When you use the cloud to enable speed and agility, how do you know if you did it right? We are on a mission to help builders follow industry best practices within security guide rails by creating the largest compliance-as-code repo, available to all. Compliance-as-code is the idea to translate those best practices, guide rails, policies, or standards into codified unit testing. Apply this to your AWS environment to provide insights on what can/must be improved. Learn why compliance-as-code matters to gain speed (by getting developers, architects, and security pros on the same page), how it is currently used (demo), and how to start to use it or be part of building it.
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...Amazon Web Services
This talk dives deep on how to build end-to-end security capabilities using AWS. Our goal is orchestrating AWS Security services with other AWS building blocks to deliver enhanced security. We cover working with AWS CloudWatch Events as a queueing mechanism for processing security events, using Amazon DynamoDB to provide a stateful layer to provide tailored response to events and other ancillary functions, using DynamoDB as an attack signature engine, and the use of analytics to derive tailored signatures for detection with AWS Lambda. Log sources include available AWS sources and also more traditional logs, such as syslog. The talk aims to keep slides to a minimum and demo live as much as possible. The demos come together to demonstrate an end-to-end architecture for SecOps. You'll get a toolkit consisting of code and templates so you can hit the ground running.
Building CI/CD Pipelines for Serverless Applications - SRV302 - re:Invent 2017Amazon Web Services
Building and deploying serverless applications introduces new challenges for developers whose development workflows are optimized for traditional VM-based applications. In this session, we discuss a method for automating the deployment of serverless applications running on AWS Lambda. We first cover how you can model and express serverless applications using the open-source AWS Serverless Application Model (AWS SAM). Then, we discuss how you can use CI/CD tooling from AWS CodePipeline and AWS CodeBuild, and how to bootstrap the entire toolset using AWS CodeStar. We will also cover best practices to embed in your deployment workflow specific to serverless applications.
You will also hear from iRobot about its approach to serverless deployment. iRobot will share how it achieves coordinated deployments of microservices, maintains long-lived and/or separately-managed resources (like databases), and red/black deployments.
This document discusses using AWS Lambda for security operations like auditing, monitoring, and remediation. It provides examples of how AWS Lambda functions can be triggered by events from services like AWS CloudTrail, CloudWatch Logs, and VPC Flow Logs to filter logs and alerts. Lambda functions can also use AWS APIs to perform automated remediation steps. The document includes demos of architectures that apply these patterns.
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...Amazon Web Services
Supporting a multitenant environment requires a robust management and monitoring strategy. SaaS operations teams require tools and views of system health that enable them to analyze and diagnose both multitenant and tenant-centric issues. The goal of this session is to identify specific strategies and tools that can be combined to support the unique set of operational challenges that SaaS providers face. In this session, we look at how analytics, consumption, and application metrics can correlate tenant activity with system health to proactively identify and troubleshoot issues. We also explore techniques for monitoring and managing different SaaS tenant isolation models, such as silo, pool, and so on.
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017Amazon Web Services
Managed Rules for AWS WAF is a new feature that allows you to purchase Managed Rules from security sellers in the AWS Marketplace. Managed Rules are proactively updated by security sellers as new threats emerge and enable you to easily protect your web applications and APIs from a wide range of Internet threats.
AWS GovCloud (US) is an isolated AWS Region designed to help US government agencies and highly regulated organizations meet their compliance needs, including the International Traffic in Arms Regulations (ITAR) and Federal Risk and Authorization Management Program (FedRAMP). AWS GovCloud (US) makes it safe and easy to move sensitive data and regulated IT workloads to the cloud, through its adherence to numerous compliance and regulatory requirements. Join us to learn about AWS GovCloud (US) and how AWS can do the heavy lifting for your government agency or regulated enterprise.
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...Amazon Web Services
This presentation will include a deep dive into the code behind multiple security automation and remediation functions. This session will consider potential use cases, as well as feature a demonstration of a proposed script, and then walk through the code set to explain the various challenges and solutions of the intended script. All examples of code will be previously unreleased and will feature integration with services such as Trusted Advisor and Macie. All code will be released as OSS after re:Invent.
Cloud-Native App Protection: Web Application Security at Pearson and other cu...Amazon Web Services
In this session, you learn how to adapt application defenses and operational responses based on your unique requirements. You also hear directly from customers about how they architected their applications on AWS to protect their applications. There are many ways to build secure, high-availability applications in the cloud. Services such as API Gateway, Amazon VPC, ALB, ELB, and Amazon EC2 are the basic building blocks that enable you to address a wide range of use cases. Best practices for defending your applications against Distributed Denial of Service (DDoS) attacks, exploitation attempts, and bad bots can vary with your choices in architecture.
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...Amazon Web Services
This talk dives deep on how to build end-to-end security capabilities using AWS. Our goal is orchestrating AWS Security services with other AWS building blocks to deliver enhanced security. We cover working with AWS CloudWatch Events as a queueing mechanism for processing security events, using Amazon DynamoDB to provide a stateful layer to provide tailored response to events and other ancillary functions, using DynamoDB as an attack signature engine, and the use of analytics to derive tailored signatures for detection with AWS Lambda. Log sources include available AWS sources and also more traditional logs, such as syslog. The talk aims to keep slides to a minimum and demo live as much as possible. The demos come together to demonstrate an end-to-end architecture for SecOps. You'll get a toolkit consisting of code and templates so you can hit the ground running.
