SlideShare a Scribd company logo
Compliance
Superpowers
Ben Blair - VPE Catalytic
June 7, 2018
What to
Expect
● Who is this talk for?
● What is compliance
& why should you care?
● Change Management
● AWS Account Organization
● Access Control
● Monitoring & Logging
● Encryption
● Vulnerabilities & Malware
2
Security
vs.
Agility?
Compliance Superpowers - Ben Blair, Chicago
Compliance Superpowers - Ben Blair, Chicago
What to
Expect
✓ Who is this talk for?
● What is compliance
& why should you care?
● Change Management
● AWS Account Organization
● Access Control
● Monitoring & Logging
● Encryption
● Availability & Durability
● Vulnerabilities & Malware
6
Catalytic’s Compliance Story
● Founded 3 years ago
● B2B SaaS
● 50 Employees
● 1 in-house former auditor
● HIPAA & SOC 2 in 4 months with
3 engineers
● Opened the door to many F500
& healthcare customers
7
Why care about compliance?
8
Laws & Regulations
Unlock Sales
Safe Agility
Happy
Team
Why care about compliance?
9
Laws & Regulations
Unlock Sales
Safe Agility
Happy
Team
Why care about compliance?
10
Laws & Regulations
Unlock Sales
Safe Agility
Happy
Team
Why care about compliance?
11
Laws & Regulations
Unlock Sales
Safe Agility
Trust
12
Common Standards
General
SOC 2
ISO
GDPR
HIPAA
PCI
FedRAMP
Specialized
13
Audits
Before
Get Help!
Choose Targets
Choose Auditor
Document
Evaluate Readiness
Maintain Process
Periodic Reviews
Track Changes
Keep Evidence
Notify
After
14
During
Point Person
Walkthrough
Review Policies
Review Controls
Gather Evidence
Process Matters
not Tech
Compliance Should Never
Force a Bad Solution
What to
Expect
✓ Who is this talk for?
✓ What is compliance
& why should you care?
● Change Management
● AWS Account Organization
● Access Control
● Monitoring & Logging
● Encryption
● Availability & Durability
● Vulnerabilities & Malware
17
Change Management
Risks
● Broken functionality (Availability)
● Introduce a vulnerability
● Introduce a time bomb
● Introduce a back door
● Weaken a protection
Controls
● Infrastructure as Code
● Code Review
● Realistic, Isolated Dev / Test
Environments
● Continuous Integration
● Continuous Deployment
● Static Analysis
● Vulnerability Scanning
18
git branch
master
CloudFormation
Testing
CodeBuild
Dev Account
Code Review
And Approval
CloudFormationCodeBuild
Prod Account
Code Repo
Code Repo
Change Management
19
Change Ticket
Ticket System
● Tracks every change request
● Tickets remain open until closed
● Comments and discussion
matter to your auditors!
● GitHub
● Jira
● Catalytic
● Many others ...
20
Code Repository
● Record of *every* change made
● When
● By Whom
● Why
● Comments and discussion
matter to your auditors!
● GitHub
● GitLab
● AWS CodeCommit
● BitBucket
● ...
21
Continuous Integration & Deployment
CodeBuild
● Automated Tests for every change
● Test Coverage
● Static Analysis
● Vulnerability / CVE checks
● Reproducible Builds
(AMIs, Docker Images, CF Templates)
● The Only IAM role with Deploy rights
● AWS CodeBuild
● CircleCI
● Jenkins
● CodeShip
● ...
22
Infrastructure as Code
CloudFormation
● Safely deploy infrastructure changes many times per day
● Auditable log of infrastructure changes alongside
code changes
● Reproducible infrastructure changes
● Same dev / test / approve / deploy process
for infrastructure changes
● Reduces the most catastrophic kinds of errors
● Encourages immutable infrastructure
● AWS CloudFormation
● Terraform
● Mutable: Chef, Ansible, Puppet, Salt
● ...
23
Code Review
● Every change gets reviewed and approved
● Security Review
● Reduces risks
● Spreads knowledge through your team
● Escalate riskier changes
● Capture reasoning in discussions
● GitHub
● GitLab
● Jira
● BitBucket
● ...
24
Testing
Manual +
Automated
● Test application & infrastructure changes together
● Automated End-to-end tests
● Manual QA Tests
● Migration / Deployment tests
● Failure recovery tests
● Many different tools for this
● ...
25
Production Deploy
CloudFormation
● Exact same as non-production deploy
● Cannot be done without approval
● Know exactly what code & infrastructure
is in production by looking at your repo(s)
● Revert & Merge: Default rollback process!
26
Continuous Improvement
● A place and a process to make all other changes
● Trigger reviews for emergency changes
● Place to add new controls
● Place to include security checks and
auto-remediation
27
Benefits of Good Change Management
For your team
● Agility
● Safety
● Ease
● Continuous improvement
● Sleep at night
For your auditors
● Auditable, documented process
● Followed every release
● Produces evidence it was
followed
28
What to
Expect
✓ Who is this talk for?
✓ What is compliance
& why should you care?
✓ Change Management
● AWS Account Organization
● Access Control
● Monitoring & Logging
● Encryption
● Availability & Durability
● Vulnerabilities & Malware
29
Organization Master Account
Security Logging Production
Staging
Test
Dev
CI / CD
30
Security Logging Production
Staging
Test
Dev
CI / CD
Organization Master Account
31
Organization Master Account
Production
Staging
Test
Dev
CI / CD
Security Logging
32
Organization Master Account
Production
Staging
Test
Dev
Security Logging
CI / CD
33
Organization Master Account
ProductionSecurity Logging
CI / CD
Staging
Test
Dev
34
Organization Master Account
