Cloud Security Monitoring at Auth0 - Security BSides Seattle
•
1 like•707 views
The slides from Eugene Kogan's talk on cloud security monitoring at Auth0, presented at Security BSides Seattle, 2017. More details at our blog: https://auth0.engineering/cloud-security-monitoring-at-auth0-ff5e87ad1141
Report
Share
Report
Share
Download to read offline
Recommended
Cloud Security Monitoring at Auth0 - Art into Science
This document summarizes cloud security monitoring. It discusses who should monitor cloud security, why it is important, what tools and services can be used, how to analyze cloud logs, and emphasizes that organizations should start cloud security monitoring now. The key points are that cloud security monitoring protects organizations, allows detection of threats and issues, and popular tools include Splunk, Graylog, and the Elastic Stack for log collection and analysis across cloud services like AWS, G Suite, and GitHub.
Detecting AWS control plane abuse in an actionable way using Det{R}ails
This document summarizes a system called Det{R}ails that analyzes AWS CloudTrail logs to detect abuse of the AWS control plane. It begins with an overview of AWS threats and CloudTrail. It then describes how Det{R}ails uses the Elastic Stack along with custom enrichments to analyze CloudTrail logs. Det{R}ails generates detection dashboards and detects two example scenarios: a policy rollback that enables privilege escalation, and exploitation of a service using PACU. Future work includes improving use cases, adding more enrichments and services, and publishing the code.
GitHub Data and Insights
Originally presented at Collab Summit 2016, this talk covers the use of GHTorrent to gather and analyze public repo and community data from GitHub. We talk about using Azure Data Lake as well as how you can set up this infrastructure yourself.
Testable Android Architecture
Many testing tools exist for Android including JUnit, Mockito, Robolectric, and Espresso. But how can you design your application to leverage each one most effectively? This talk introduces a modified version of the Model View Presenter (MVP) architecture to organize your code to be more flexible, maintainable, and testable.
QuickStartToGAS
This document provides an overview of using Google Apps Script to build a chat bot application. It discusses getting data from a spreadsheet and posting it to a chat app. The appendices provide instructions on running Apps Script, using the debugger, adding libraries, getting webhook URLs, adding bot users, changing permissions, and deploying the code as a web app. Sample code is available on GitHub for retrieving user lists, getting channel history, and sending rich messages.
Zentral - what's new? - MacDevOps:YVR 2017
This document discusses Zentral, an open source tool for collecting and analyzing event data from devices. It can integrate with tools like Munki, OSQuery, and Santa to collect both internal device events and external events from systems like syslog. The collected event data can be filtered and sent to notification services or used to trigger actions. Support options for Zentral include community support on GitHub or paid support contracts.
Offline first development - Glasgow PHP - January 2016
This document discusses developing applications with an offline-first approach using PouchDB and CouchDB/Cloudant. It begins with an introduction to NoSQL databases and outlines the benefits of offline-first development. It then provides details on using PouchDB to store and sync data locally on devices with CouchDB/Cloudant in the cloud. It covers creating, reading, updating and deleting documents, querying, and replicating data between PouchDB and CouchDB/Cloudant databases. It also discusses approaches for building offline web, hybrid mobile, and native iOS/Android apps with an offline-first design.
Managing Your Infrastructure on Azure using SaltStack
Rita Zhang and Jason Poon of Microsoft presented on managing infrastructure on Azure using SaltStack. They demonstrated how to deploy Elasticsearch on Azure using Salt Cloud to provision instances from an ARM template. The demo showed running a highstate to configure the instances using top files and formulas. Resources included a case study on using SaltStack with Azure and GitHub repos for the Elasticsearch and MySQL demos. They encouraged attendees to contribute more to open source projects.
Recommended
Cloud Security Monitoring at Auth0 - Art into Science
This document summarizes cloud security monitoring. It discusses who should monitor cloud security, why it is important, what tools and services can be used, how to analyze cloud logs, and emphasizes that organizations should start cloud security monitoring now. The key points are that cloud security monitoring protects organizations, allows detection of threats and issues, and popular tools include Splunk, Graylog, and the Elastic Stack for log collection and analysis across cloud services like AWS, G Suite, and GitHub.
Detecting AWS control plane abuse in an actionable way using Det{R}ails
This document summarizes a system called Det{R}ails that analyzes AWS CloudTrail logs to detect abuse of the AWS control plane. It begins with an overview of AWS threats and CloudTrail. It then describes how Det{R}ails uses the Elastic Stack along with custom enrichments to analyze CloudTrail logs. Det{R}ails generates detection dashboards and detects two example scenarios: a policy rollback that enables privilege escalation, and exploitation of a service using PACU. Future work includes improving use cases, adding more enrichments and services, and publishing the code.
GitHub Data and Insights
Originally presented at Collab Summit 2016, this talk covers the use of GHTorrent to gather and analyze public repo and community data from GitHub. We talk about using Azure Data Lake as well as how you can set up this infrastructure yourself.
Testable Android Architecture
Many testing tools exist for Android including JUnit, Mockito, Robolectric, and Espresso. But how can you design your application to leverage each one most effectively? This talk introduces a modified version of the Model View Presenter (MVP) architecture to organize your code to be more flexible, maintainable, and testable.
QuickStartToGAS
This document provides an overview of using Google Apps Script to build a chat bot application. It discusses getting data from a spreadsheet and posting it to a chat app. The appendices provide instructions on running Apps Script, using the debugger, adding libraries, getting webhook URLs, adding bot users, changing permissions, and deploying the code as a web app. Sample code is available on GitHub for retrieving user lists, getting channel history, and sending rich messages.
Zentral - what's new? - MacDevOps:YVR 2017
This document discusses Zentral, an open source tool for collecting and analyzing event data from devices. It can integrate with tools like Munki, OSQuery, and Santa to collect both internal device events and external events from systems like syslog. The collected event data can be filtered and sent to notification services or used to trigger actions. Support options for Zentral include community support on GitHub or paid support contracts.
