AWS addresses threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps you address them. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty.
This session will review how to secure your enterprise adoption of AWS at scale. At AWS security is job zero and at the heart of everything we build. This session will review the patterns of usage for AWS Identity and Access Management, AWS Key Management Service, AWS CloudTrail, AWS Config, Amazon GuardDuty AWS Systems Manager Parameter Store, Amazon EC2 Run Command, AWS Single Sign-On, AWS WAF, AWS Shield, and AWS Service Catalog to an create end-to-end security approach for your AWS cloud adoption. You will gain insight how these AWS services come together to increase your security posture in ways that are unique to AWS workloads.
In order to confidently scale your AWS deployments, continuous security must be built into your continuous integration and continuous delivery architecture. Participate in a series of interactive capture the flag challenges to get hands on experience with DevSecOps. We’ll teach you how to think like a Security Ninja, highlight common mistakes that can have catastrophic consequences, and provide tips to avoid them
Intro to Threat Detection & Remediation on AWS: AWS Security Week at the SF LoftAmazon Web Services
Introduction to Threat Detection and Remediation on AWS: AWS Security Week at the San Francisco Loft
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Level: 100
Speaker: Nathan Case - Sr. Solutions Architect, AWS
How to Easily and Securely Connect Devices to AWS IoT - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Understand the features of AWS IoT and how to use them
- Articulate architectures for IoT applications across commercial, consumer, and industrial use cases
- Hints and tips for keeping devices secure
by Jeff Puchalski, Application Security Engineer, AWS
Insider threat detection! How do we use AWS products to find an insider threat. We will cover Macie, GuardDuty and lambda to review a production account actions and remediate findings as they arise . We will also cover the utilization of CloudWatch to unify our finds into a single pane of glass.
Incident Response - Finding a Needle in a Stack of NeedlesAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Events are precursor to incidents, but how do you decide if an event is harmful? Tuning the signal to noise means that every event needs to be inspected and its impact calculated in as short amount of time as possible to stop bad things from happening. In this session, we will dive deep into a few event types to do advanced analysis in pursuit of deciding if it is a security incident, and how to resolve it by the time the alert hits your inbox.
Build HIPAA Eligible Solutions with AWS and APN Partners PPTAmazon Web Services
In this webinar, you’ll learn how AWS HIPAA Eligible Services can help you build secure workloads to handle PHI in compliance with HIPAA and HITRUST standards. AWS Healthcare experts will be joined in this webinar by AWS Partner Network (APN) Partners ClearDATA and Cloudticity.
In this webinar, you'll learn how to create security workspaces for multiple teams through your AWS account. Discover how IAM works and find out how it integrates with AWS services. In addition, learn how AWS Config rules and AWS Cloud Trial can help you identify and rectify misconfiguration issues quickly and effectively.
AWS Cloud Governance & Security through Automation - Atlanta AWS BuildersJames Strong
Is that requirement from NIST 800-53 Controls or NIST 800-190? If you've ever wondered where those pesky cloud security controls come from, this meetup is for you.
In this Meetup, Jame Strong and Jason Lutz from Contino (an AWS Premier Consulting Partner) will discuss how Contino views DevSecOps. They will review the Benefits of DevSecOps:
- Cost Reduction
- Speed of Delivery
- Speed of Recovery
- Security is Federated
- DevSecOps Fosters a Culture of Openness and Transparency
During this Meetup, James and Jason will show you how to harden and secure a container pipeline and AWS network. Briefly, they will demonstrate how to deploy accounts with a Cloud Security Posture and review security best practices from AWS, CIS, and NIST. They will also touch on how to integrate changes in your infrastructure pipelines to adhere to your Enterprise's Security Compliance Guidelines.
If you're interested in integrating security and compliance into your Application and Infrastructure pipelines to realize the benefits of DevSecOps, join us in this virtual meetup.
by Brad Dispensa, Sr. Solutions Architect, AWS
Operating a security practice on AWS brings many new challenges that haven't been faced in data center environments. The dynamic nature of infrastructure, the relationship between development team members and their applications, and the architecture paradigms have all changed as a result of building software on top of AWS. In this session we will cover how you can use secure configuration and automation to monitor, audit, and enforce your security policies within an AWS environment. Level 200
Multi cloud governance best practices - AWS, Azure, GCPFaiza Mehar
If you are looking for complete instructions on how to build your own Cloud governance process and control then view our recorded webinar on our youtube channel. We take you step by step on what is governance for the cloud and a focus area for security governance.