Security Logging
CI / CD
Staging
Test
Dev
Production
35
Organization Master Account
Security Logging
CI / CD
Staging
Test
Dev
Audit Scope
Production
36
What to
Expect
✓ Who is this talk for?
✓ What is compliance
& why should you care?
✓ Change Management
✓ AWS Account Organization
● Access Control
● Monitoring & Logging
● Encryption
● Availability & Durability
● Vulnerabilities & Malware
37
Organization Master Account
ProductionLogging
CI / CD
Staging
Test
Dev
Security
38
Organization Master Account
ProductionLogging
CI / CD
Staging
Test
Dev
Security
Vault
39
Organization Master Account
ProductionLogging
CI / CD
Staging
Test
Dev
Security
Identity Provider
40
Organization Master Account
ProductionLogging
CI / CD
DevSecurity
Identity Provider
41
Organization Master Account
ProductionLogging
CI / CD
DevSecurity
Identity Provider
42
Identity & Authentication
● Never use the root account
● Consider identity federation into one account to
manage users
● Use cross-account role assumption
● IAM users should have very limited privileges
● Use role assumption for “break glass” privilege
escalation when needed
43
What to
Expect
✓ Who is this talk for?
✓ What is compliance
& why should you care?
✓ Change Management
✓ AWS Account Organization
✓ Access Control
● Monitoring & Logging
● Encryption
● Availability & Durability
● Vulnerabilities & Malware 44
Organization Master Account
Security Logging Production
Staging
Test
Dev
CI / CD
45
Each Account
CloudTrail
46
Each Account
CloudTrail
Logging
47
Each Account
CloudWatch
Logs
CloudTrail
Logging
48
Each Account
CloudWatch
Logs
CloudTrail
Logging
49
Each Account
VPC Flow
Logs
CloudWatch
Logs
CloudTrail
Logging
50
Each Account
VPC Flow
Logs
CloudWatch
Logs
Instances
Containers
Applications
CloudTrail
Logging
51
Each Account
VPC Flow
Logs
CloudWatch
Logs
CloudWatch
Alarms
Instances
Containers
Applications
CloudTrail
Logging
52
Logging Each Account
VPC Flow
Logs
CloudWatch
Logs
CloudWatch
Alarms
Instances
Containers
Applications
CloudTrail
53
Logging Each Account
VPC Flow
Logs
CloudWatch
Logs
CloudWatch
Alarms
Instances
Containers
Applications
CloudTrail
Ticketing
System
54
Each Account
Ticketing
System
Config
55
Each Account
Trusted
Advisor
Ticketing
System
Config
56
Each Account
Trusted
Advisor
GuardDuty
Ticketing
System
Config
57
What to
Expect
✓ Who is this talk for?
✓ What is compliance
& why should you care?
✓ Change Management
✓ AWS Account Organization
✓ Access Control
✓ Monitoring & Logging
● Encryption
● Availability & Durability
● Vulnerabilities & Malware 58
Application Account
AZ 3
AZ 2
Public Subnet
AZ 1
AZ 3
AZ 2
Private Subnet
AZ 1
59
Application Account
AZ 3
AZ 2
Public Subnet
AZ 1
AZ 3
AZ 2
Private Subnet
AZ 1
60
Application Account
AZ 3
AZ 2
Public Subnet
AZ 1
AZ 3
AZ 2
Private Subnet
AZ 1
61
Application Account
AZ 3
AZ 2
Public Subnet
AZ 1
AZ 3
AZ 2
Private Subnet
AZ 1
62
Application Account
AZ 3
AZ 2
Public Subnet
AZ 1
AZ 3
AZ 2
Private Subnet
AZ 1
63
Application Account
AZ 3
AZ 2
Public Subnet
AZ 1
AZ 3
AZ 2
Private Subnet
AZ 1
64
Application Account
AZ 3
AZ 2
Public Subnet
AZ 1
AZ 3
AZ 2
Private Subnet
AZ 1
65
Encryption
66
● Encrypt everything at Rest and in Transit
● Rely on KMS where possible
● ACM & Route53 (or Let’s Encrypt) make https easy
What to
Expect
✓ Who is this talk for?
✓ What is compliance
& why should you care?
✓ Change Management
✓ AWS Account Organization
✓ Access Control
✓ Monitoring & Logging
✓ Encryption
● Availability & Durability
● Vulnerabilities & Malware 67
Availability and Durability
68
● Multi-AZ everywhere
● Cross-region backups, re-encrypted with KMS
What to
Expect
✓ Who is this talk for?
✓ What is compliance
& why should you care?
✓ Change Management
✓ AWS Account Organization
✓ Access Control
✓ Monitoring & Logging
✓ Encryption
✓ Availability & Durability
● Vulnerabilities & Malware 69
Application Account
AZ 3
AZ 2
Public Subnet
AZ 1
AZ 3
AZ 2
Private Subnet
AZ 1
70
Application Account
AZ 3
AZ 2
AZ 3
AZ 2
Private Subnet
AZ 1
Immutable:
Rebuild &
Replace
71
Application Account
AZ 3
AZ 2
AZ 3
AZ 2
Private Subnet
AZ 1
Patch & CVE
Feed
72
Ticketing
System
Application Account
AZ 3
AZ 2
AZ 3
AZ 2
Private Subnet
AZ 1
Read Only FS
Short Lifetime
73
Application Account
AZ 3
AZ 2
AZ 3
AZ 2
Private Subnet
AZ 1No SSH
74
Application Account
AZ 3
AZ 2
AZ 3
AZ 2
Private Subnet
AZ 1
75
Security
Groups
AWS WAF
Vulnerabilities & Malware
76
● Automate building new AMIs and Docker images
for each release
● Use services to scan for and notify you of new
CVEs or patches
● Use the AWS Linux AMI Security (ALAS) site and
RSS feed
● Regular Penetration Tests
Resources
Resources
Center for Internet Security (CIS) AWS Benchmarks
https://www.cisecurity.org/benchmark/amazon_web_services/
AWS CIS Benchmark QuickStart
https://github.com/awslabs/aws-security-benchmark
CloudFormation Template for CloudTrail alarms
https://github.com/aws-samples/
aws-cloudtrail-analyzer-workshop/blob/master/README.md
78
Conclusion
● Agile vs Compliance is a false choice
● Don’t be afraid of compliance
● Some simple best-practices will get you most of
the way there
● Invest in Change Management first
● Earn your customer’s trust!
79
https://catalytic.com
@wearecatalytic
ben@catalytic.com
@stochastic_code
Keep in Touch
80
Questions