Offline first development - Glasgow PHP - January 2016
This document discusses developing applications with an offline-first approach using PouchDB and CouchDB/Cloudant. It begins with an introduction to NoSQL databases and outlines the benefits of offline-first development. It then provides details on using PouchDB to store and sync data locally on devices with CouchDB/Cloudant in the cloud. It covers creating, reading, updating and deleting documents, querying, and replicating data between PouchDB and CouchDB/Cloudant databases. It also discusses approaches for building offline web, hybrid mobile, and native iOS/Android apps with an offline-first design.
Managing Your Infrastructure on Azure using SaltStack
Rita Zhang and Jason Poon of Microsoft presented on managing infrastructure on Azure using SaltStack. They demonstrated how to deploy Elasticsearch on Azure using Salt Cloud to provision instances from an ARM template. The demo showed running a highstate to configure the instances using top files and formulas. Resources included a case study on using SaltStack with Azure and GitHub repos for the Elasticsearch and MySQL demos. They encouraged attendees to contribute more to open source projects.
Bioocean1 :Introduction to
Biological Oceanography
This document discusses food webs and trophic dynamics in marine ecosystems. It explains that photosynthesis by primary producers like phytoplankton converts sunlight into organic compounds, which are then consumed by herbivores. Higher trophic levels like carnivores consume herbivores or other carnivores. Decomposers like bacteria break down organic matter and release nutrients to be recycled. Energy is lost at each trophic level, so biomass decreases with increasing trophic level despite larger organism size. Food chains transfer energy between trophic levels in the grazing and detritus food chains.
Build_Buy_StreamAnalytix_WhitePaper
The document discusses the tradeoffs involved in the decision to build a real-time streaming analytics (RTSA) platform in-house versus buying a pre-built solution from a vendor. Building internally provides more customization and control but risks delays and lack of expertise, while buying from a vendor is faster to implement but risks vendor lock-in. The document proposes a third alternative of using a platform like StreamAnalytix that is based on open source technologies but also provides enterprise-level support.
DFW meetup Cognitive services - parashar - feb 22
Introduction to Cognitive Services API and Cortana Intelligence Suite along with Sentiment and Key Phrase analysis demo+workshop
You're the New CDO, Now What?
Joe Caserta was a featured speaker, along with MIT Sloan School faculty and other industry thought-leaders. His session 'You're the New CDO, Now What?' discussed how new CDOs can accomplish their strategic objectives and overcome tactical challenges in this emerging executive leadership role.
In its tenth year, the MIT CDOIQ Symposium 2016 continues to explore the developing role of the Chief Data Officer.
For more information, visit http://casertaconcepts.com/
Disruptive Data Science - How Data Science and Big Data are Transforming Busi...
The document discusses how CareCore National evolved to utilize data-driven transformations, highlighting EMC's analytics platforms, tools, and services that can assist organizations in building their data science capabilities and teams to leverage big data and drive business value through predictive analytics and data mining. It also outlines the key components needed for a successful analytics transformation, including establishing a clear vision, understanding platform dependencies, embracing unified analytics platforms, building data science skills, and delivering initial wins to socialize analytics.
Cloud Computing System models for Distributed and cloud computing & Performan...
Advantage of Clouds over Traditional
Distributed Systems,Clouds,Service-Oriented Architecture (SOA) Layered Architecture,Performance Metrics and Scalability Analysis,System Efficiency,Performance Challenges in Cloud Computing,What is cloud computing and why is it distinctive?,CLOUD SERVICE DELIVERY MODELS AND THEIR
PERFORMANCE CHALLENGES,Cloud computing security,What does Cloud Computing Security mean,Cloud Security Landscape,Distinctions between Security and Privacy,Energy Efficiency of Cloud Computing,How energy-efficient is cloud computing?
Building an ai with raspberry pi
The document discusses building artificial intelligence with a Raspberry Pi by using TensorFlow to perform deep learning tasks like convolutional neural networks (CNN), recurrent neural networks (RNN), and speech recognition. It provides an overview of TensorFlow and machine learning/deep learning concepts like supervised learning, and outlines future plans to improve the system by using a GPU processor or machine learning cloud services.
Are You Ready For Clean Code?
What, when, how, and for whom is clean code? It's just ordinary weekly devTalk material at Vox Teneo Indonesia.
Giovanni Lanzani GoDataDriven
This document discusses applied data science and machine learning. It begins by introducing the author and then discusses machine learning concepts like learning from data and choosing the best predictive model. It explains that data science is about creating value from data using machine learning, analytics, and visualization. However, many companies struggle to operationalize data science projects and end up with only prototypes instead of production systems. The document outlines three common hurdles - oversimplifying requirements, focusing only on model accuracy instead of practicality, and having insufficient data engineering skills. It advocates for taking a more holistic, business-focused approach to applied data science.
Keynote #Enterprise - L'ouverture du Cloud Microsoft, transformation open sou...
Keynote #Enterprise - L'ouverture du Cloud Microsoft, transformation open sou...Paris Open Source Summit
#OSSPARIS15 - Keynote ENTERPRISE
L'ouverture du Cloud Microsoft, transformation open source et enjeux client
Intervenant :
Mark HILL, Microsoft
Frédéric AATZ, Microsoft2017-10-03 Session aOS - Back from Ignite - MS Experiences
This document discusses Microsoft 365 and Office 365 plans for small and medium businesses. It provides details on the different plans including Microsoft 365 Business, Microsoft 365 Enterprise, and Office 365 Business Premium and Enterprise E3/E5. It also discusses how to choose the right plan based on a customer's needs and capabilities. Additional topics covered include multi-geo deployment capabilities for Office 365 and new features for Exchange Online, SharePoint Online administration, and Office 365 Groups.
5733 a deep dive into IBM Watson Foundation for CSP (WFC)
This document provides an overview of the Watson Foundations for CSPs (WFC) architecture, which uses four analytics components - discovery, detection, decision and drive - to enable use cases across various telecommunications business capabilities. It describes how WFC integrates predictive modeling using SPSS, real-time analytics using InfoSphere Streams, and other components to power analytics applications for areas such as customer experience management, fraud detection, location-based services and more.
Equipping IT to Deliver Faster, More Flexible Service Management
IT must apply new strategies and tools to the service management function, in order to address fundamental changes in how end-users consume technology and services. Here's how IT can increase service delivery speeds and user satisfaction, while delivering greater business value.
