The document discusses Security by Design (SbD), an approach to formalize AWS account design, automate security controls, and streamline auditing to manage compliance in the cloud. SbD aims to build security into every layer from the start instead of relying on retroactive auditing. The presentation outlines how SbD can be used to modernize technology governance through automating deployments, security operations, and continuous compliance monitoring.
Come learn about new and existing Amazon S3 features that can help you better protect your data, save on cost, and improve usability, security, and performance. We will cover a wide variety of Amazon S3 features and go into depth on several newer features with configuration and code snippets, so you can apply the learnings on your object storage workloads.
Creating Your Virtual Data Center: Amazon VPC Fundamentals and Connectivity O...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.). This will include operational reporting through the use of AWS services (e.g. Config/Config Rules, CloudTrail, Inspector, etc.) as well as partner integration capabilities with partner solutions such as Splunk and Allgress for real-time governance, risk, and compliance reporting. Key takeaways from this session include: learning AWS Security best practices and automation capabilities for securing your environment, Automation accelerators for configuration, compliance, and audit reporting using CloudFormation, Config/Config Rules, CloudTrail, Inspector, etc., and ISV integration for real-time notification and reporting for security, compliance, and auditing in the cloud.
Security Architecture recommendations for your new AWS operation - Pop-up Lof...Amazon Web Services
An organisation’s security controls are defined in part as a result of a need to comply with external industry regulatory requirements, and in part as a result of the organisation’s own risk appetite and culture. In this session we discuss our recommendations for producing a highly-secure AWS baseline environment, comprising multiple AWS accounts to enforce separation of duty, and each configured with a set of base controls for implementing access control, log capture and aggregation, and attack mitigation. We then map common sets of security controls to this architecture, and show how such an architecture can meet the requirements of various external standards.
(SEC203) Journey to Securing Time Inc's Move to the CloudAmazon Web Services
"Learn how Time Inc. met security requirements as they transitioned from their data centers to the AWS cloud. Colin Bodell, CTO from Time Inc. will start off this session by presenting Time’s objective to move away from on-premise and co-location data centers to AWS and the cost savings that has been realized with this transition. Chris Nicodemo from Time Inc. and Derek Uzzle from Alert Logic will then share lessons learned in the journey to secure dozens of high volume media websites during the migration, and how it has enhanced overall security flexibility and scalability. They will also provide a deep dive on the solutions Time has leveraged for their enterprise security best practices, and show you how they were able to execute their security strategy.
Who should attend: InfoSec and IT management.
Session sponsored by Alert Logic."
Come learn about new and existing Amazon S3 features that can help you better protect your data, save on cost, and improve usability, security, and performance. We will cover a wide variety of Amazon S3 features and go into depth on several newer features with configuration and code snippets, so you can apply the learnings on your object storage workloads.
Creating Your Virtual Data Center: Amazon VPC Fundamentals and Connectivity O...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.). This will include operational reporting through the use of AWS services (e.g. Config/Config Rules, CloudTrail, Inspector, etc.) as well as partner integration capabilities with partner solutions such as Splunk and Allgress for real-time governance, risk, and compliance reporting. Key takeaways from this session include: learning AWS Security best practices and automation capabilities for securing your environment, Automation accelerators for configuration, compliance, and audit reporting using CloudFormation, Config/Config Rules, CloudTrail, Inspector, etc., and ISV integration for real-time notification and reporting for security, compliance, and auditing in the cloud.
Security Architecture recommendations for your new AWS operation - Pop-up Lof...Amazon Web Services
An organisation’s security controls are defined in part as a result of a need to comply with external industry regulatory requirements, and in part as a result of the organisation’s own risk appetite and culture. In this session we discuss our recommendations for producing a highly-secure AWS baseline environment, comprising multiple AWS accounts to enforce separation of duty, and each configured with a set of base controls for implementing access control, log capture and aggregation, and attack mitigation. We then map common sets of security controls to this architecture, and show how such an architecture can meet the requirements of various external standards.
(SEC203) Journey to Securing Time Inc's Move to the CloudAmazon Web Services
"Learn how Time Inc. met security requirements as they transitioned from their data centers to the AWS cloud. Colin Bodell, CTO from Time Inc. will start off this session by presenting Time’s objective to move away from on-premise and co-location data centers to AWS and the cost savings that has been realized with this transition. Chris Nicodemo from Time Inc. and Derek Uzzle from Alert Logic will then share lessons learned in the journey to secure dozens of high volume media websites during the migration, and how it has enhanced overall security flexibility and scalability. They will also provide a deep dive on the solutions Time has leveraged for their enterprise security best practices, and show you how they were able to execute their security strategy.
Who should attend: InfoSec and IT management.
Session sponsored by Alert Logic."
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
"You’ve made the move to AWS and are now reaping the benefits of decreased costs and increased business agility. How can you reap those same benefits for your cloud security and compliance operations? As building cloud-native applications requires different skill sets, architectures, integrations, and processes, implementing effective, scalable, and robust security for the cloud requires rethinking everything from your security tools to your team culture.