More Related Content

What's hot

GlobalLogic Azure TechTalk ONLINE “Marketing Data Lake in Azure”
GlobalLogic Azure TechTalk ONLINE “Marketing Data Lake in Azure”GlobalLogic Azure TechTalk ONLINE “Marketing Data Lake in Azure”
GlobalLogic Azure TechTalk ONLINE “Marketing Data Lake in Azure”
GlobalLogic Ukraine
 
Running OpenCDISC in sas
Running OpenCDISC in sasRunning OpenCDISC in sas
Running OpenCDISC in sas
Kevin Lee
 
Bandit and Gosec - Security Linters
Bandit and Gosec - Security LintersBandit and Gosec - Security Linters
Bandit and Gosec - Security Linters
EricBrown328
 
Continuous integration at CartoDB March '16
Continuous integration at CartoDB March '16Continuous integration at CartoDB March '16
Continuous integration at CartoDB March '16
Juan Ignacio Sánchez Lara
 
Cloud-native Java EE-volution
Cloud-native Java EE-volutionCloud-native Java EE-volution
Cloud-native Java EE-volution
QAware GmbH
 
Software Supply Chains for DevOps @ InfoQ Live 2021
Software Supply Chains for DevOps @ InfoQ Live 2021Software Supply Chains for DevOps @ InfoQ Live 2021
Software Supply Chains for DevOps @ InfoQ Live 2021
Aysylu Greenberg
 

What's hot (6)

GlobalLogic Azure TechTalk ONLINE “Marketing Data Lake in Azure”
GlobalLogic Azure TechTalk ONLINE “Marketing Data Lake in Azure”GlobalLogic Azure TechTalk ONLINE “Marketing Data Lake in Azure”
GlobalLogic Azure TechTalk ONLINE “Marketing Data Lake in Azure”
 