Building CI/CD Pipelines for Serverless Applications - SRV302 - re:Invent 2017Amazon Web Services
Building and deploying serverless applications introduces new challenges for developers whose development workflows are optimized for traditional VM-based applications. In this session, we discuss a method for automating the deployment of serverless applications running on AWS Lambda. We first cover how you can model and express serverless applications using the open-source AWS Serverless Application Model (AWS SAM). Then, we discuss how you can use CI/CD tooling from AWS CodePipeline and AWS CodeBuild, and how to bootstrap the entire toolset using AWS CodeStar. We will also cover best practices to embed in your deployment workflow specific to serverless applications.
You will also hear from iRobot about its approach to serverless deployment. iRobot will share how it achieves coordinated deployments of microservices, maintains long-lived and/or separately-managed resources (like databases), and red/black deployments.
This document discusses using AWS Lambda for security operations like auditing, monitoring, and remediation. It provides examples of how AWS Lambda functions can be triggered by events from services like AWS CloudTrail, CloudWatch Logs, and VPC Flow Logs to filter logs and alerts. Lambda functions can also use AWS APIs to perform automated remediation steps. The document includes demos of architectures that apply these patterns.
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...Amazon Web Services
Supporting a multitenant environment requires a robust management and monitoring strategy. SaaS operations teams require tools and views of system health that enable them to analyze and diagnose both multitenant and tenant-centric issues. The goal of this session is to identify specific strategies and tools that can be combined to support the unique set of operational challenges that SaaS providers face. In this session, we look at how analytics, consumption, and application metrics can correlate tenant activity with system health to proactively identify and troubleshoot issues. We also explore techniques for monitoring and managing different SaaS tenant isolation models, such as silo, pool, and so on.
NEW LAUNCH! Introduction to Managed Rules for AWS WAF - SID217 - re:Invent 2017Amazon Web Services
Managed Rules for AWS WAF is a new feature that allows you to purchase Managed Rules from security sellers in the AWS Marketplace. Managed Rules are proactively updated by security sellers as new threats emerge and enable you to easily protect your web applications and APIs from a wide range of Internet threats.
AWS GovCloud (US) is an isolated AWS Region designed to help US government agencies and highly regulated organizations meet their compliance needs, including the International Traffic in Arms Regulations (ITAR) and Federal Risk and Authorization Management Program (FedRAMP). AWS GovCloud (US) makes it safe and easy to move sensitive data and regulated IT workloads to the cloud, through its adherence to numerous compliance and regulatory requirements. Join us to learn about AWS GovCloud (US) and how AWS can do the heavy lifting for your government agency or regulated enterprise.
Five New Security Automation Improvements You Can Make by Using Amazon CloudW...Amazon Web Services
This presentation will include a deep dive into the code behind multiple security automation and remediation functions. This session will consider potential use cases, as well as feature a demonstration of a proposed script, and then walk through the code set to explain the various challenges and solutions of the intended script. All examples of code will be previously unreleased and will feature integration with services such as Trusted Advisor and Macie. All code will be released as OSS after re:Invent.
Cloud-Native App Protection: Web Application Security at Pearson and other cu...Amazon Web Services
In this session, you learn how to adapt application defenses and operational responses based on your unique requirements. You also hear directly from customers about how they architected their applications on AWS to protect their applications. There are many ways to build secure, high-availability applications in the cloud. Services such as API Gateway, Amazon VPC, ALB, ELB, and Amazon EC2 are the basic building blocks that enable you to address a wide range of use cases. Best practices for defending your applications against Distributed Denial of Service (DDoS) attacks, exploitation attempts, and bad bots can vary with your choices in architecture.
Managed Rules for AWS WAF is a new feature that allows you to purchase Managed Rules from security sellers in the AWS Marketplace. Managed Rules are proactively updated by security sellers as new threats emerge and enable you to easily protect your web applications and APIs from a wide range of Internet threats.
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...Amazon Web Services
Notice: This Workshop requires a laptop computer and an active AWS account with Administrator privileges.
As attacks and attempts to exploit vulnerabilities in web applications become more sophisticated, having an effective web request filtering solution becomes key to keeping your users’ data safe. In this workshop, discover how the OWASP Top 10 list of application security risks can help you secure your web applications. Learn how to use AWS services, such as AWS WAF, to mitigate vulnerabilities. This session includes hands-on labs to help you build a solution. Key learning goals include understanding the breadth and complexity of vulnerabilities customers need to protect from, understanding the AWS tools and capabilities that can help mitigate vulnerabilities, and learning how to configure effective HTTP request filtering rules using AWS WAF.
User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...Amazon Web Services
This document contains a summary of a workshop on user management and app authentication with Amazon Cognito. The workshop covers setting up Cognito user pools for user sign-up, sign-in, and password management. It also covers getting temporary AWS credentials from Cognito identity pools to access AWS services like S3. The hands-on portion involves building a desktop app for user authentication with Cognito user pools and getting credentials to call AWS services.
AWS distinguished engineer Eric Brandwine speaks with hundreds of customers each year, and noticed one question coming up more than any other, "How does AWS operationalize its own security?" In this session, Eric details both strategic and tactical considerations, along with an insider's look at AWS tooling and processes.
SRV332_Building Serverless Real-Time Data Processing (Now with Unicorns!).pdfAmazon Web Services
Calling all serverless developers! Wild Rydes (www.wildrydes.com), the world’s leading unicorn transportation startup, needs your help! The company's rydesharing network of unicorns has grown to thousands, fulfilling hundreds of thousands of passenger rydes each day. Your mission is to collect, store, process, and analyze data to track the real-time location and health of our unicorns. In this workshop, learn how to build infrastructure to process data streams in real time using Amazon Kinesis. Build serverless applications using Amazon Kinesis Analytics to aggregate and summarize data, and use AWS Lambda to store aggregated data in Amazon DynamoDB. Finally, use Amazon Kinesis Firehose to build a data lake in Amazon S3, and use Amazon Athena to run ad-hoc queries against it. Requirements: laptop, text editor, AWS account, and AWS Command Line Interface (CLI) installed and configured.