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...Amazon Web Services
What does “Cloud First” really mean for your processes, customers, and the future of your business? In this session, learn from Hub International’s CISO and Head of Architecture how the insurance company is transforming their business by migrating to the cloud for greater scale, cost savings, performance, and security. With a goal to go all-in on AWS by end of 2018, Hub International needed real-time visibility across its cloud and hybrid environments to mitigate risks and ensure seamless migrations—thereby keeping customers happy and their data safe. See how Hub International is harnessing machine data and predictive analytics to secure applications and infrastructure, control costs and improve capacity planning. This session is brought to you by AWS partner, Splunk.
Detecting Malicious Cloud Account Behavior: A Look at the New Native Platform...Priyanka Aash
Until recently, major public cloud providers have offered relatively basic toolsets for identifying suspicious activity occurring inside customer accounts that may indicate a compromise. Some organizations have invested significant resources to build their own tools or have leveraged industry vendor offerings to provide this visibility. The reality is, that barrier has meant that a large number of organizations haven't dedicated those resources to this problem and therefore operate without sufficient detection and response capabilities that monitor their cloud accounts for compromise.
Amazon Web Services, Google Cloud Platform, and Microsoft Azure have recently launched a new set of native platform threat and anomalous behavior detection services to help their customers better identify and respond to certain issues and activities occurring inside their cloud accounts. From detecting crypto-currency mining to identifying bot-infected systems to alerting on suspicious cloud credential usage to triggering on cloud-specific methods of data exfiltration, these new services aim to make these kinds of detections much easier and simpler to centrally manage.
But what new and unique insights do they offer? What configuration is required to achieve the full benefits of these detections? What types of activities are not yet covered? What attack methods and techniques can avoid detection by these systems and still be successful? What practical guidelines can be followed to make the best use of these services in an organization?
Follow along as we attempt to answer these questions using practical demonstrations that highlight the real threats facing cloud account owners and how the new threat detection capabilities perform in reducing the risks of operating workloads in the public cloud.
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
Often times, developers and auditors can be at odds. The agile, fast-moving environments that developers enjoy will typically give auditors heartburn. The more controlled and stable environments that auditors prefer to demonstrate and maintain compliance are traditionally not friendly to developers or innovation. We'll walk through how Netflix moved its PCI and SOX environments to the cloud and how we were able to leverage the benefits of the cloud and agile development to satisfy both auditors and developers. Topics covered will include shared responsibility, using compartmentalization and microservices for scope control, immutable infrastructure, and continuous security testing.
Justin Fox from NuData Security, A Mastercard Company presents at the Canadian Executive Cloud & DevOps Summit in Toronto, June 9, 2017 on the topic "Security your DevOps Pipeline".
Building API-Driven Microservices with Amazon API Gateway - AWS Online Tech T...Amazon Web Services
Learning Objectives:
- Learn patterns for building APIs for various backend technologies
- Learn how to secure your APIs
- Learn how to handle updates, versioning, and environments using Amazon API Gateway
Best Practices for Multi-Cloud Security and ComplianceRightScale
The last few months have seen ongoing cloud security breaches and a heightened data privacy focus due to GDPR. In today’s multi-cloud environment, enterprises are challenged to ensure security and compliance across both public and private clouds. We will help you understand best practices for multi-cloud security and compliance and how a cloud management platform (CMP) can help.
AWS and Symantec: Cyber Defense at Scale (SEC311-S) - AWS re:Invent 2018Amazon Web Services
Learn how Symantec uses AWS to provide complete, integrated security solutions that monitor and protect companies and governments from hackers. Hear about lessons learned from how Symantec scaled up its infrastructure to analyze billions of logs every day to detect the world’s most sophisticated cyber attacks, and you’ll see how Symantec integrates with native AWS services, like Amazon GuardDuty, AWS Lambda, and AWS Systems Manager, into its own security solutions to provide even better security in the cloud. This session is brought to you by AWS partner, Symantec Corporation.