Attend this session to learn how to start down the path toward security and compliance automation and hear how DevSecOps leaders such as Intuit and Capital One are using AWS, DevOps, and automation to transform their security operations.
Session sponsored by evident.io"
Amazon Web Services offers a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. Amazon Web Services provides security-specific tools and features across network security, configuration management, access control and data security. In addition, Amazon Web Services provides monitoring and logging tools to provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that Amazon Web Services offers, and the latest security innovations coming from Amazon Web Services.
Andrew Watts-Curnow, Cloud Architect - Professional Services, ASEAN
Want to learn more about Compliance in the Cloud? Attend the AWS Compliance Summit, where key verticals such as Financial Services, Government and Public Sector, and Healthcare and Life Sciences will be discussed, along with customer use cases and prescriptive guidance from AWS subject matter experts.
Innovating IAM Protection for AWS with Dome9 - Session Sponsored by Dome9Amazon Web Services
Innovating IAM Protection for AWS. Protecting your IAM users and roles is a priority for security professionals and DevOps teams alike. The challenge becomes more complex when adding multiple AWS accounts, many users, and a growing list of local and cross account roles. By utilizing an innovative IAM protection solution, you can successfully defend your AWS cloud from new threats.
In this 30 min session you will learn:
How to identify and map out potential IAM risk factors and attack vectors.
How to prevent potentially dangerous activities over your AWS accounts directly from your mobile device.
How to defend your AWS investment from compromised credentials and malicious insiders that can impact your business.
Speaker: Patrick Pushor, Chief Technical Evangelist at Dome9
This session is for IT pros working with compliance managers to deliver solutions that lower costs and still meet compliance demands. You will learn how to move large scale data stores to the cloud, while remaining compliant with existing regulations. Services mentioned: S3, Glacier and the Vault Lock feature, Snowball, ingestion services.
Extending Datacenters to the Cloud: Connectivity Options and Considerations f...Amazon Web Services
Many organizations on their journey into the cloud require consistent and highly secure connectivity between their existing data center and AWS footprints. In this session, we walk through the different architecture options for establishing this connectivity using AWS Direct Connect and VPN. With each option, we evaluate the considerations and discuss risk, performance, encryption, and cost. As we walk through these options, we try to answer some of the most common questions that typically arise from organizations that tackle design and implementation. You'll learn how to make connectivity decisions that are suitable for your workloads, and how to best prepare against business impact in the event of failure.
Rackspace provides a comprehensive set of tooling and expertise on AWS that further unlocks your ability to secure your environment efficiently and cost effectively. The dynamic environment of data, applications, and infrastructure can pose challenges for businesses trying to manage security while following compliance regulations. To mitigate these challenges, businesses need a scalable security solution to ensure their data is safe, secure, and stable. In this webinar, Brad Schulteis, Jarret Raim and Todd Gleason will discuss the topic of security control requirements on AWS through the lens of three common compliance scenarios: HIPAA, PCI-DSS, and generalized security compliance based on the NIST Risk Management Framework. Watch our webinar to learn how Rackspace combines AWS and security expertise with tools like AWS CloudFormation, AWS CodeCommit and AWS CodeDeploy to help customers meet their security and compliance needs.
Join us to learn:
• Best practices for securely operating workloads on the AWS Cloud
• Architecting a secure environment for dynamic workloads
• How to incorporate Security by Design principles to address compliance needs across 3 use cases: HIPAA, PCI-DSS and generalized security compliance based on the NIST Risk Management Framework
Who should attend: Directors and Managers of Security, IT Administers, IT Architects, and IT Security Engineers
Organizations need to apply security analytics to obtain seamless visibility and monitoring across both their on-premises and cloud environments. These challenges can be solved with comprehensive detection rules and behavioral analytics to ensure you detect potential threats.
Join FireEye and AWS to learn how Threat Analytics Platform (TAP) helped unify a major U.S. financial company’s on-premises and cloud-based Security Operations Centers (SOCs) by providing a single, cloud-based solution for monitoring their hybrid IT environment. FireEye’s TAP provides seamless visibility, detection and investigation across your on-premises and AWS Cloud environments ensuring actionable insight into threats targeting your company.
Join us to learn:
• How TAP ingests and analyzes AWS CloudTrail log files, providing visibility into both your AWS environment and the applications running on it
• TAP's best practices workflow to guide and inform your threat investigation
• How a major U.S. financial company unified their on-premises and cloud-based SOCs in to a single, cloud-based security operation
Who should attend: Directors and Managers of Security, IT Administrators, IT Architects, and IT Security Engineers
AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)Amazon Web Services
With the rapid adoption of IoT services on AWS, how do partners and organizations effectively build, test, scale, and secure these highly transaction-data laden systems? This session is a deep dive on the API, SDK, device gateway, rules engine, and device shadows. Consulting and Technology Partner customers share their experiences as we highlight lessons learned and best practices to increase audience efficacy.