AWS Security State of the Union - SID326 - re:Invent 2017Amazon Web Services
Steve Schmidt, chief information security officer of AWS, addresses the current state of security in the cloud, with a particular focus on feature updates, the AWS internal "secret sauce," and what's on horizon in terms of security, identity, and compliance tooling.
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...Amazon Web Services
This document summarizes a session from AWS re:Invent on how Vanguard implemented identity and access management (IAM) across their AWS accounts. It discusses how Vanguard established multiple AWS accounts for isolation, used IAM roles to implement least privilege and separation of duties, and federated access to IAM using their corporate LDAP. It also describes how Vanguard addressed challenges of managing access at scale through role rationalization, comparing job roles to API usage and creating new granular roles. The session highlights how Vanguard established an ongoing process to continuously review and refine roles and permissions.
SID345-AWS Encryption SDK The Busy Engineer’s Guide to Client-Side EncryptionAmazon Web Services
You know you want client-side encryption for your service but you don’t know exactly where to start. Join us for a hands-on workshop where we review some of your client-side encryption options and explore implementing client-side encryption using the AWS Encryption SDK. In this session, we cover the basics of client-side encryption, perform encrypt and decrypt operations using AWS KMS and the AWS Encryption SDK, and discuss security and performance considerations when implementing client-side encryption in your service.
Data exfiltration—also called data extrusion, data exportation, or data theft—is the unauthorized transfer of data. It is a very serious challenge to business because attackers go after business critical or highly confidential data. Data exfiltration can be done manually by a person, or automated using scripts. Attack sophistication increases by the day. Signature-based techniques to defend against attacks are limited and cannot protect against zero-day attacks. To counter this, we use machine learning (ML) techniques. ML is effective at solving many problems in computer vision, robotics, etc., and is increasingly used in security. Learn an ML technique called anomaly detection, and other state-of-the-art techniques to identify data exfiltration attempts.
Join us to learn what's new in serverless computing and AWS Lambda. Dr. Tim Wagner, General Manager of AWS Lambda and Amazon API Gateway, will share the latest developments in serverless computing and how companies are benefiting from serverless applications. You'll learn about the latest feature releases from AWS Lambda, Amazon API Gateway, and more. You will also hear from FICO about how it is using serverless computing for its predictive analytics and data science platform.
How does a practice become a "best" practice? How does a pattern become an "anti" pattern? As always, experience is the best teacher. As Partner Solution Architects, we receive a lot of partner feedback on how practices and design patterns work—and occasionally fail to work—in the real world. We use this feedback to inform our recommendations and reference architectures. In this session, we explore a representative set of real-life "failures." We look at what these failures have to teach us about design and how to prioritize remediation of known issues.
SID302_Force Multiply Your Security Team with Automation and AlexaAmazon Web Services
Adversaries automate. Who says the good guys can't as well? By combining AWS offerings like AWS CloudTrail, Amazon Cloudwatch, AWS Config, and AWS Lambda with the power of Amazon Alexa, you can do more security tasks faster, with fewer resources. Force multiplying your security team is all about automation! Last year, we showed off penetration testing at the push of an (AWS IoT) button, and surprise-previewed how to ask Alexa to run Inspector as-needed. Want to see other ways to ask Alexa to be your cloud security sidekick? We have crazy new demos at the ready to show security geeks how to sling security automation solutions for their AWS environments (and impress and help your boss, too).
NEW LAUNCH! AWS IoT Device Management - IOT330 - re:Invent 2017Amazon Web Services
If you have a large fleet of IoT devices join us. We will introduce you to a new service called AWS IoT Device Management. It makes it easy for OEMs, enterprises and integrators to securely manage connected devices throughout their lifecycle: from initial setup through software updates, to retirement. We will show you how customers enroll and authenticate their devices in bulk, organize their fleets, manage permissions, remotely manage and update device software, and monitor the performance of their products. Customers already using the service will show how they have used IoT Device Management to create an IoT solution spanning multiple industries and use cases.
Become a Serverless Black Belt: Optimizing Your Serverless Applications - SRV...Amazon Web Services
Are you an experienced serverless developer who wants a handy guide to unleash the full power of serverless architectures for your production workloads? Do you have questions about whether to choose a stream or an API as your event source, or whether to have one function or many? In this talk, we discuss architectural best practices, optimizations, and handy little cheat codes to build secure, high-scale, high-performance serverless applications, using real customer scenarios to illustrate the benefits.
Analytics, Authentication and Data with AWS Amplify - MBL403 - re:Invent 2017Amazon Web Services
JavaScript based applications across mobile and web can be challenging to integrate with AWS services for teams that aren’t familiar with infrastructure operations. AWS Mobile has just launched a comprehensive open-source library, AWS Amplify, and tooling to help frontend and mobile developer quickly add features to their applications using a declarative programming style organized by categories of Authentication, Storage, APIs and Analytics. You’ll see how Serverless infrastructure for mobile and web applications can not only be launched in a couple of commands, but you can use the new tooling to iteratively add features and code to applications that under the covers interface with Amazon Cognito, Amazon S3, Amazon API Gateway, AWS Lambda, Amazon DynamoDB and Amazon Pinpoint. You’ll also see some framework specific techniques such as leveraging Higher Order Components (HOCs) in a React or React Native application as well as other best practices and utilities that AWS Mobile has released.