Palo Alto Networks and 2nd Watch DevOps and security experts discuss protecting your applications and data in the cloud:
-DevOps: laying a foundation for secure architectures
-A look at how DevOps practices can ensure security
-Setting up the proper security foundation
-Review/white board different Security Architectures
-Approach to automating your security deployments
The Executive Security Simulation takes senior security management and IT/business executive teams through an experiential exercise that illuminates key decision points for a successful and secure cloud journey. During this team-based, game-like competitive simulation, participants leverage an industry case study to make strategic security, risk, and compliance time-based decisions and investments. Participants experience the impact of these investments and decisions on the critical aspects of their secure cloud adoption. Join this workshop to gain an understanding of the major success factors to lead security, risk, and compliance in the cloud, and learn applicable decision and investment approaches to specific secure cloud adoption journeys. AWS facilitators translate lessons learned in the simulation into real-life examples and practical advice for your team.
Hosted by PolarSeven Cloud Consulting - http://polarseven.com
Our monthly AWS User Group Sydney presentation night.
http://www.meetup.com/AWS-Sydney/
Introductions and What's New In AWS - by PolarSeven"
Session 1:
Advanced Monitoring for AWS environments
Dynatrace is the first AI assisted monitoring platform, offering a revolutionary approach to managing the operational complexity of microservices and cloud centric applications.
Presenter: Kevin Leng, Senior SE, APAC
Dynatrace
https://www.dynatrace.com/
See video presentation here
https://youtu.be/MUV_-E3nQGM
Session 2:
Cost Optimization and Cost Control - Best Practises
Join CloudHealth as we explore the key challenge organisations face in managing cloud cost. From our key insights partnering with enterprises around the globe we will share our defined blueprint for cost optimisation and introducing cost controls into your cloud strategy.
Presenter: Richard Economides, Solution Architect
CloudHealth
https://www.cloudhealthtech.com/
Watch the video presentation here
https://youtu.be/rAOfXssTLo8
This month we were joined by Gerald from Contino who answered the question on why friends don't let friends build landing zones.
0 Comments
PolarSeven
Add a public comment...
Hosted by PolarSeven Cloud Consulting - http://polarseven.com
Our monthly AWS User Group Sydney presentation night.
http://www.meetup.com/AWS-Sydney/
Introductions and What's New In AWS - by PolarSeven
Bonus Session - AWS Mitch Beaumant - Amazon Fargate in 15 minutes
Session 1:
Security Policy Lifecycle Management
"Automated security actions based on observed security events
and protecting AWS deployments are some of the key challenges facing network and security teams.
With the general availability of Palo Alto Networks PAN-OS 8.0 software, VM-Series virtualized next-generation firewall, network and security teams now have a simple, automated security management platform for managing and enforcing security policies within AWS deployments. This session will provide an advanced technical overview of the enhancements done over the last 12 months.
The topics covered will include,
• Technical overview of Panorama driven security workflows for AWS
• Presentation of our github AWS templates with a focus on CFT and Terraform"
Paloaltonetworks
https://www.paloaltonetworks.com/
See video presentation here
https://youtu.be/LLdto5LOcd8
Session 2:
Automating the Service Desk using Amazon Lex and Amazon Connect
Once considered a rare and difficult capability to achieve, the democratisation of artificial intelligence has made it possible for developers to easily access and leverage machine learning capabilities to automate and solve problems across multiple industries. This presentation aims to demonstrate how easy it is to take advantage of an AWS Machine Learning capability (Amazon Lex) with no deep learning experience and solve common everyday IT problems.
Telstra
https://www.telstra.com.au/
Watch the video presentation here
https://youtu.be/8BP1OZk2wUs
"Hosted by PolarSeven Cloud Consulting - http://polarseven.com
Our monthly AWS User Group Sydney presentation night.
http://www.meetup.com/AWS-Sydney/
Introductions and What's New In AWS - by PolarSeven"
Session 1:
CloudHealth
https://www.cloudhealthtech.com/
The secret to governing your growing AWS environment at scale is implementing policies to help you automate basic operational tasks. This allows you to manage your environment by exception, freeing up staff time, and maintaining a standardised approach to running your environment. In this session we will go through the six types of policies you need to implement to govern your AWS environment, specifically: financial management policies, cost optimisation policies, operational governance policies, performance management policies, asset and config policies and security and incident management policies. We will also cover best practices for rolling out these policies organisationally with a cloud centre of excellence.
"Hosted by PolarSeven Cloud Consulting - http://polarseven.com
Our monthly AWS User Group Sydney presentation night.
http://www.meetup.com/AWS-Sydney/
Introductions and What's New In AWS - by PolarSeven"
Session 2:
Sophos
https://www.sophos.com/en-us.aspx
How to overcome the challenges of routing, scalbility and automation of DevOps while ensuring security of your VPC.