AWS re:Invent 2016: Advanced Techniques for Managing Sensitive Data in the Cl...Amazon Web Services
In this session, we discuss compliance programs at AWS, as well as key AWS security best practices for technology and consulting partners. Regardless of whether you have customers with stringent compliance requirements, security should be a top priority when thinking about your customer service model. AWS provides native security tools at all layers with such services AWS Identity and Access Management (IAM) and AWS Key Management Service (AWS KMS), which we dive deep into during this session. We provide a framework for using IAM roles and customer-managed encryption keys to securely interact with your customer's data and also showcase working example code that can be implemented across all compliance frameworks, as well as across applications that do not have specific compliance requirements.
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Amazon Web Services
(Presented by Identity Automation) Identity Automation has worked with the North Carolina Department of Public Instruction since April 2013 to provide a cloud-based identity management service for all employees, students, parents and guests of the State’s K12 organizations. In this session, Identity Automation will discuss how the service was used to synchronize identities with target systems, provide federation services as well as end-user self-service and to delegate administration functionality.
This webinar will introduce the AWS Shared Security Model. We will examine how to use the inherent security of the AWS environment, coupled with the security tools and features AWS makes available, to create a resilient environment with the security you need.
Learning Objectives:
• Understand the security measures AWS puts in place to secure the environment where your data lives
• Understand the tools AWS offers to help you create a resilient environment with the security you need
• Consider actions when moving a sensitive workload to AWS • Security benefits you can expect by deploying in the AWS Cloud
Who Should Attend:
- Prospects and customers with a security background
- Who are interested in using AWS to manage security-sensitive workloads
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...Amazon Web Services
With security-relevant services such as AWS Config, VPC Flow Logs, Amazon CloudWatch Events, and AWS Lambda, you now have the ability to programmatically wrangle security events that may occur within your AWS environment, including prevention, detection, response, and remediation. This session covers the process of automating security event response with various AWS building blocks, taking several ideas from drawing board to code, and gaining confidence in your coverage by proactively testing security monitoring and response effectiveness before anyone else does.
Architecting applications on amazon web services with node.jsHenry Fougere
Architecting Applications on Amazon Web Services with Node.js
In this talk we will learn about how to build applications on AWS that leverage some of the most commonly used service offerings including EC2, Lambda, VPC, S3, API Gateway, IAM, CloudFront, DynamoDB and Cognito.
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). We will discuss core VPC concepts including picking your IP space, subnetting, routing, security, NAT and VPC Endpoints.
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
"You’ve made the move to AWS and are now reaping the benefits of decreased costs and increased business agility. How can you reap those same benefits for your cloud security and compliance operations? As building cloud-native applications requires different skill sets, architectures, integrations, and processes, implementing effective, scalable, and robust security for the cloud requires rethinking everything from your security tools to your team culture.
Attend this session to learn how to start down the path toward security and compliance automation and hear how DevSecOps leaders such as Intuit and Capital One are using AWS, DevOps, and automation to transform their security operations.
Session sponsored by evident.io"
Amazon Web Services offers a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. Amazon Web Services provides security-specific tools and features across network security, configuration management, access control and data security. In addition, Amazon Web Services provides monitoring and logging tools to provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that Amazon Web Services offers, and the latest security innovations coming from Amazon Web Services.
Andrew Watts-Curnow, Cloud Architect - Professional Services, ASEAN
Want to learn more about Compliance in the Cloud? Attend the AWS Compliance Summit, where key verticals such as Financial Services, Government and Public Sector, and Healthcare and Life Sciences will be discussed, along with customer use cases and prescriptive guidance from AWS subject matter experts.
Innovating IAM Protection for AWS with Dome9 - Session Sponsored by Dome9Amazon Web Services
Innovating IAM Protection for AWS. Protecting your IAM users and roles is a priority for security professionals and DevOps teams alike. The challenge becomes more complex when adding multiple AWS accounts, many users, and a growing list of local and cross account roles. By utilizing an innovative IAM protection solution, you can successfully defend your AWS cloud from new threats.
In this 30 min session you will learn:
How to identify and map out potential IAM risk factors and attack vectors.
How to prevent potentially dangerous activities over your AWS accounts directly from your mobile device.
How to defend your AWS investment from compromised credentials and malicious insiders that can impact your business.
Speaker: Patrick Pushor, Chief Technical Evangelist at Dome9
This session is for IT pros working with compliance managers to deliver solutions that lower costs and still meet compliance demands. You will learn how to move large scale data stores to the cloud, while remaining compliant with existing regulations. Services mentioned: S3, Glacier and the Vault Lock feature, Snowball, ingestion services.