IOT308-One Message to a Million Things Done in 60 seconds with AWS IoTAmazon Web Services
The AWS IoT message broker is a fully managed publish/subscribe broker service that enables the sending and receiving of messages between devices and applications with high speed and reliability. In this session, learn about the common AWS IoT messaging patterns and dive deep into understanding the scaling best practices while using these patterns in applications. In addition, Amazon Music talks about how they used AWS IoT to build event notifications of soccer games in their applications for our customers.
This document summarizes Amit Patel's presentation on the state of mobile development and AWS services for building mobile apps. Patel discussed trends like increasing time spent in mobile apps and more enterprise apps being built with web technologies. He then outlined three simple steps for building cloud-enabled mobile apps using AWS Mobile Hub, native SDKs, and the AWS Mobile CLI. Patel demonstrated how the CLI can be used to set up cloud services like user sign-in and highlighted the AWS Amplify library for connecting apps. He also discussed testing web apps and using the Mobile Hub console. In closing, Patel previewed the new AWS AppSync service for building powerful data-driven apps.
DVC304_Compliance and Top Security Threats in the Cloud—Are You ProtectedAmazon Web Services
Compliance is necessary and a good thing. However, many compliant companies are still getting breached. In this talk, we discuss the importance of using a risk model to figure out the biggest threat to your business and mitigation and monitoring tactics to guard against these high-risk threats. We also dive into a real-world example of achieving Payment Card Industry Data Security Standard (PCI-DSS) compliance in under a year; we share architecture and design patterns; and we discuss what worked and what didn't. Leave this session knowing what the top cloud attack vectors are and how to protect yourself by using AWS services to build a fully automated, highly flexible and secure environment.
This session is part of the re:Invent Developer Community Day, six community-led sessions where AWS enthusiasts share technical insights on trending topics based on first-hand experiences and knowledge shared within local AWS communities.
CON320_Monitoring, Logging and Debugging Containerized ServicesAmazon Web Services
As containers become more embedded in the platform tools, debug tools, traces and logs become increasingly important. Nare Hayrapetyan, Senior Software Engineer and Calvin French-Owen, Senior Technical Officer for Segment will discuss the principals of monitoring and debugging containers and the tools Segment has implemented and built for logging, alerting, metric collection, and debugging of containerized services running on Amazon ECS.
NEW LAUNCH! Hear how OwnZones is using AWS Elemental MediaConvert to help med...Amazon Web Services
Explore server-less transcoding workflows using the latest AWS services. Learn how to implement a wide array of use cases and how to combine AWS and 3rd party services to create a complete end-to-end file-based transcoding solution.
Leveraging a Cloud Policy Framework - From Zero to Well Governed - ENT318 - r...Amazon Web Services
Governing cloud infrastructure at scale requires software that enables you to capture and drive management from internal policies, best practices, and reference architectures. A policy-driven management and governance strategy is critical to successfully operate in cloud and hybrid environments. As infrastructure grows, you might leverage knowledge that extends beyond the organization. An open-source “cloud policy framework” enables users to leverage a community that can help define and tune best practice policies, and help SaaS vendors and ISVs capture the best way to manage an application and share it with customers. A well-defined management and governance strategy enables you to put automation in place that keeps your cloud running securely and efficiently without having to take it on as a full-time job. This session discusses the development of a “cloud policy framework” that enables users to leverage open source rule definition organizations can use to govern their cloud. Learn best practice policies for managing all aspects of services, applications, and infrastructure across cost, availability, performance, security and usage.
Session sponsored by CloudHealth Technologies
The document discusses establishing a cloud policy framework for governance. It describes challenges with a bring-your-own-tools approach and proposes implementing policies as code with defined triggers, conditions, actions, and targets. Examples are provided for security, reliability, and cost policies. Automating policy evaluation and reporting on metrics is suggested for effective governance.
Managed Rules for AWS WAF is a new feature that allows you to purchase Managed Rules from security sellers in the AWS Marketplace. Managed Rules are proactively updated by security sellers as new threats emerge and enable you to easily protect your web applications and APIs from a wide range of Internet threats.
Protect Your Web Applications from Common Attack Vectors Using AWS WAF - SID3...Amazon Web Services
Notice: This Workshop requires a laptop computer and an active AWS account with Administrator privileges.
As attacks and attempts to exploit vulnerabilities in web applications become more sophisticated, having an effective web request filtering solution becomes key to keeping your users’ data safe. In this workshop, discover how the OWASP Top 10 list of application security risks can help you secure your web applications. Learn how to use AWS services, such as AWS WAF, to mitigate vulnerabilities. This session includes hands-on labs to help you build a solution. Key learning goals include understanding the breadth and complexity of vulnerabilities customers need to protect from, understanding the AWS tools and capabilities that can help mitigate vulnerabilities, and learning how to configure effective HTTP request filtering rules using AWS WAF.
User Management and App Authentication with Amazon Cognito - SID343 - re:Inve...Amazon Web Services
This document contains a summary of a workshop on user management and app authentication with Amazon Cognito. The workshop covers setting up Cognito user pools for user sign-up, sign-in, and password management. It also covers getting temporary AWS credentials from Cognito identity pools to access AWS services like S3. The hands-on portion involves building a desktop app for user authentication with Cognito user pools and getting credentials to call AWS services.
AWS distinguished engineer Eric Brandwine speaks with hundreds of customers each year, and noticed one question coming up more than any other, "How does AWS operationalize its own security?" In this session, Eric details both strategic and tactical considerations, along with an insider's look at AWS tooling and processes.