WebSphere Technical University: Top WebSphere Problem Determination Features
Problem determination is an important focus area in the IBM WebSphere Application Server. Serviceability improvements have been added that have greatly improved the ability to find root causes of problems in both the full IBM WebSphere Application Server profile, and the newer Liberty profile. The session focuses on how to effectively use serviceability improvements added to the application server since V8.0. This includes high performance extensibe logging, cross-component trace, IBM Support Assistant data collector, timed operations, memory leak detection/prevention, and IBM Support Assistant 5.
Presented at the WebSphere Technical University 2014, Dusseldorf
How Verizon Innovates Through AI-Driven DevOps with Dynatrace
With Verizon’s global customer base, managing and constantly improving customer experience for over 5 million users can be challenging. They found themselves spending too much time searching for and remediating bugs in their code, which reduced the quality of their customer experience and left little time for innovation. That’s why they initially turned to Dynatrace and AWS — to help them streamline the process of finding and remediating issues. They quickly realized, though, that they could do a lot more than simply find bugs by leveraging both AWS and Dynatrace, which led them to a complete DevOps transformation. By leveraging AI-driven feedback provided by Dynatrace along with AWS services such as AWS CloudFormation, AWS CodeDeploy, and Amazon Route 53, Verizon completely revamped the speed and quality of their deliverables. Join our upcoming webinar to learn how Verizon is using Dynatrace on AWS to optimize their delivery pipeline
IBM z Systems Sessions at IBM Edge 2015
If you're head to IBM Edge 2015 and you have an IBM Mainframe or z13, or software that runs on it like CICs, WebSphere or DB2, check out this handy guide to IBM z Systems sessions at IBM Edge.
Primend Pilvekonverents - Azure Infrastruktuur
Pilveteenuste kasutamine võimaldab minutitega käivitada projekti, millele varem kulus nädalaid. Vajate müügikampaania toetamiseks lehte, mis suudab teenindada 100 tuhat kasutajat – käivita teenus kohe! Vajate terabaitide analüüsiks kiiret platvormi – käivita teenus kohe! Azure on töökindel ja kiire!
أساسيات العمل الجماعي
بذرة ورشة تدريبية عن أساسيات العمل الجماعي .. رأيك يفيدني
فليكن هذا عملنا الجماعي الأول معا :)
Sumo Logic Cert Jam - Security Analytics
With security threats on the rise, come join our Security and Compliance experts to learn how Sumo Logic’s Threat Intelligence can help you stay on top of your environment by matching IOCs like IP address, domain names, URL, email addresses, MD5 hashes and more, to increase velocity and accuracy of threat detection. Hands on labs help cement the knowledge learned.
AWS Incident Response Cheat Sheet.pdf
With the rapid migration to the cloud,
it’s becoming increasingly difficult to keep track
of all of the different data sources, commands,
and tools available from each Cloud Service
Provider (CSP). This cheat sheet was designed
to provide security professionals with an overview
of key best practices, data sources and tools that
they can have at their disposal when responding
to an incident in an AWS environment.
More Related Content
Viewers also liked
Bioocean1 :Introduction to
Biological Oceanography
This document discusses food webs and trophic dynamics in marine ecosystems. It explains that photosynthesis by primary producers like phytoplankton converts sunlight into organic compounds, which are then consumed by herbivores. Higher trophic levels like carnivores consume herbivores or other carnivores. Decomposers like bacteria break down organic matter and release nutrients to be recycled. Energy is lost at each trophic level, so biomass decreases with increasing trophic level despite larger organism size. Food chains transfer energy between trophic levels in the grazing and detritus food chains.
Build_Buy_StreamAnalytix_WhitePaper
The document discusses the tradeoffs involved in the decision to build a real-time streaming analytics (RTSA) platform in-house versus buying a pre-built solution from a vendor. Building internally provides more customization and control but risks delays and lack of expertise, while buying from a vendor is faster to implement but risks vendor lock-in. The document proposes a third alternative of using a platform like StreamAnalytix that is based on open source technologies but also provides enterprise-level support.
DFW meetup Cognitive services - parashar - feb 22
Introduction to Cognitive Services API and Cortana Intelligence Suite along with Sentiment and Key Phrase analysis demo+workshop
You're the New CDO, Now What?
Joe Caserta was a featured speaker, along with MIT Sloan School faculty and other industry thought-leaders. His session 'You're the New CDO, Now What?' discussed how new CDOs can accomplish their strategic objectives and overcome tactical challenges in this emerging executive leadership role.
In its tenth year, the MIT CDOIQ Symposium 2016 continues to explore the developing role of the Chief Data Officer.
For more information, visit http://casertaconcepts.com/
Disruptive Data Science - How Data Science and Big Data are Transforming Busi...
The document discusses how CareCore National evolved to utilize data-driven transformations, highlighting EMC's analytics platforms, tools, and services that can assist organizations in building their data science capabilities and teams to leverage big data and drive business value through predictive analytics and data mining. It also outlines the key components needed for a successful analytics transformation, including establishing a clear vision, understanding platform dependencies, embracing unified analytics platforms, building data science skills, and delivering initial wins to socialize analytics.
Cloud Computing System models for Distributed and cloud computing & Performan...
Advantage of Clouds over Traditional
Distributed Systems,Clouds,Service-Oriented Architecture (SOA) Layered Architecture,Performance Metrics and Scalability Analysis,System Efficiency,Performance Challenges in Cloud Computing,What is cloud computing and why is it distinctive?,CLOUD SERVICE DELIVERY MODELS AND THEIR
PERFORMANCE CHALLENGES,Cloud computing security,What does Cloud Computing Security mean,Cloud Security Landscape,Distinctions between Security and Privacy,Energy Efficiency of Cloud Computing,How energy-efficient is cloud computing?
Building an ai with raspberry pi
The document discusses building artificial intelligence with a Raspberry Pi by using TensorFlow to perform deep learning tasks like convolutional neural networks (CNN), recurrent neural networks (RNN), and speech recognition. It provides an overview of TensorFlow and machine learning/deep learning concepts like supervised learning, and outlines future plans to improve the system by using a GPU processor or machine learning cloud services.
Are You Ready For Clean Code?