Extending Datacenters to the Cloud: Connectivity Options and Considerations f...Amazon Web Services
Many organizations on their journey into the cloud require consistent and highly secure connectivity between their existing data center and AWS footprints. In this session, we walk through the different architecture options for establishing this connectivity using AWS Direct Connect and VPN. With each option, we evaluate the considerations and discuss risk, performance, encryption, and cost. As we walk through these options, we try to answer some of the most common questions that typically arise from organizations that tackle design and implementation. You'll learn how to make connectivity decisions that are suitable for your workloads, and how to best prepare against business impact in the event of failure.
Rackspace provides a comprehensive set of tooling and expertise on AWS that further unlocks your ability to secure your environment efficiently and cost effectively. The dynamic environment of data, applications, and infrastructure can pose challenges for businesses trying to manage security while following compliance regulations. To mitigate these challenges, businesses need a scalable security solution to ensure their data is safe, secure, and stable. In this webinar, Brad Schulteis, Jarret Raim and Todd Gleason will discuss the topic of security control requirements on AWS through the lens of three common compliance scenarios: HIPAA, PCI-DSS, and generalized security compliance based on the NIST Risk Management Framework. Watch our webinar to learn how Rackspace combines AWS and security expertise with tools like AWS CloudFormation, AWS CodeCommit and AWS CodeDeploy to help customers meet their security and compliance needs.
Join us to learn:
• Best practices for securely operating workloads on the AWS Cloud
• Architecting a secure environment for dynamic workloads
• How to incorporate Security by Design principles to address compliance needs across 3 use cases: HIPAA, PCI-DSS and generalized security compliance based on the NIST Risk Management Framework
Who should attend: Directors and Managers of Security, IT Administers, IT Architects, and IT Security Engineers
Organizations need to apply security analytics to obtain seamless visibility and monitoring across both their on-premises and cloud environments. These challenges can be solved with comprehensive detection rules and behavioral analytics to ensure you detect potential threats.
Join FireEye and AWS to learn how Threat Analytics Platform (TAP) helped unify a major U.S. financial company’s on-premises and cloud-based Security Operations Centers (SOCs) by providing a single, cloud-based solution for monitoring their hybrid IT environment. FireEye’s TAP provides seamless visibility, detection and investigation across your on-premises and AWS Cloud environments ensuring actionable insight into threats targeting your company.
Join us to learn:
• How TAP ingests and analyzes AWS CloudTrail log files, providing visibility into both your AWS environment and the applications running on it
• TAP's best practices workflow to guide and inform your threat investigation
• How a major U.S. financial company unified their on-premises and cloud-based SOCs in to a single, cloud-based security operation
Who should attend: Directors and Managers of Security, IT Administrators, IT Architects, and IT Security Engineers
AWS re:Invent 2016: IoT: Build, Test, and Securely Scale (GPST302)Amazon Web Services
With the rapid adoption of IoT services on AWS, how do partners and organizations effectively build, test, scale, and secure these highly transaction-data laden systems? This session is a deep dive on the API, SDK, device gateway, rules engine, and device shadows. Consulting and Technology Partner customers share their experiences as we highlight lessons learned and best practices to increase audience efficacy.
AWS re:Invent 2016: Advanced Techniques for Managing Sensitive Data in the Cl...Amazon Web Services
In this session, we discuss compliance programs at AWS, as well as key AWS security best practices for technology and consulting partners. Regardless of whether you have customers with stringent compliance requirements, security should be a top priority when thinking about your customer service model. AWS provides native security tools at all layers with such services AWS Identity and Access Management (IAM) and AWS Key Management Service (AWS KMS), which we dive deep into during this session. We provide a framework for using IAM roles and customer-managed encryption keys to securely interact with your customer's data and also showcase working example code that can be implemented across all compliance frameworks, as well as across applications that do not have specific compliance requirements.
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Amazon Web Services
(Presented by Identity Automation) Identity Automation has worked with the North Carolina Department of Public Instruction since April 2013 to provide a cloud-based identity management service for all employees, students, parents and guests of the State’s K12 organizations. In this session, Identity Automation will discuss how the service was used to synchronize identities with target systems, provide federation services as well as end-user self-service and to delegate administration functionality.
This webinar will introduce the AWS Shared Security Model. We will examine how to use the inherent security of the AWS environment, coupled with the security tools and features AWS makes available, to create a resilient environment with the security you need.
Learning Objectives:
• Understand the security measures AWS puts in place to secure the environment where your data lives
• Understand the tools AWS offers to help you create a resilient environment with the security you need
• Consider actions when moving a sensitive workload to AWS • Security benefits you can expect by deploying in the AWS Cloud
Who Should Attend:
- Prospects and customers with a security background
- Who are interested in using AWS to manage security-sensitive workloads
AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to ...Amazon Web Services
With security-relevant services such as AWS Config, VPC Flow Logs, Amazon CloudWatch Events, and AWS Lambda, you now have the ability to programmatically wrangle security events that may occur within your AWS environment, including prevention, detection, response, and remediation. This session covers the process of automating security event response with various AWS building blocks, taking several ideas from drawing board to code, and gaining confidence in your coverage by proactively testing security monitoring and response effectiveness before anyone else does.