SRV332_Building Serverless Real-Time Data Processing (Now with Unicorns!).pdfAmazon Web Services
Calling all serverless developers! Wild Rydes (www.wildrydes.com), the world’s leading unicorn transportation startup, needs your help! The company's rydesharing network of unicorns has grown to thousands, fulfilling hundreds of thousands of passenger rydes each day. Your mission is to collect, store, process, and analyze data to track the real-time location and health of our unicorns. In this workshop, learn how to build infrastructure to process data streams in real time using Amazon Kinesis. Build serverless applications using Amazon Kinesis Analytics to aggregate and summarize data, and use AWS Lambda to store aggregated data in Amazon DynamoDB. Finally, use Amazon Kinesis Firehose to build a data lake in Amazon S3, and use Amazon Athena to run ad-hoc queries against it. Requirements: laptop, text editor, AWS account, and AWS Command Line Interface (CLI) installed and configured.
AWS Security State of the Union - SID326 - re:Invent 2017Amazon Web Services
Steve Schmidt, chief information security officer of AWS, addresses the current state of security in the cloud, with a particular focus on feature updates, the AWS internal "secret sauce," and what's on horizon in terms of security, identity, and compliance tooling.
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...Amazon Web Services
This document summarizes a session from AWS re:Invent on how Vanguard implemented identity and access management (IAM) across their AWS accounts. It discusses how Vanguard established multiple AWS accounts for isolation, used IAM roles to implement least privilege and separation of duties, and federated access to IAM using their corporate LDAP. It also describes how Vanguard addressed challenges of managing access at scale through role rationalization, comparing job roles to API usage and creating new granular roles. The session highlights how Vanguard established an ongoing process to continuously review and refine roles and permissions.
SID345-AWS Encryption SDK The Busy Engineer’s Guide to Client-Side EncryptionAmazon Web Services
You know you want client-side encryption for your service but you don’t know exactly where to start. Join us for a hands-on workshop where we review some of your client-side encryption options and explore implementing client-side encryption using the AWS Encryption SDK. In this session, we cover the basics of client-side encryption, perform encrypt and decrypt operations using AWS KMS and the AWS Encryption SDK, and discuss security and performance considerations when implementing client-side encryption in your service.
Data exfiltration—also called data extrusion, data exportation, or data theft—is the unauthorized transfer of data. It is a very serious challenge to business because attackers go after business critical or highly confidential data. Data exfiltration can be done manually by a person, or automated using scripts. Attack sophistication increases by the day. Signature-based techniques to defend against attacks are limited and cannot protect against zero-day attacks. To counter this, we use machine learning (ML) techniques. ML is effective at solving many problems in computer vision, robotics, etc., and is increasingly used in security. Learn an ML technique called anomaly detection, and other state-of-the-art techniques to identify data exfiltration attempts.
Join us to learn what's new in serverless computing and AWS Lambda. Dr. Tim Wagner, General Manager of AWS Lambda and Amazon API Gateway, will share the latest developments in serverless computing and how companies are benefiting from serverless applications. You'll learn about the latest feature releases from AWS Lambda, Amazon API Gateway, and more. You will also hear from FICO about how it is using serverless computing for its predictive analytics and data science platform.
How does a practice become a "best" practice? How does a pattern become an "anti" pattern? As always, experience is the best teacher. As Partner Solution Architects, we receive a lot of partner feedback on how practices and design patterns work—and occasionally fail to work—in the real world. We use this feedback to inform our recommendations and reference architectures. In this session, we explore a representative set of real-life "failures." We look at what these failures have to teach us about design and how to prioritize remediation of known issues.
SID302_Force Multiply Your Security Team with Automation and AlexaAmazon Web Services
Adversaries automate. Who says the good guys can't as well? By combining AWS offerings like AWS CloudTrail, Amazon Cloudwatch, AWS Config, and AWS Lambda with the power of Amazon Alexa, you can do more security tasks faster, with fewer resources. Force multiplying your security team is all about automation! Last year, we showed off penetration testing at the push of an (AWS IoT) button, and surprise-previewed how to ask Alexa to run Inspector as-needed. Want to see other ways to ask Alexa to be your cloud security sidekick? We have crazy new demos at the ready to show security geeks how to sling security automation solutions for their AWS environments (and impress and help your boss, too).
NEW LAUNCH! AWS IoT Device Management - IOT330 - re:Invent 2017Amazon Web Services
If you have a large fleet of IoT devices join us. We will introduce you to a new service called AWS IoT Device Management. It makes it easy for OEMs, enterprises and integrators to securely manage connected devices throughout their lifecycle: from initial setup through software updates, to retirement. We will show you how customers enroll and authenticate their devices in bulk, organize their fleets, manage permissions, remotely manage and update device software, and monitor the performance of their products. Customers already using the service will show how they have used IoT Device Management to create an IoT solution spanning multiple industries and use cases.
Become a Serverless Black Belt: Optimizing Your Serverless Applications - SRV...Amazon Web Services
Are you an experienced serverless developer who wants a handy guide to unleash the full power of serverless architectures for your production workloads? Do you have questions about whether to choose a stream or an API as your event source, or whether to have one function or many? In this talk, we discuss architectural best practices, optimizations, and handy little cheat codes to build secure, high-scale, high-performance serverless applications, using real customer scenarios to illustrate the benefits.