What, when, how, and for whom is clean code? It's just ordinary weekly devTalk material at Vox Teneo Indonesia.
Giovanni Lanzani GoDataDriven
This document discusses applied data science and machine learning. It begins by introducing the author and then discusses machine learning concepts like learning from data and choosing the best predictive model. It explains that data science is about creating value from data using machine learning, analytics, and visualization. However, many companies struggle to operationalize data science projects and end up with only prototypes instead of production systems. The document outlines three common hurdles - oversimplifying requirements, focusing only on model accuracy instead of practicality, and having insufficient data engineering skills. It advocates for taking a more holistic, business-focused approach to applied data science.
Keynote #Enterprise - L'ouverture du Cloud Microsoft, transformation open sou...
Keynote #Enterprise - L'ouverture du Cloud Microsoft, transformation open sou...Paris Open Source Summit
#OSSPARIS15 - Keynote ENTERPRISE
L'ouverture du Cloud Microsoft, transformation open source et enjeux client
Intervenant :
Mark HILL, Microsoft
Frédéric AATZ, Microsoft2017-10-03 Session aOS - Back from Ignite - MS Experiences
This document discusses Microsoft 365 and Office 365 plans for small and medium businesses. It provides details on the different plans including Microsoft 365 Business, Microsoft 365 Enterprise, and Office 365 Business Premium and Enterprise E3/E5. It also discusses how to choose the right plan based on a customer's needs and capabilities. Additional topics covered include multi-geo deployment capabilities for Office 365 and new features for Exchange Online, SharePoint Online administration, and Office 365 Groups.
5733 a deep dive into IBM Watson Foundation for CSP (WFC)
This document provides an overview of the Watson Foundations for CSPs (WFC) architecture, which uses four analytics components - discovery, detection, decision and drive - to enable use cases across various telecommunications business capabilities. It describes how WFC integrates predictive modeling using SPSS, real-time analytics using InfoSphere Streams, and other components to power analytics applications for areas such as customer experience management, fraud detection, location-based services and more.
Equipping IT to Deliver Faster, More Flexible Service Management
IT must apply new strategies and tools to the service management function, in order to address fundamental changes in how end-users consume technology and services. Here's how IT can increase service delivery speeds and user satisfaction, while delivering greater business value.
WebSphere Technical University: Top WebSphere Problem Determination Features
Problem determination is an important focus area in the IBM WebSphere Application Server. Serviceability improvements have been added that have greatly improved the ability to find root causes of problems in both the full IBM WebSphere Application Server profile, and the newer Liberty profile. The session focuses on how to effectively use serviceability improvements added to the application server since V8.0. This includes high performance extensibe logging, cross-component trace, IBM Support Assistant data collector, timed operations, memory leak detection/prevention, and IBM Support Assistant 5.
Presented at the WebSphere Technical University 2014, Dusseldorf
How Verizon Innovates Through AI-Driven DevOps with Dynatrace
With Verizon’s global customer base, managing and constantly improving customer experience for over 5 million users can be challenging. They found themselves spending too much time searching for and remediating bugs in their code, which reduced the quality of their customer experience and left little time for innovation. That’s why they initially turned to Dynatrace and AWS — to help them streamline the process of finding and remediating issues. They quickly realized, though, that they could do a lot more than simply find bugs by leveraging both AWS and Dynatrace, which led them to a complete DevOps transformation. By leveraging AI-driven feedback provided by Dynatrace along with AWS services such as AWS CloudFormation, AWS CodeDeploy, and Amazon Route 53, Verizon completely revamped the speed and quality of their deliverables. Join our upcoming webinar to learn how Verizon is using Dynatrace on AWS to optimize their delivery pipeline
IBM z Systems Sessions at IBM Edge 2015
If you're head to IBM Edge 2015 and you have an IBM Mainframe or z13, or software that runs on it like CICs, WebSphere or DB2, check out this handy guide to IBM z Systems sessions at IBM Edge.
Primend Pilvekonverents - Azure Infrastruktuur
Pilveteenuste kasutamine võimaldab minutitega käivitada projekti, millele varem kulus nädalaid. Vajate müügikampaania toetamiseks lehte, mis suudab teenindada 100 tuhat kasutajat – käivita teenus kohe! Vajate terabaitide analüüsiks kiiret platvormi – käivita teenus kohe! Azure on töökindel ja kiire!
أساسيات العمل الجماعي
بذرة ورشة تدريبية عن أساسيات العمل الجماعي .. رأيك يفيدني
فليكن هذا عملنا الجماعي الأول معا :)
Viewers also liked (20)
Bioocean1 :Introduction to
Biological Oceanography
Bioocean1 :Introduction to
Biological Oceanography
Disruptive Data Science - How Data Science and Big Data are Transforming Busi...
Disruptive Data Science - How Data Science and Big Data are Transforming Busi...
Cloud Computing System models for Distributed and cloud computing & Performan...
Cloud Computing System models for Distributed and cloud computing & Performan...
Keynote #Enterprise - L'ouverture du Cloud Microsoft, transformation open sou...
Keynote #Enterprise - L'ouverture du Cloud Microsoft, transformation open sou...
2017-10-03 Session aOS - Back from Ignite - MS Experiences
2017-10-03 Session aOS - Back from Ignite - MS Experiences
5733 a deep dive into IBM Watson Foundation for CSP (WFC)
5733 a deep dive into IBM Watson Foundation for CSP (WFC)
Equipping IT to Deliver Faster, More Flexible Service Management
Equipping IT to Deliver Faster, More Flexible Service Management
WebSphere Technical University: Top WebSphere Problem Determination Features
WebSphere Technical University: Top WebSphere Problem Determination Features
How Verizon Innovates Through AI-Driven DevOps with Dynatrace
How Verizon Innovates Through AI-Driven DevOps with Dynatrace
Similar to Cloud Security Monitoring at Auth0 - Security BSides Seattle
Sumo Logic Cert Jam - Security Analytics
With security threats on the rise, come join our Security and Compliance experts to learn how Sumo Logic’s Threat Intelligence can help you stay on top of your environment by matching IOCs like IP address, domain names, URL, email addresses, MD5 hashes and more, to increase velocity and accuracy of threat detection. Hands on labs help cement the knowledge learned.