Architecting applications on amazon web services with node.jsHenry Fougere
Architecting Applications on Amazon Web Services with Node.js
In this talk we will learn about how to build applications on AWS that leverage some of the most commonly used service offerings including EC2, Lambda, VPC, S3, API Gateway, IAM, CloudFront, DynamoDB and Cognito.
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). We will discuss core VPC concepts including picking your IP space, subnetting, routing, security, NAT and VPC Endpoints.
This session showcases best practices for operating securely at scale on AWS. We’ll introduce the AWS Security Best Practices whitepaper that covers a range of security recommendations for identity and access management, logging and monitoring, infrastructure security, and data protection. We’ll also examine practical examples found in the Center for Internet Security’s CIS AWS Foundations and CIS AWS Three-Tier Web Architecture benchmarks. Information and eGovernance Authority (IGA) also steps in to debunk common security myths of cloud adoption and speak on why they entrust the cloud with data.
Module 2 AWS Foundational Services - AWSome Day Online Conference Amazon Web Services
Module 2: AWS Infrastructure – Compute, Storage and Networking
This module will cover:
- Modern Data Center Design Models
- Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
- Storage Concepts including Amazon Simple Storage Service (S3)
- Networking Concepts
- Amazon Virtual Private Cloud (VPC) concepts
by Ron Cully, Product Management Manager,
AWS Active Directory (AD) is essential for Windows workloads in the cloud. AWS offers customers multiple ways to integrate AD with cloud workloads like EC2, RDS, and AWS Enterprise Applications: AWS Directory Service for Microsoft Active Directory (Enterprise Edition) as a managed service and Active Directory running on AWS EC2 Windows instances. Which option is right for you? This session will discuss the key deployment considerations for each option to help you identify which best meets your project goals, and the effort involved. The session will cover options for integrating with your on-premises directory, port and security considerations, application considerations, and best practices. Level 200
AWS re:Invent 2016: Creating Your Virtual Data Center: VPC Fundamentals and C...Amazon Web Services
In this session, we walk through the fundamentals of Amazon VPC. First, we cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks that AWS makes available with Amazon VPC and how you can connect this with your offices and current data center footprint.
AWS re:Invent 2016: From One to Many: Evolving VPC Design (ARC302)Amazon Web Services
As more customers adopt Amazon VPC architectures, the features and flexibility of the service are squaring off against evolving design requirements. This session follows this evolution of a single regional VPC into a multi-VPC, multi-region design with diverse connectivity into on-premises systems and infrastructure. Along the way, we investigate creative customer solutions for scaling and securing outbound VPC traffic, securing private access to Amazon S3, managing multi-tenant VPCs, integrating existing customer networks through AWS Direct Connect, and building a full VPC mesh network across global regions.
Compare Cloud Services: AWS vs Azure vs Google vs IBMRightScale
Most enterprises are leveraging multiple clouds, but it can be difficult to understand which services are available in each cloud and how they compare. If you are looking to move a workload, you may not know what the equivalent services are on a different cloud. We outline the services available for each public cloud provider and share a free tool to compare public cloud features.
Introduction to AWS VPC, Guidelines, and Best PracticesGary Silverman
I crafted this presentation for the AWS Chicago Meetup. This deck covers the rationale, building blocks, guidelines, and several best practices for Amazon Web Services Virtual Private Cloud. I classify it as a somewhere between a 101 and 201 level presentation.
If you like the presentation, I would appreciate you clicking the Like button.
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. In this talk, we discuss advanced tasks in Amazon VPC, including the implementation of Amazon VPC peering, the creation of multiple network zones, the establishment of private connections, and the use of multiple routing tables. We also provide information for current Amazon EC2-Classic network customers and help you prepare to adopt Amazon VPC.
Speakers:
Steve Seymour, AWS Solutions Architect
Eamonn O'Neill, Director, Lemongrass Consulting
Jackie Wong, Head of Networks, Financial Times
Module 2: AWS Infrastructure – Compute, Storage and Networking - AWSome Day O...Amazon Web Services
Module 2: AWS Infrastructure – Compute, Storage and Networking
This module will cover:
Modern Data Center Design Models
Amazon Elastic Cloud Compute (EC2) concepts including instance types and families, AMIs and meta and user data
Storage Concepts including Amazon Simple Storage Service (S3)
Networking Concepts
Amazon Virtual Private Cloud (VPC) concepts
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.). This will include operational reporting through the use of AWS services (e.g. Config/Config Rules, CloudTrail, Inspector, etc.) as well as partner integration capabilities with partner solutions such as Splunk and Allgress for real-time governance, risk, and compliance reporting. Key takeaways from this session include: learning AWS Security best practices and automation capabilities for securing your environment, Automation accelerators for configuration, compliance, and audit reporting using CloudFormation, Config/Config Rules, CloudTrail, Inspector, etc., and ISV integration for real-time notification and reporting for security, compliance, and auditing in the cloud.