Analytics, Authentication and Data with AWS Amplify - MBL403 - re:Invent 2017Amazon Web Services
JavaScript based applications across mobile and web can be challenging to integrate with AWS services for teams that aren’t familiar with infrastructure operations. AWS Mobile has just launched a comprehensive open-source library, AWS Amplify, and tooling to help frontend and mobile developer quickly add features to their applications using a declarative programming style organized by categories of Authentication, Storage, APIs and Analytics. You’ll see how Serverless infrastructure for mobile and web applications can not only be launched in a couple of commands, but you can use the new tooling to iteratively add features and code to applications that under the covers interface with Amazon Cognito, Amazon S3, Amazon API Gateway, AWS Lambda, Amazon DynamoDB and Amazon Pinpoint. You’ll also see some framework specific techniques such as leveraging Higher Order Components (HOCs) in a React or React Native application as well as other best practices and utilities that AWS Mobile has released.
IOT308-One Message to a Million Things Done in 60 seconds with AWS IoTAmazon Web Services
The AWS IoT message broker is a fully managed publish/subscribe broker service that enables the sending and receiving of messages between devices and applications with high speed and reliability. In this session, learn about the common AWS IoT messaging patterns and dive deep into understanding the scaling best practices while using these patterns in applications. In addition, Amazon Music talks about how they used AWS IoT to build event notifications of soccer games in their applications for our customers.
This document summarizes Amit Patel's presentation on the state of mobile development and AWS services for building mobile apps. Patel discussed trends like increasing time spent in mobile apps and more enterprise apps being built with web technologies. He then outlined three simple steps for building cloud-enabled mobile apps using AWS Mobile Hub, native SDKs, and the AWS Mobile CLI. Patel demonstrated how the CLI can be used to set up cloud services like user sign-in and highlighted the AWS Amplify library for connecting apps. He also discussed testing web apps and using the Mobile Hub console. In closing, Patel previewed the new AWS AppSync service for building powerful data-driven apps.
DVC304_Compliance and Top Security Threats in the Cloud—Are You ProtectedAmazon Web Services
Compliance is necessary and a good thing. However, many compliant companies are still getting breached. In this talk, we discuss the importance of using a risk model to figure out the biggest threat to your business and mitigation and monitoring tactics to guard against these high-risk threats. We also dive into a real-world example of achieving Payment Card Industry Data Security Standard (PCI-DSS) compliance in under a year; we share architecture and design patterns; and we discuss what worked and what didn't. Leave this session knowing what the top cloud attack vectors are and how to protect yourself by using AWS services to build a fully automated, highly flexible and secure environment.
This session is part of the re:Invent Developer Community Day, six community-led sessions where AWS enthusiasts share technical insights on trending topics based on first-hand experiences and knowledge shared within local AWS communities.
CON320_Monitoring, Logging and Debugging Containerized ServicesAmazon Web Services
As containers become more embedded in the platform tools, debug tools, traces and logs become increasingly important. Nare Hayrapetyan, Senior Software Engineer and Calvin French-Owen, Senior Technical Officer for Segment will discuss the principals of monitoring and debugging containers and the tools Segment has implemented and built for logging, alerting, metric collection, and debugging of containerized services running on Amazon ECS.
NEW LAUNCH! Hear how OwnZones is using AWS Elemental MediaConvert to help med...Amazon Web Services
Explore server-less transcoding workflows using the latest AWS services. Learn how to implement a wide array of use cases and how to combine AWS and 3rd party services to create a complete end-to-end file-based transcoding solution.
Leveraging a Cloud Policy Framework - From Zero to Well Governed - ENT318 - r...Amazon Web Services
Governing cloud infrastructure at scale requires software that enables you to capture and drive management from internal policies, best practices, and reference architectures. A policy-driven management and governance strategy is critical to successfully operate in cloud and hybrid environments. As infrastructure grows, you might leverage knowledge that extends beyond the organization. An open-source “cloud policy framework” enables users to leverage a community that can help define and tune best practice policies, and help SaaS vendors and ISVs capture the best way to manage an application and share it with customers. A well-defined management and governance strategy enables you to put automation in place that keeps your cloud running securely and efficiently without having to take it on as a full-time job. This session discusses the development of a “cloud policy framework” that enables users to leverage open source rule definition organizations can use to govern their cloud. Learn best practice policies for managing all aspects of services, applications, and infrastructure across cost, availability, performance, security and usage.
Session sponsored by CloudHealth Technologies
The document discusses establishing a cloud policy framework for governance. It describes challenges with a bring-your-own-tools approach and proposes implementing policies as code with defined triggers, conditions, actions, and targets. Examples are provided for security, reliability, and cost policies. Automating policy evaluation and reporting on metrics is suggested for effective governance.
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...Amazon Web Services
In this session, Verizon and Stelligent demonstrate techniques and approaches on how to validate your security infrastructure during the development process through Continuous Security, and keep it that way through AWS Lambda auto-remediation. Verizon and Stelligent present a hands-on demo of these techniques, and a deep dive into the code that enables these technologies.
DEV332_Using AWS to Achieve Both Autonomy and Governance at 3MAmazon Web Services
There is a constant tension between empowering teams to be agile through autonomy and enforcing governance policies to maintain regulatory compliance. Hear from Nathan Scott, Senior Consultant at AWS and James Martin, Automation Engineering Manager at 3M on how they have achieved both autonomy and governance through self-service automation tools on AWS. Learn how to avoid pitfalls with building the CI/CD team, right sizing and how to address. This session will also feature a demo from Casey Lee, Chief Architect at Stelligent on the tools used to accomplish this for 3M, including AWS Service Catalog, AWS CloudFormation, AWS CodePipeline and Cloud Custodian, an open source tool for managing AWS accounts.