Watch the video presentation here
https://youtu.be/oFwuDjR3Wg0
See Session 1 and download the slides from here
https://youtu.be/CJj5jbqmQ_o
https://www.slideshare.net/secret/bfjfGxqDVgrHWt
Telstra Programmable Networks & Scaling a Serverless Team with AutomationPolarSeven Pty Ltd
Hosted by PolarSeven Cloud Consulting - http://polarseven.com
Our monthly AWS User Group Sydney presentation night.
http://www.meetup.com/AWS-Sydney/
Introductions and What's New In AWS - by PolarSeven
Session 1:
Telstra
https://www.telstra.com.au/
A new kind of network that will adapt with you in real time, offer a new level of control and flexibility and evolve to suit your business. Peter Galloway, formerly with AWS & Cisco, and now with Telstra will be decoding TPN, SDN, NFV and what it means for AWS.
Watch the video presentation here
https://youtu.be/nV8NRrVfb-w
Session 2:
A Cloud Guru
https://acloud.guru/
Dan Parker, Software Developer at A Cloud Guru is going to talk about automation inside serverless teams. He’ll show you how they’ve fully automated the creation & destruction of serverless environments using Ansible, CloudFormation & Serverless Framework.
Watch the video presentation here
https://youtu.be/tC4CxoNVkkw
Hosted by PolarSeven Cloud Consulting - http://polarseven.com
Our monthly AWS User Group Sydney presentation night.
http://www.meetup.com/AWS-Sydney/
Introductions and Whats New AWS - by PolarSeven
» Whats new - Efs and step functions,
» AWS Filesystems - understanding how EBS and Instance store are implemented
Session 1 - Westcon:
http://au.westcon.com/
Learn about the new types of Reserved Instances that are now available, the importance of optimising your environment before purchasing RI's and making sure that once purchased they are correctly utilised.
Session 2 - Brocade:
http://www.brocade.com/en.html
When using your AWS resources, network optimisation and traffic inspection remains a challenge, in this session we'll look at how to get visibility for your internet traffic and secure your website.
Sophos join us to cover the AWS Shared Security Model and common threats and consequences that you can face in your AWS environment.
Presented by - Peter Gordon - Senior Cloud Security Architect
View the full presentation here - https://youtu.be/cR2MK0rjmVo
Presented at AWS User Group Sydney
https://www.meetup.com/AWS-Sydney/
Hosted by PolarSeven -http://polarseven.com
Visibility, Optimization & Governance for Cloud ServicesPolarSeven Pty Ltd
Join CloudHealth as we take a deeper dive into what Cloud Service Management can help drive business success. Through real world customer success stories we'll tackle the three core pillars of Cloud Services Management, Visibility, Optimization and Governance
Presented by - Elise Oertli - Director CloudHealth Technologies ANZ
View the full presentation here - https://youtu.be/L-B8kYBEVGk
Presented at AWS User Group Sydney
https://www.meetup.com/AWS-Sydney/
Hosted by PolarSeven -http://polarseven.com
Presented by Matt Ray, Manager and Solutions Architect for APJ for Chef. He currently resides in Sydney, Australia after relocating from Austin, Texas.
He podcasts at SoftwareDefinedTalk.com and is @mattray on Twitter, IRC, GitHub and too many Slacks.
This session will provide an overview of the Chef Automate solutions and how they come together on AWS.
Ready to give it a try? Get started with this tutorial.
https://learn.chef.io/tutorials/manage-a-node/opsworks/
You might also be interested in our white paper, "DevOps and the Cloud: Chef and Amazon Web Services." This paper is an introduction to how using DevOps patterns with cloud resources can decrease time to market and reduce costs.
https://pages.chef.io/rs/255-VFB-268/images/devops-and-the-cloud-chef-and-aws.pdf
* Presented at the Sydney AWS User Group session 1st February 2017
http://www.meetup.com/AWS-Sydney/
Hosted and organised by PolarSeven - http://polarseven.com
View the full video presentation here:
https://youtu.be/CD_ptwS8k1w
AWS CloudFormation Automation, TrafficScript, and Serverless architecture wit...PolarSeven Pty Ltd
Chris Kawchuck has 20 years experience in the Telecom and Service provider industry. He will be demonstrating how easy it is to spin up a Brocade vADC in AWS; enabling serverless architectures using S3 buckets, and accomplish real-time traffic rewrites to get you out of sticky situations.