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.). This will include operational reporting through the use of AWS services (e.g. Config/Config Rules, CloudTrail, Inspector, etc.) as well as partner integration capabilities with partner solutions such as Splunk and Allgress for real-time governance, risk, and compliance reporting. Key takeaways from this session include: learning AWS Security best practices and automation capabilities for securing your environment, Automation accelerators for configuration, compliance, and audit reporting using CloudFormation, Config/Config Rules, CloudTrail, Inspector, etc., and ISV integration for real-time notification and reporting for security, compliance, and auditing in the cloud.
Compliance in the Cloud Using “Security by Design” PrinciplesAmazon Web Services
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.).
here's where Microsoft has invested, across these areas: identity and access management, apps and data security, network security, threat protection, and security management.
We’ve put a tremendous amount of investment into these areas and the way it shows up is across a pretty broad array of product areas and features.
Our Identity and Access Management tools enable you to take an identity-based approach to security, and establish truly conditional access policies
Our App and Data Security help you protect your apps and your data as it moves around—both inside and outside your organization
Azure includes a robust networking infrastructure with built-in security controls for your application and service connectivity.
Our Threat Protection capabilities are built in and fully integrated, so you can strengthen both pre-breach protection with deep capabilities across e-mail, collaboration services, and end points including hardware based protection; and post-breach detection that includes memory and kernel based protection and response with automation.
And our Security Management tools give you the visibility and more importantly the guidance to manage policy centrally
AWS Cloud Governance & Security through Automation - Atlanta AWS BuildersJames Strong
Is that requirement from NIST 800-53 Controls or NIST 800-190? If you've ever wondered where those pesky cloud security controls come from, this meetup is for you.
In this Meetup, Jame Strong and Jason Lutz from Contino (an AWS Premier Consulting Partner) will discuss how Contino views DevSecOps. They will review the Benefits of DevSecOps:
- Cost Reduction
- Speed of Delivery
- Speed of Recovery
- Security is Federated
- DevSecOps Fosters a Culture of Openness and Transparency
During this Meetup, James and Jason will show you how to harden and secure a container pipeline and AWS network. Briefly, they will demonstrate how to deploy accounts with a Cloud Security Posture and review security best practices from AWS, CIS, and NIST. They will also touch on how to integrate changes in your infrastructure pipelines to adhere to your Enterprise's Security Compliance Guidelines.
If you're interested in integrating security and compliance into your Application and Infrastructure pipelines to realize the benefits of DevSecOps, join us in this virtual meetup.
Check Point Software Technologies: Secure Your AWS WorkloadsAmazon Web Services
Hosting workloads on AWS provides organizations with agility, speed, efficiency, and reduced costs. Check Point vSEC further enhances this experience by delivering advanced, multi-layered threat prevention security for your AWS workloads, protecting assets and enabling secure connectivity from enterprise networks to your AWS resources. Register for our upcoming webinar to learn how Check Point vSEC on AWS provided customers with an advanced threat prevention solution to enable secure application delivery. Learn how to migrate your applications and workloads to AWS with vSEC’s comprehensive security solution tailored to help protect your cloud environment.
Join us to learn:
• How Check Point vSEC enabled customers to confidently migrate from an on-premises infrastructure to AWS
• How to prevent network attacks and data breaches when hosting workloads in a cloud-based environment
• How Courtagen Life Sciences secured their cloud environment to maintain compliance, reduce IT expenses and leverage the full capabilities of the AWS Cloud
Who should attend:
IT Admins, Security Admins, Cloud Admins, Business Decision Makers, Compliance & governance officers, Line of Business leaders, DevOps engineers & architects
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
Organizations that are transitioning from a traditional data center to an on-demand IT environment, such as AWS, are quickly finding that automating and scaling legacy security services for comprehensive workload security can be challenging. In light of these challenges, it is necessary to deploy a security solution that employs the same versatility and elasticity as the cloud workloads it is meant to protect. CloudPassage® Halo® provides virtually instant visibility and continuous protection for servers in any combination of data centers, private clouds and public clouds like AWS. Join Xero and CloudPassage to learn about best practices for migrating your security workloads to the cloud.
Join us to learn:
- Best practices for maintaining workload security
- How you can align cloud security deployment methods with on-premises deployment methods
- Key considerations for architecting your infrastructure to scale quickly and securely
Who should attend: CTOs, CIOs, CISOs, Directors and Managers of Security, IT Administers, IT Architects and IT Security Engineers
Understand what it means to develop a cloud security strategy as a cybersecurity specialist. Gain mastery in core skills via the best cybersecurity certification programs. Becoming a Cloud security professional is made easy with USCSI®.