AWS Incident Response Cheat Sheet.pdf
With the rapid migration to the cloud,
it’s becoming increasingly difficult to keep track
of all of the different data sources, commands,
and tools available from each Cloud Service
Provider (CSP). This cheat sheet was designed
to provide security professionals with an overview
of key best practices, data sources and tools that
they can have at their disposal when responding
to an incident in an AWS environment.
SEC303 Automating Security in Cloud Workloads with DevSecOps
This session is designed to teach security engineers, developers, solutions architects, and other technical security practitioners how to use a DevSecOps approach to design and build robust security controls at cloud-scale. This session walks through the design considerations of operating high-assurance workloads on top of the AWS platform and provides examples of how to automate configuration management and generate audit evidence for your own workloads. We’ll discuss practical examples using real code for automating security tasks, then dive deeper to map the configurations against various industry frameworks. This advanced session showcases how continuous integration and deployment pipelines can accelerate the speed of security teams and improve collaboration with software development teams.
SEC303 Automating Security in cloud Workloads with DevSecOps
This session is designed to teach security engineers, developers, solutions architects, and other technical security practitioners how to use a DevSecOps approach to design and build robust security controls at cloud-scale. This session walks through the design considerations of operating high-assurance workloads on top of the AWS platform and provides examples of how to automate configuration management and generate audit evidence for your own workloads. We’ll discuss practical examples using real code for automating security tasks, then dive deeper to map the configurations against various industry frameworks. This advanced session showcases how continuous integration and deployment pipelines can accelerate the speed of security teams and improve collaboration with software development teams.
Remediate and secure your organization with azure sentinel
Remediate and secure your organization with azure sentinel, a slide deck prepared for the presentation https://www.youtube.com/watch?v=bQEqxwekl6M
Zentral macaduk conf 2016
This document summarizes the work of Henry Stamerjohann at Apfelwerk GmbH on osquery and Santa configuration management and event monitoring tools. It describes distributing osquery configurations, storing events in Elasticsearch, and integrating with tools like Kibana, Prometheus, JAMF, and Munki inventory. It provides overviews of the open source osquery and Santa tools, how Zentral can be used for centralized configuration and event processing, and how technologies like Docker are used.
Splunk and node
Slides from my SF Node.js meetup talk on Splunk and its usage of node. Video here: http://strongloop.com/node-js/videos/#How-Splunk-uses-Node.js
OpenStack Security Project
Learn about the OpenStack Security Project, the projects we're working on, and how you can get involved.
Secure your Web Application With The New Python Audit Hooks
The audit hooks were added to Python 3.8 with the PEP 578. This security mechanism gives you more visibility and control over what your application does at runtime. After a short introduction of the new feature, we will explore ideas on how web developers, library maintainers and security engineers can leverage it to detect and block security vulnerabilities, illustrated with concrete examples.
What the Struts?
This document discusses the Apache Struts vulnerability CVE-2017-5638 that was exploited in the Equifax data breach of 2017. It provides details on how the vulnerability worked, the timeline of events, and recommendations for preventing similar incidents. These include automating dependency updates, generating dependency reports, using dependency locks, monitoring vulnerability advisories, adding intrusion detection to applications, and implementing security best practices like logging, layered security, and monitoring access patterns. The key message is that organizations must stay vigilant about known vulnerabilities in dependencies and react quickly to patch them.
A New Perspective on Resource-Level Cloud Forensics
AWS classifies cloud incidents across three domains: Service, Infrastructure and Application. There has been much previous discussion across the Service and Application domains, see for example the excellent SANS DFIR 2022 Keynote. This talk will focus on the unique challenges and opportunities of responding to incidents in the Infrastructure domain. Cloud Service Providers, such as AWS, GCP and Azure, often introduce artifacts of forensic value when developing features for automation and monitoring of resources. Typically, these artifacts are undocumented and exist purely for the provider's own troubleshooting, but they also provide valuable insight to an investigator analyzing malicious activity on a system. Frequently, this insight surpasses that of “provider-supported” forensic data sources. Most of the discourse around performing forensics in the cloud focuses on provider-level logging. While this is undoubtedly useful, practitioners understand that resource-level forensic analysis is crucial when responding to incidents affecting cloud infrastructure. And much of this knowledge remains opaque and undocumented. In this presentation, Chris Doman, CTO of Cado Security will present novel research of undocumented forensic artifacts from cloud service provider specific operating systems and tools. He will provide the audience with an overview of forensic techniques across cloud compute and serverless environments. He will also discuss native operating system artifacts, contrast them with their cloud equivalents and consider their usefulness in the context of the cloud. Attendees can expect to gain a unique perspective on resource-level cloud forensics and should leave the talk with a host of new data sources and knowledge for performing forensic analysis of cloud resources.
How to Use OWASP Security Logging
OWASP Security Logging API easily extends your current log4j and logback logging with impressive features helpful for security, diagnostics/forensics, and compliance. Slide deck presentation from OWASP AppSecEU 2016 in Rome.
2012-10-16 Mil-OSS Working Group: Introduction to SCAP Security Guide
This document summarizes the SCAP Security Guide (SSG) Project, which delivers security guidance, baselines, and validation mechanisms for Red Hat Enterprise Linux 6 (RHEL6) and JBoss Enterprise Application Platform 5 using the Security Content Automation Protocol (SCAP). It provides concise instructions on downloading the SSG code, reviewing the various output formats including prose guides, XCCDF rule files, OVAL check files, and profiles. It also demonstrates how to run a SCAP scan against a system to evaluate compliance with a profile like the RHEL6 STIG.
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
Это будет 6 живых демо взлома. Идея не обсудить сухую теория, а увидеть на практике, как не всегда очевидные ошибки являются источником серьезных уязвимостей в твоем JavScript приложении.
Incident Response in the Cloud | AWS Public Sector Summit 2017
We will walk you through a hypothetical incident response managed on AWS. Learn how to apply existing best practices as well as how to leverage the unique security visibility, control, and automation that AWS provides. We will cover how to setup your AWS environment to prevent a security event and how to build a cloud-specific incident response plan so that your organization is prepared before a security event occurs. This session also covers specific environment recovery steps available on AWS. Learn More: https://aws.amazon.com/government-education/
Native cloud security monitoring
Presented at the AWS Community Day in the Bay Area on September 13, 2019 at the Computer History Museum.