Learn about:
1. Load balancing and scaling options available on AWS
2. Automating the Brocade vADC spin up using Cloudformation Templates
3. Enabling use of "Serverless" web pages in AWS 4.Taking care of tricky situations using TrafficScript
Implementing any 3rd party Load Balancer from the Amazon AWS Marketplace can be a daunting task. Not only does one have to learn the vendor's specific interface, you also need to perform quite a few administrative tasks to setup front end IPs, back end pools, clustering, and so on.
Brocade has published a CloudFormation Template (CFT) which takes all the hard work out of setting it up and operating. Using DevOps tools and open source scripts, we not only automate the deployment of the Brocade vADC within AWS, but all the configuration you need to administer, cluster, and provision your Load Balancers; including public IPs and your back-end server pools.
We would like you to try it, and take advantage of the powerful feature of the Brocade vADC.
https://github.com/dkalintsev/Brocade/tree/master/vADC/CloudFormation/Templates/Variants-and-experimental/Configured-by-Puppet
* Presented at the Sydney AWS User Group session 1st February 2017
http://www.meetup.com/AWS-Sydney/
Hosted and organised by PolarSeven - http://polarseven.com
View the full video presentation here:
https://youtu.be/rKTG2zjQS6o
AWS User Group Meeting - Sydney December 2016
Organised by PolarSeven http://polarseven.com and hosted by TripAdvisor https://www.tripadvisor.com.au/
This month we held a special panel event to discuss the announcements at AWS Re-Invent in Vegas.
Our panel members are industry experts from different fields, vendors and customers who are attending Re-Invent this year who will share their experiences and how they see the future of Cloud on AWS.
Videos of each of the sessions are available here:
https://youtu.be/GqVcoVjVpE0
https://youtu.be/8HxRopYeYpM
AWS User Group Presentation.
Hosted by PolarSeven - http://polarseven.com
5th October 2016
Session 1: Presentation
Jason Umiker:
Art of PaaS - Lessons learned from running Micros, a platform for hundreds of microservices on AWS
AWS Sydney Meetup Presentation by Binqi Zhang of PolarSeven - http://polarseven.com
How the Internet of Things is expanding at a rapid pace with more and more connected devices being added all the time.
The world technology landscape is ever changing and evolving as we can track and measure more data than ever before with high availability connectivity.
Using AWS IoT, which is now available in Australia Binqi looks at some of the ways the new technology can be applied.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
7. Secrets Manager
What is a Secret?
● Passwords
● Encryption keys
● SSH Keys
● Access and Secret Access key ID
● Any data you want to be secret..
8. Secrets Manager
Challenges with traditional method
● Available solution too complex and expensive
● Unreliable rotation leading to outages
● Too many users with unnecessary access to
secrets
9. Secrets Manager
Key Features
● Rotate Secrets safely: Built in for RDS, Extensible
with lambda, has versioning for roll back
● Fine-grained IAM policies
● Encrypted by default
● Pay as you go
10. Secrets Manager
AWS Secrets manager allows customers to rotate,
manage, retrieve database credentials,API keys and
other secrets throughout the lifecycle
● IT Admins: Store and manage secrets securely and
at scale
● Security Admins: Audit and monitor the use of
secrets and rotate secrets
● Developers: Avoid credentials in the application
13. Secrets Manager
Use-case
Connect to database from application code
● DBA loads application specific credentials to secrets
manager
● DevOps engineer deploys application with an IAM role
● Application bootstrapping retrieves secret from secrets
manger and connects to the database
19. Pricing
PER SECRET PER MONTH
● $0.40 per secret per month. For secrets that are stored
for less than a month, the price is prorated (based on the
number of hours.)
PER 10,000 API CALLS
● $0.05 per 10,000 API calls.
21. As you get started
Things to keep in mind
● No plain text secrets
● Unique secrets per region, per environment, per account
● Rotate secrets regularly
● Control permissions
● Monitor and audit use, Delete unused secrets
● No charges for versioning of a secret, no charge for default encryption
47. Thanks For Coming
Join Us Next Month for our final Meetup of 2018!
We will be hosting an open panel night, with speakers from our sponsors,
amazon and more.
Be sure to come along!
>> Register @ http://www.meetup.com/AWS-Sydney/ <<