Read more: https://shorturl.at/lDGL7
Understand what it means to develop a cloud security strategy as a cybersecurity specialist. Gain mastery in core skills via the best cybersecurity certification programs. Becoming a Cloud security professional is made easy with USCSI®.
Read more: https://shorturl.at/lDGL7
Security in Clouds: Cloud security challenges – Software as a
Service Security, Common Standards: The Open Cloud Consortium – The Distributed management Task Force – Standards for application Developers – Standards for Messaging – Standards for Security, End user access to cloud computing, Mobile Internet devices and the cloud. Hadoop – MapReduce – Virtual Box — Google App Engine – Programming Environment for Google App Engine.
How to Meet Strict Security & Compliance Requirements in the Cloud (SEC208) |...Amazon Web Services
(Presented by Trend Micro)
In this session, you learn about the AWS shared security model, including considerations and best practices for deploying a secure and compliant application on AWS, and how to leverage the features and APIs provided by AWS. You also learn how to use best-in-class security and compliance solutions that have been optimized for enterprises deploying in AWS.
Key topics covered are Amazon EC2 and Amazon EBS encryption, including several key management methodologies as well as intrusion detection and prevention, anti-malware, anti-virus, integrity monitoring, firewall, and web reputation in the cloud.
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
Availability of cloud computing is helping Financial Services organizations realize accelerated go-to-market speeds, global scalability, and cost efficiencies. This new world forces considerations for security programs – what is different in the cloud and what do I do differently? AWS Security Architects will share protocols that need to be considered in the cloud, on premises, or in a hybrid model. They will also share best practices, lessons learned, efficiencies, and design patterns and architectures unique to cloud.
The session will be focusing how cloud-native security platform can continuously discovers workloads, identifies risk, and enforces security policies in any multi-cloud environment. Additionally it will also cover the Automated policy generation through agent-less security controls makes protecting data and applications the easiest thing to do in the cloud.
The Speaker of the session will be Dr. Ratinder Paul Singh Ahuja, Founder and Chief Research and Development Officer, Shield X, USA
Dr. Ratinder leads ShieldX and its mission as its central pivot point. Drawing from a career as a successful serial entrepreneur and corporate leader, he brings his unique blend of business acumen, industry network and deep technical knowledge.
At his previous start-ups, Internet Junction, Webstacks and Reconnex he served as Chief Technology Officer and Vice President of the Mobile and Network Security Business Units. His knowledge of innovation and emerging trends in networking, network security, and data-loss prevention are derived from years of industry experience. Dr. Ahuja holds a BS in Electronics & Electrical Engineering from Thapar University, in India, and a Masters and Ph.D. in Computer Engineering from Iowa State University. Dr. Ahuja has been granted 61 patents for security-based technologies, and has presented in many public forums, including the Content Protection Summit, IC3, IEEE Computer Society, McAfee FOCUS, and the Cloud Expo.
Security and Compliance – Most Commonly Asked Questions - Technical 101Amazon Web Services
We've heard from our customers that using AWS allows them to operate even more securely than they could in their own data centres. Why is this? We will tackle the most commonly asked security & compliance questions customers ask when adopting the AWS Cloud. We will demonstrate practical ways to make sure you're operating securely, and hear first-hand from an AWS customer about how they are using the platform today and the importance of getting this right.
Speaker: Matthew Jobson, Account Manager, Amazon Web Services & Ben Chung, Head of Security Assurance, Amazon Web Services, APAC
Featured Customer - Health Direct Australia
AWS re:Invent 2016: Chalk Talk: Applying Security-by-Design to Drive Complian...Amazon Web Services
The cloud is accelerating the pace at which companies innovate and has shifted the focus on how to approach technology governance and compliance. AWS elects to have a variety of security assessments performed and provides several built-in security features to help meet your security and compliance objectives. In this open roundtable session, we look at how AWS attestations and governance automation can reduce scope to drive security, compliance, and audit assertions across customers organizations. Come and join a discussion with AWS security and compliance Solutions Architects.
Public cloud providers operate on a shared responsibility model, which places the onus on the customer to define and secure the data and applications that are hosted within cloud infrastructure.
To that end, it is critical that organizations accurately and selectively pinpoint which cloud workloads and virtual IT assets must be monitored, updated and patched based on developing threats to customer data and applications.
In this webcast, Mark Butler, Chief Information Security Officer at Qualys, and Hari Srinivasan, Director of Product Management for Qualys Cloud and Virtualization Security detail how you can gain complete visibility of your organization’s entire cloud asset inventory and security posture to help you keep up with shared security responsibility models across public cloud infrastructure.
The presentation covers:
• Challenges surrounding increased migration to public clouds
• Using automation for secure DevOps
• How to ensure effective and efficient operations
To watch the on-demand webcast, visit https://lps.qualys.com/securing-your-public-cloud-infrastructure.html
Similar to Compliance in the Cloud Using Security by Design (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
2. Problem Statement
Increasing complexity (mobility, system connectivity)
causes increasing difficulty in managing risk and security
and demonstrating compliance.