Using AWS to Achieve Both Autonomy and Governance at 3MCasey Lee
There is a constant tension between empowering teams to be agile through autonomy and enforcing governance policies to maintain regulatory compliance. Hear from Nathan Scott, Senior Consultant at AWS and James Martin, Automation Engineering Manager at 3M on how they have achieved both autonomy and governance through self-service automation tools on AWS. Learn how to avoid pitfalls with building the CI/CD team, right sizing and how to address. This session will also feature a demo from Casey Lee, Chief Architect at Stelligent on the tools used to accomplish this for 3M, including AWS Service Catalog, AWS CloudFormation, AWS CodePipeline and Cloud Custodian, an open source tool for managing AWS accounts.
When migrating lots of applications to the AWS Cloud, it’s important to architect cloud environments that are efficient, secure, and compliant. Landing zones are a prescriptive set of instructions for deploying an AWS-recommended foundation of interrelated AWS accounts, networks, and core services for your initial AWS application environments. In this session, we will review the benefits and best practices for developing landing zones as well as how to incorporate them into your migration process.
Introduction to the Security Perspective of the Cloud Adoption FrameworkAmazon Web Services
The Security Perspective of the AWS Cloud Adoption Framework (CAF) provides a framework for maturation via a structured program that incorporates best practices and processes to define, build, and optimize how you operate security controls in the AWS Cloud. The Security Perspective of the CAF provides a set of five core foundational themes designed to help you structure your selection and implementation of controls that are right for your business: AWS Identity and Access Management, detective controls, infrastructure security, data protection, and incident response. During this session, you will learn how to put the Security Perspective of the CAF into practice.
Speaker: Bill Reid - Sr. Manager, Solutions Architecture, AWS
DVC304_Compliance and Top Security Threats in the Cloud—Are You ProtectedAmazon Web Services
Compliance is necessary and a good thing. However, many compliant companies are still getting breached. In this talk, we discuss the importance of using a risk model to figure out the biggest threat to your business and mitigation and monitoring tactics to guard against these high-risk threats. We also dive into a real-world example of achieving Payment Card Industry Data Security Standard (PCI-DSS) compliance in under a year; we share architecture and design patterns; and we discuss what worked and what didn't. Leave this session knowing what the top cloud attack vectors are and how to protect yourself by using AWS services to build a fully automated, highly flexible and secure environment.
This session is part of the re:Invent Developer Community Day, six community-led sessions where AWS enthusiasts share technical insights on trending topics based on first-hand experiences and knowledge shared within local AWS communities.
GPSTEC306-Continuous Compliance for Healthcare and Life SciencesAmazon Web Services
Healthcare and life sciences companies often have to adhere to specific regulatory requirements, such as GxP or HIPAA. The ability to treat your application environment as code on AWS lets you iterate faster while adhering to the appropriate regulatory frameworks. In this session, we discuss how DevOps principles can help you achieve your compliance requirements by validating your infrastructure in the same way that you do software. In particular, we discuss common compliance principles, demonstrate how to translate from policies to technical controls, and highlight how our partners are building for GxP and HIPAA.
Introduction to the Security Perspective of the Cloud Adoption FrameworkAmazon Web Services
by Bill Reid, Sr Mgr, Solutions Architecture AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
For many organizations, a perceived lack of cloud skills in their staff can limit their move to the cloud. Proper training of your engineers and developers can speed the pace of adoption, cloud migration, and delivery of business benefits by effectively operating the AWS Cloud. In this session, we discuss field-proven, prescriptive steps for reskilling and scaling your technical teams so that you can use the AWS Cloud securely, efficiently, and effectively.
Speaker: Jonathan Allen, EMEA Enterprise Strategist & Evangelist, Amazon Web Services
NEW LAUNCH! AWS PrivateLink: Bringing SaaS Solutions into Your VPCs and Your ...Amazon Web Services
Many customers are hesitant to adopt SaaS solutions due to the concerns on the safety of the network connectivity traversing internet. It is also difficult to manage the firewall rules, NAT Gateway or VPN connections. AWS PrivateLink provided solution that let our customers’ applications, whether in a VPC or in their own data center, to connect to SaaS solutions in a highly scalable and highly available manner, while keeping all the network traffic within the AWS network.
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...Amazon Web Services
Join us for an overview and demonstration of Amazon Connect, a self-service, cloud-based contact center based on the same technology used by Amazon customer service associates worldwide to power millions of conversations. The self-service graphical interface in Amazon Connect makes it easy to design contact flows for self and assisted call-handling experiences, manage agents, and track performance metrics – no specialized skills required. In this session, you will hear from Capital One and T-Mobile on how they are using Amazon Connect to provide their customers with dynamic, natural, and personalized experiences. See how quickly you can get started with Amazon Connect and build your contact center.
Building Best Practices and the Right Foundation for your 1st Production Work...Amazon Web Services
Cloud computing gives you a number of advantages, such as the ability to scale your web application or website on demand. Join us in this session to understand best practices for scaling your resources from zero to millions of users. We show you how to take your first steps on the AWS Cloud, explain how to make smarter decisions for architecting your application, and demonstrate the best way to scale your infrastructure.
Achieving Compliance and Selling to Regulated Markets on AWSAmazon Web Services
Security is the top priority at AWS, and whether you are a startup or an enterprise our compliance programs can help you demonstrate the effectiveness of this security to your customers. In this session, you will learn how to build your own compliance programs on AWS, and how to show your customers evidence of this compliance. Bring both your business and technical hat as we will dive into a cross-functional strategy that will accelerate your path to compliance on AWS and your business growth in regulated markets.