Integrating_Cloud_Development_Security_And_Operations.pdf
Managing infrastructure as code has become an important process in scaling software organizations. This brings many software development processes and ideas to operations, including version control, automated testing, configuration management and reliable duplication. Programmable infrastructure becomes invaluable as application services grows, in quantity and granularity, in a growing company.
Automating the provisioning, configuration and deployment of complex applications requires some design choices on top of AWS services. This presentation discusses how to implement modularity, reliability and security into continuous delivery pipelines ("DevSecOps"). Learn how to automate application delivery using AWS CloudFormation and other tools from Amazon Web Services.
Using ML with Amazon SageMaker & GuardDuty to identify anomalous traffic - SE...
This workshop provides a hands-on opportunity for you to learn to use machine learning (ML) via Amazon SageMaker in your security pipeline. You are guided through the process of feeding data from AWS CloudTrail and Amazon GuardDuty into Amazon SageMaker in order to augment GuardDuty findings. You’ll receive an introduction to Amazon SageMaker and leverage the IP Insights algorithm to train a model based on IP addresses in the CloudTrail logs. This model is used to score IP addresses from GuardDuty findings to gain additional threat information about alerts, enabling security operators to better prioritize alerts for further action.
Microservices observability
Distributed systems, Observability and Distributed systems tracing infrastructure with Jaegertracing. Slides from 2019.
6 ways to hack your JavaScript application by Viktor Turskyi
This will be 6 live hacking demos. We will not do theory, but will see in practice how small and not always obvious errors lead to significant vulnerabilities in your JavaScript application.
Similar to Cloud Security Monitoring at Auth0 - Security BSides Seattle (20)
SEC303 Automating Security in Cloud Workloads with DevSecOps
SEC303 Automating Security in Cloud Workloads with DevSecOps
SEC303 Automating Security in cloud Workloads with DevSecOps
SEC303 Automating Security in cloud Workloads with DevSecOps
Remediate and secure your organization with azure sentinel
Remediate and secure your organization with azure sentinel
Secure your Web Application With The New Python Audit Hooks
Secure your Web Application With The New Python Audit Hooks
A New Perspective on Resource-Level Cloud Forensics
A New Perspective on Resource-Level Cloud Forensics
2012-10-16 Mil-OSS Working Group: Introduction to SCAP Security Guide
2012-10-16 Mil-OSS Working Group: Introduction to SCAP Security Guide
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
JS Fest 2019. Виктор Турский. 6 способов взломать твое JavaScript приложение
Incident Response in the Cloud | AWS Public Sector Summit 2017
Incident Response in the Cloud | AWS Public Sector Summit 2017
Integrating_Cloud_Development_Security_And_Operations.pdf
Integrating_Cloud_Development_Security_And_Operations.pdf
Using ML with Amazon SageMaker & GuardDuty to identify anomalous traffic - SE...
Using ML with Amazon SageMaker & GuardDuty to identify anomalous traffic - SE...
6 ways to hack your JavaScript application by Viktor Turskyi
6 ways to hack your JavaScript application by Viktor Turskyi
Recently uploaded
Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)
Consistent toolbox talks are critical for maintaining workplace safety, as they provide regular opportunities to address specific hazards and reinforce safe practices.
These brief, focused sessions ensure that safety is a continual conversation rather than a one-time event, which helps keep safety protocols fresh in employees' minds. Studies have shown that shorter, more frequent training sessions are more effective for retention and behavior change compared to longer, infrequent sessions.
Engaging workers regularly, toolbox talks promote a culture of safety, empower employees to voice concerns, and ultimately reduce the likelihood of accidents and injuries on site.
The traditional method of conducting safety talks with paper documents and lengthy meetings is not only time-consuming but also less effective. Manual tracking of attendance and compliance is prone to errors and inconsistencies, leading to gaps in safety communication and potential non-compliance with OSHA regulations. Switching to a digital solution like Safelyio offers significant advantages.
Safelyio automates the delivery and documentation of safety talks, ensuring consistency and accessibility. The microlearning approach breaks down complex safety protocols into manageable, bite-sized pieces, making it easier for employees to absorb and retain information.
This method minimizes disruptions to work schedules, eliminates the hassle of paperwork, and ensures that all safety communications are tracked and recorded accurately. Ultimately, using a digital platform like Safelyio enhances engagement, compliance, and overall safety performance on site. https://safelyio.com/
UI5con 2024 - Bring Your Own Design System
How do you combine the OpenUI5/SAPUI5 programming model with a design system that makes its controls available as Web Components? Since OpenUI5/SAPUI5 1.120, the framework supports the integration of any Web Components. This makes it possible, for example, to natively embed own Web Components of your design system which are created with Stencil. The integration embeds the Web Components in a way that they can be used naturally in XMLViews, like with standard UI5 controls, and can be bound with data binding. Learn how you can also make use of the Web Components base class in OpenUI5/SAPUI5 to also integrate your Web Components and get inspired by the solution to generate a custom UI5 library providing the Web Components control wrappers for the native ones.
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
Learn about the latest innovations in and around OpenUI5/SAPUI5: UI5 Tooling, UI5 linter, UI5 Web Components, Web Components Integration, UI5 2.x, UI5 GenAI.