4. Issues–Technology Governance
The majority of technology governance processes relies
predominantly on administrative and operational security
controls with LIMITED technology enforcement.
Assets
ThreatVulnerability
Risk
AWS has an opportunity to innovate and
advance technology governance services.
5. Flexibility and Complexity
What is the regulatory
requirement?
What's in scope or out
of scope?
How to verify the
standards are met?
6. Security by Design
Security by Design (SbD) is a security
assurance approach that formalizes AWS
account design, automates security controls,
and streamlines auditing.
Instead of relying on auditing security
retroactively, SbD provides built-in security
control throughout the AWS IT management
process.
AWS Identity &
Access Management
AWS CloudTrail
Amazon
CloudWatch
AWS Config rules
AWS Trusted
Advisor
AWS CloudHSMAWS KMS
AWS Directory
Service
7. Security by Design‒Design Principles
• Build security in every layer
• Design for failures
• Implement auto healing
• Think parallel
• Plan for breach
• Don't fear constraints
• Leverage different storage options
• Design for cost
• Treat Infrastructure as code
− Modular
− Versioned
− Constrained
Developing new risk mitigation capabilities, which go beyond global security
frameworks, by treating risks, eliminating manual processes, and optimizing
evidence and audit ratifications processes through rigid automation
9. SbD‒Modernize Tech Governance (MTG)
Why?
Complexity is growing, making the old way to
govern technology obsolete
You need automation AWS offers to manage
security
10. Goal‒Modernize Tech Governance (MTG)
Adopting “prevent” controls, making
“detect” controls more powerful and
comprehensive
11. SbD‒Modernizing Technology Governance (MTG)
1.2 Identify Workloads Moving to AWS
2.1 Rationalize
Security Requirements
2.2 Define Data
Protections and Controls
2.3 Document
Security Architecture
3.1 Build/deploy
Security Architecture
1. Decide what
to do (Strategy)
2. Analyze and
Document
(outside of AWS)
1.1 Identify Stakeholders
3. Automate,
Deploy & Monitor
3.2 Automate
Security Operations
4. Certify
3.3 Continuous
Monitor
4.1 Audit and Certification
3.4 Testing and
Game Days
12. SbD–Rationalize Security Requirements
AWS has partnered with CIS Benchmarks to create consensus-based, best-practice security
configuration guides which align to multiple security frameworks globally.
https://www.cisecurity.org/
The Benchmarks are:
• Recommended technical control
rules/values for hardening operating
systems, middleware, and software
applications, and network devices
• Distributed free of charge by CIS in .pdf
format
• Used by thousands of enterprises as the
basis for security configuration policies and
the de facto standard for IT configuration
best practices
16. Unisys Stealth(cloud) for Amazon Web
Services (AWS)
Advanced Security for Advanced Threats
Jack Koons, Industry Director, Global Security Solutions
Contact: Jack.Koons@Unisys.Com
17. Why Unisys Stealth(cloud) for AWS?
Enhanced Security
Micro-segment your AWS
deployment using cryptography
Ease of use
Intuitive interface to
define and modify
access control
Enhanced Control
Access control based on roles,
rather than IP addresses and
ports
18. With Unisys Stealth(cloud) for AWS, you can…
App servers
Web servers
Databases
Recruitment app
PCI app
…do all this, without losing access to common AWS services.
Route 53
S3 storage
19. A large US state government
uses Stealth to securely
segment state agencies in the
same datacenter
A US government agency
uses Stealth for secure
telecommuting
Large science company is
implementing Stealth to protect
its process control
environment and safeguard its
IP
A healthcare organization is
using Stealth to verify secure
transmission of data between
multiple hospitals
Industry leader in graphical
processors secures remote
access to virtual desktops,
and segments the internal
network with COI to secure
to sensitive data
Brazil service provider to
public sector social services
uses Stealth to securely
transmit copies of disk images
between multiple sites
PCI DSS compliance for
point-of-sale environment;
conventional approach of
buying new switches and
firewalls was too expensive
Unisys uses Stealth to secure
and protect our high-value
application and database
servers, for secure remote
telecommuting and
regional isolation
Stealth Clients with “Zero Tolerance” for
Breaches
20. Unisys Security Portfolio: Addressing the
Needs of Your Evolving Security Landscape
PHYSICAL
SECURITY
LOGICAL
SECURITY
26. Closing the Loop
SbD‒Modernizing Technology Governance
Result: Reliable technical implementation and enforcement
of operational and administrative controls
27. AWS Resources
Amazon Web Services Cloud Compliance
• https://aws.amazon.com/compliance/
SbD website and whitepaper–to wrap your head around this
• https://aws.amazon.com/compliance/security-by-design/