How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...Amazon Web Services
The session will focus on the newly-launched security tool Hammer, which Dow Jones developed after identifying a security vulnerability internally. Users will learn more about Hammer and how it solves certain security configuration issues in the AWS cloud. The team behind the development of Hammer will showcase real-world examples of the tool identifying, analyzing and remediating issues, all as part of Dow Jones' commitment to helping everyone in the community as they make the jump to the cloud.
DevSecOps is the premise that everyone in the software development lifecycle is responsible for security. DevSecOps aims to embed security in every part of the development process. In this *workshop*, participants explore taking a standard CI/CD pipeline and adding security stages to improve security posture. Learn how to use AWS CodeCommit and AWS CodePipeline to build and publish golden AMI images. Also, learn how to modify pipeline flow to add security test cases. You also have to opportunity to perform CVE analysis and code analysis using Amazon Inspector and perform observational container analysis using Amazon GuardDuty.
FSV305-Optimizing Payments Collections with Containers and Machine LearningAmazon Web Services
The Bank of Nova Scotia is using deep learning to improve the way it manages payments collections for its millions of credit card customers. In this session, we will show how the Bank of Nova Scotia leveraged Amazon EC2 Container Service and EC2 Container Registry and Docker to streamline their deployment pipeline. We will also cover how the bank used AWS IAM and Amazon S3 for asset management and security, as well as AWS GPU accelerated instances and TensorFlow to develop a retail risk model. We will conclude the session by examining how the Bank of Nova Scotia was able to dramatically cut costs in comparison to on-premise development.
LFS307_Using AWS to Maximize Digital Marketing Reach and EfficiencyAmazon Web Services
Pharmaceutical company processes tend to be slow when dealing with customer-facing applications that contain FDA-validated messages, all while maintaining infrastructure and security standards. In this session, discover how Mylan, a US–based global generic and specialty pharmaceutical company, overcame these obstacles and provided scalable solutions by leveraging AWS DevOps methods that lower time to market, while maintaining robust security and release management practices. During the presentation, learn how Mylan redefined process models such as infrastructure change management to define new security and process models. Additionally, learn how Mylan used services like Amazon S3, Elastic Load Balancing (ELB), and AWS CloudFormation to define these new models.
Similar to Building the Largest Repo for Serverless Compliance-as-Code - SID205 - re:Invent 2017 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
1) The document discusses building a minimum viable product (MVP) using Amazon Web Services (AWS).
2) It provides an example of an MVP for an omni-channel messenger platform that was built from 2017 to connect ecommerce stores to customers via web chat, Facebook Messenger, WhatsApp, and other channels.
3) The founder discusses how they started with an MVP in 2017 with 200 ecommerce stores in Hong Kong and Taiwan, and have since expanded to over 5000 clients across Southeast Asia using AWS for scaling.
This document discusses pitch decks and fundraising materials. It explains that venture capitalists will typically spend only 3 minutes and 44 seconds reviewing a pitch deck. Therefore, the deck needs to tell a compelling story to grab their attention. It also provides tips on tailoring different types of decks for different purposes, such as creating a concise 1-2 page teaser, a presentation deck for pitching in-person, and a more detailed read-only or fundraising deck. The document stresses the importance of including key information like the problem, solution, product, traction, market size, plans, team, and ask.
This document discusses building serverless web applications using AWS services like API Gateway, Lambda, DynamoDB, S3 and Amplify. It provides an overview of each service and how they can work together to create a scalable, secure and cost-effective serverless application stack without having to manage servers or infrastructure. Key services covered include API Gateway for hosting APIs, Lambda for backend logic, DynamoDB for database needs, S3 for static content, and Amplify for frontend hosting and continuous deployment.
This document provides tips for fundraising from startup founders Roland Yau and Sze Lok Chan. It discusses generating competition to create urgency for investors, fundraising in parallel rather than sequentially, having a clear fundraising narrative focused on what you do and why it's compelling, and prioritizing relationships with people over firms. It also notes how the pandemic has changed fundraising, with examples of deals done virtually during this time. The tips emphasize being fully prepared before fundraising and cultivating connections with investors in advance.
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
This document discusses Amazon's machine learning services for building conversational interfaces and extracting insights from unstructured text and audio. It describes Amazon Lex for creating chatbots, Amazon Comprehend for natural language processing tasks like entity extraction and sentiment analysis, and how they can be used together for applications like intelligent call centers and content analysis. Pre-trained APIs simplify adding machine learning to apps without requiring ML expertise.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
23. “We are embarking on a journey to shape the future of banking while
creating a culture of innovation, efficiency and automation. We
are introducing global platforms, machine learning and bringing
forth intelligent technology. We want to lead this change and not
be led by it.”
Michael Gorriz
Group Chief Information Officer
30. Our Cloud Foundational Principles
Gall’s Law
“A complex system that works is invariably found to have evolved from a
simple system that worked. A complex system designed from scratch never works
and cannot be patched up to make it work. You have to start over with a working
simple system.”
- John Gall -
35. Use Case 1
Compliance-as-Code for storing customer data
§ Changes tracked via AWS CloudTrail
§ AWS Config
o Data encrypted at rest using KMS
o No public access to S3 buckets
o Principle of Least Privilege enforced
§ Extensible
36. Use Case 2
Compliance-as-Code for Internet Access
§ Changes tracked via AWS CloudTrail
§ AWS Config
o Data encrypted in transit using SSL
o Inbound access enforced via our Content Delivery Network
o Running Amazon Machine Image (AMI) up-to-date
§ Extensible