Recording:
https://www.youtube.com/live/MSdGLG2zLy8?si=INxBHTqkwHhxV5Ta&t=0
一比一原版(UMN毕业证)明尼苏达大学毕业证如何办理
UMN硕士毕业证成绩单【微信95270640】购买(明尼苏达大学毕业证成绩单硕士学历)Q微信95270640代办UMN学历认证留信网伪造明尼苏达大学学位证书精仿明尼苏达大学本科/硕士文凭证书补办明尼苏达大学 diplomaoffer,Transcript购买明尼苏达大学毕业证成绩单购买UMN假毕业证学位证书购买伪造明尼苏达大学文凭证书学位证书,专业办理雅思、托福成绩单,学生ID卡,在读证明,海外各大学offer录取通知书,毕业证书,成绩单,文凭等材料:1:1完美还原毕业证、offer录取通知书、学生卡等各种在读或毕业材料的防伪工艺(包括 烫金、烫银、钢印、底纹、凹凸版、水印、防伪光标、热敏防伪、文字图案浮雕,激光镭射,紫外荧光,温感光标)学校原版上有的工艺我们一样不会少,不论是老版本还是最新版本,都能保证最高程度还原,力争完美以求让所有同学都能享受到完美的品质服务。
#毕业证成绩单 #毕业証 #成绩单 #學生卡 #OFFER录取通知书 #雅思#托福等……
国外大学明尼苏达大学明尼苏达大学毕业证offer制作方法(一对一专业服务)
1客户提供办理信息:姓名生日专业学位毕业时间等(如信息不确定可以咨询顾问:我们有专业老师帮你查询);
2开始安排制作毕业证成绩单电子图;
3毕业证成绩单电子版做好以后发送给您确认;
4毕业证成绩单电子版您确认信息无误之后安排制作成品;
5成品做好拍照或者视频给您确认;
6快递给客户(国内顺丰国外DHLUPS等快读邮寄)
— — 制作工艺 【高仿真】— —
凭借多年的制作经验本公司制作明尼苏达大学明尼苏达大学毕业证offer《激光》《水印》《钢印》《烫金》《紫外线》凹凸版uv版等防伪技术一流高精仿度几乎跟学校100%相同!让您绝对满意。
— — -公司理念 【诚信为主】— — —
我們以質量求生存.以服务求发展有雄厚的实力专业的团队咨询顾问为您细心解答可详谈是真是假眼见为实让您真正放心平凡人生,尽我所能助您一臂之力让我們携手圆您梦想!
此贴长年有效【贴心专线/微-信: 95270640】敬请保留此联系方式以备用!如有不在线请给我们留言!我们将在第一时间给您回复!上散发着一抹抹的光晕而这每处自然形成的细节融合在一起浑然天成的美实在令人心生愉悦小道的周边无秩序的生长着几株艳丽的野花红的粉的紫的虽混乱无章却给这幅美景更增添一份性感夹杂着一份纯洁的妖娆毫无违和感实在给人带来一份悠然幸福的心情如果说现在的审美已经断然拒绝了无声的话那么在树林间飞掠而过的小鸟叽叽咋咋的叫声是否就是这最后的点睛之笔悠然走在林间的小路上宁静与清香一丝丝的盛夏气息吸入身体昔日生活里的繁忙多
Microservice Teams - How the cloud changes the way we work
A lot of technical challenges and complexity come with building a cloud-native and distributed architecture. The way we develop backend software has fundamentally changed in the last ten years. Managing a microservices architecture demands a lot of us to ensure observability and operational resiliency. But did you also change the way you run your development teams?
Sven will talk about Atlassian’s journey from a monolith to a multi-tenanted architecture and how it affected the way the engineering teams work. You will learn how we shifted to service ownership, moved to more autonomous teams (and its challenges), and established platform and enablement teams.
Kubernetes at Scale: Going Multi-Cluster with Istio
Divine Odazie and Jubril Oyetunji share tips on Going Multi-Cluster with Istio Service Mesh at DevOpsDays Houston.
Preparing Non - Technical Founders for Engaging a Tech Agency
Preparing non-technical founders before engaging a tech agency is crucial for the success of their projects. It starts with clearly defining their vision and goals, conducting thorough market research, and gaining a basic understanding of relevant technologies. Setting realistic expectations and preparing a detailed project brief are essential steps. Founders should select a tech agency with a proven track record and establish clear communication channels. Additionally, addressing legal and contractual considerations and planning for post-launch support are vital to ensure a smooth and successful collaboration. This preparation empowers non-technical founders to effectively communicate their needs and work seamlessly with their chosen tech agency.Visit our site to get more details about this. Contact us today www.ishtechnologies.com.au
Malibou Pitch Deck For Its €3M Seed Round
French start-up Malibou raised a €3 million Seed Round to develop its payroll and human resources
management platform for VSEs and SMEs. The financing round was led by investors Breega, Y Combinator, and FCVC.
GreenCode-A-VSCode-Plugin--Dario-Jurisic
Presentation about a VSCode plugin from Dario Jurisic at the GSD Community Stage meetup
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
IBM watsonx Code Assistant for Z, our latest Generative AI-assisted mainframe application modernization solution. Mainframe (IBM Z) application modernization is a topic that every mainframe client is addressing to various degrees today, driven largely from digital transformation. With generative AI comes the opportunity to reimagine the mainframe application modernization experience. Infusing generative AI will enable speed and trust, help de-risk, and lower total costs associated with heavy-lifting application modernization initiatives. This document provides an overview of the IBM watsonx Code Assistant for Z which uses the power of generative AI to make it easier for developers to selectively modernize COBOL business services while maintaining mainframe qualities of service.
如何办理(hull学位证书)英国赫尔大学毕业证硕士文凭原版一模一样
原版定制【微信:bwp0011】《(hull学位证书)英国赫尔大学毕业证硕士文凭》【微信:bwp0011】成绩单 、雅思、外壳、留信学历认证永久存档查询,采用学校原版纸张、特殊工艺完全按照原版一比一制作(包括:隐形水印,阴影底纹,钢印LOGO烫金烫银,LOGO烫金烫银复合重叠,文字图案浮雕,激光镭射,紫外荧光,温感,复印防伪)行业标杆!精益求精,诚心合作,真诚制作!多年品质 ,按需精细制作,24小时接单,全套进口原装设备,十五年致力于帮助留学生解决难题,业务范围有加拿大、英国、澳洲、韩国、美国、新加坡,新西兰等学历材料,包您满意。
【业务选择办理准则】
一、工作未确定,回国需先给父母、亲戚朋友看下文凭的情况,办理一份就读学校的毕业证【微信bwp0011】文凭即可
二、回国进私企、外企、自己做生意的情况,这些单位是不查询毕业证真伪的,而且国内没有渠道去查询国外文凭的真假,也不需要提供真实教育部认证。鉴于此,办理一份毕业证【微信bwp0011】即可
三、进国企,银行,事业单位,考公务员等等,这些单位是必需要提供真实教育部认证的,办理教育部认证所需资料众多且烦琐,所有材料您都必须提供原件,我们凭借丰富的经验,快捷的绿色通道帮您快速整合材料,让您少走弯路。
留信网认证的作用:
1:该专业认证可证明留学生真实身份
2:同时对留学生所学专业登记给予评定
3:国家专业人才认证中心颁发入库证书
4:这个认证书并且可以归档倒地方
5:凡事获得留信网入网的信息将会逐步更新到个人身份内,将在公安局网内查询个人身份证信息后,同步读取人才网入库信息
6:个人职称评审加20分
7:个人信誉贷款加10分
8:在国家人才网主办的国家网络招聘大会中纳入资料,供国家高端企业选择人才
【关于价格问题(保证一手价格)】
我们所定的价格是非常合理的,而且我们现在做得单子大多数都是代理和回头客户介绍的所以一般现在有新的单子 我给客户的都是第一手的代理价格,因为我想坦诚对待大家 不想跟大家在价格方面浪费时间
对于老客户或者被老客户介绍过来的朋友,我们都会适当给一些优惠。
14 th Edition of International conference on computer vision
About the event
14th Edition of International conference on computer vision
Computer conferences organized by ScienceFather group. ScienceFather takes the privilege to invite speakers participants students delegates and exhibitors from across the globe to its International Conference on computer conferences to be held in the Various Beautiful cites of the world. computer conferences are a discussion of common Inventions-related issues and additionally trade information share proof thoughts and insight into advanced developments in the science inventions service system. New technology may create many materials and devices with a vast range of applications such as in Science medicine electronics biomaterials energy production and consumer products.
Nomination are Open!! Don't Miss it
Visit: computer.scifat.com
Award Nomination: https://x-i.me/ishnom
Conference Submission: https://x-i.me/anicon
For Enquiry: Computer@scifat.com
Energy consumption of Database Management - Florina Jonuzi
Presentation from Florina Jonuzi at the GSD Community Stage Meetup on June 06, 2024
All you need to know about Spring Boot and GraalVM
All you need to know about Spring Boot and GraalVM 🐰
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Salesforce Healthcare CRM, implemented by VALiNTRY360, revolutionizes patient management by enhancing patient engagement, streamlining administrative processes, and improving care coordination. Its advanced analytics, robust security, and seamless integration with telehealth services ensure that healthcare providers can deliver personalized, efficient, and secure patient care. By automating routine tasks and providing actionable insights, Salesforce Healthcare CRM enables healthcare providers to focus on delivering high-quality care, leading to better patient outcomes and higher satisfaction. VALiNTRY360's expertise ensures a tailored solution that meets the unique needs of any healthcare practice, from small clinics to large hospital systems.
For more info visit us https://valintry360.com/solutions/health-life-sciences
Project Management: The Role of Project Dashboards.pdf
Project management is a crucial aspect of any organization, ensuring that projects are completed efficiently and effectively. One of the key tools used in project management is the project dashboard, which provides a comprehensive view of project progress and performance. In this article, we will explore the role of project dashboards in project management, highlighting their key features and benefits.
ppt on the brain chip neuralink.pptx
A neural network is a machine learning program, or model, that makes decisions in a manner similar to the human brain, by using processes that mimic the way biological neurons work together to identify phenomena, weigh options and arrive at conclusions.
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
In today's fiercely competitive mobile app market, the role of the QA team is pivotal for continuous improvement and sustained success. Effective testing strategies are essential to navigate the challenges confidently and precisely. Ensuring the perfection of mobile apps before they reach end-users requires thoughtful decisions in the testing plan.
Recently uploaded (20)
Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)
Safelyio Toolbox Talk Softwate & App (How To Digitize Safety Meetings)
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
UI5con 2024 - Keynote: Latest News about UI5 and it’s Ecosystem
Microservice Teams - How the cloud changes the way we work
Microservice Teams - How the cloud changes the way we work
Kubernetes at Scale: Going Multi-Cluster with Istio
Kubernetes at Scale: Going Multi-Cluster with Istio
Preparing Non - Technical Founders for Engaging a Tech Agency
Preparing Non - Technical Founders for Engaging a Tech Agency
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Baha Majid WCA4Z IBM Z Customer Council Boston June 2024.pdf
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
Migration From CH 1.0 to CH 2.0 and Mule 4.6 & Java 17 Upgrade.pptx
14 th Edition of International conference on computer vision
14 th Edition of International conference on computer vision
Energy consumption of Database Management - Florina Jonuzi
Energy consumption of Database Management - Florina Jonuzi
All you need to know about Spring Boot and GraalVM
All you need to know about Spring Boot and GraalVM
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Top Benefits of Using Salesforce Healthcare CRM for Patient Management.pdf
Project Management: The Role of Project Dashboards.pdf
Project Management: The Role of Project Dashboards.pdf
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
A Comprehensive Guide on Implementing Real-World Mobile Testing Strategies fo...
Cloud Security Monitoring at Auth0 - Security BSides Seattle
- 1. Cloud Security Monitoring Security BSides Seattle Eugene Kogan - @eugk - February 4, 2017 (for startups, mostly)
- 2. 1. Who 2. Why 3. What 4. How 5. When
- 3. 1. Who
- 7. 2. Why
- 12. 3. What
- 14. –President Ronald Reagan Trust, but verify.
- 15. Awareness Visualization Misuse detection Change detection Incident detection Incident response
- 16. Splunk Graylog Elastic Stack Loggly Logentries Fluentd Sumo Logic AWS G Suite Dropbox GitHub GitLab Slack Zendesk Salesforce Jenkins Syslog Webhooks
- 17. 4. How
- 22. _sourceCategory=cloudtrail_aws_logs* | json auto | where event_name matches "*Trail" or event_name matches "StartLogging" or event_name matches "StopLogging" | lookup awsaccountname from /shared/ awsaccounts on recipient_account_id = awsaccountid | count as count by event_name, recipient_account_id, awsaccountname, user_name, principle_id, accesskey_id
- 32. 5. When
- 33. You should be doing cloud security monitoring today.
- 34. Action items Know which cloud services your organization uses Have a modern platform for collection, analysis, alerting Collect the right data from cloud and internal systems Use this data wisely Ensure your staff has the right skills to do all of the above