Running OpenCDISC in sas
Running OpenCDISC in sasRunning OpenCDISC in sas
Running OpenCDISC in sas
 
Bandit and Gosec - Security Linters
Bandit and Gosec - Security LintersBandit and Gosec - Security Linters
Bandit and Gosec - Security Linters
 
Continuous integration at CartoDB March '16
Continuous integration at CartoDB March '16Continuous integration at CartoDB March '16
Continuous integration at CartoDB March '16
 
Cloud-native Java EE-volution
Cloud-native Java EE-volutionCloud-native Java EE-volution
Cloud-native Java EE-volution
 
Software Supply Chains for DevOps @ InfoQ Live 2021
Software Supply Chains for DevOps @ InfoQ Live 2021Software Supply Chains for DevOps @ InfoQ Live 2021
Software Supply Chains for DevOps @ InfoQ Live 2021
 

Similar to Compliance Superpowers - Ben Blair, Chicago

Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Weaveworks
 
Automated Governance
Automated GovernanceAutomated Governance
Automated Governance
John Willis
 
GitOps 101 Presentation.pdf
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdf
ssuser31375f
 
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksSecure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Weaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Weaveworks
 
Trends and development practices in Serverless architectures
Trends and development practices in Serverless architecturesTrends and development practices in Serverless architectures
Trends and development practices in Serverless architectures
DiUS
 
Delivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsDelivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOps
Weaveworks
 
Continuous Security for GitOps
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOps
Weaveworks
 
Breaking down monoliths - DEM08-S - New York AWS Summit
Breaking down monoliths - DEM08-S - New York AWS SummitBreaking down monoliths - DEM08-S - New York AWS Summit
Breaking down monoliths - DEM08-S - New York AWS Summit
Amazon Web Services
 
Compliance superpowers aws chicago meetup august 16, 2018 [public]
Compliance superpowers   aws chicago meetup august 16, 2018 [public]Compliance superpowers   aws chicago meetup august 16, 2018 [public]
Compliance superpowers aws chicago meetup august 16, 2018 [public]
Ben Blair
 
ESB Evaluation Framework
ESB Evaluation Framework ESB Evaluation Framework
ESB Evaluation Framework
WSO2
 
Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellersCloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
Amazon Web Services
 
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Vietnam Open Infrastructure User Group
 
Speeding up your team with GitOps
Speeding up your team with GitOpsSpeeding up your team with GitOps
Speeding up your team with GitOps
Brice Fernandes
 
Cloud DevSecOps Considerations Leveraging AWS Marketplace Software
Cloud DevSecOps Considerations Leveraging AWS Marketplace SoftwareCloud DevSecOps Considerations Leveraging AWS Marketplace Software
Cloud DevSecOps Considerations Leveraging AWS Marketplace Software
Amazon Web Services
 
Moving from Monolith to Microservices
Moving from Monolith to MicroservicesMoving from Monolith to Microservices
Moving from Monolith to Microservices
Mist.io
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOps
Opsta
 
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Amazon Web Services
 
Deploying large-scale, serverless and asynchronous systems - without integrat...
Deploying large-scale, serverless and asynchronous systems - without integrat...Deploying large-scale, serverless and asynchronous systems - without integrat...
Deploying large-scale, serverless and asynchronous systems - without integrat...
DiUS
 
Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018
Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018
Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018
Amazon Web Services
 

Similar to Compliance Superpowers - Ben Blair, Chicago (20)

Webinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOpsWebinar: End to End Security & Operations with Chainguard and Weave GitOps
Webinar: End to End Security & Operations with Chainguard and Weave GitOps
 
Automated Governance
Automated GovernanceAutomated Governance
Automated Governance
 
GitOps 101 Presentation.pdf
GitOps 101 Presentation.pdfGitOps 101 Presentation.pdf
GitOps 101 Presentation.pdf
 
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & WeaveworksSecure GitOps pipelines for Kubernetes with Snyk & Weaveworks
Secure GitOps pipelines for Kubernetes with Snyk & Weaveworks
 
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)Free GitOps Workshop (with Intro to Kubernetes & GitOps)
Free GitOps Workshop (with Intro to Kubernetes & GitOps)
 
Trends and development practices in Serverless architectures
Trends and development practices in Serverless architecturesTrends and development practices in Serverless architectures
Trends and development practices in Serverless architectures
 
Delivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOpsDelivering Quality at Speed with GitOps
Delivering Quality at Speed with GitOps
 
Continuous Security for GitOps
Continuous Security for GitOpsContinuous Security for GitOps
Continuous Security for GitOps
 
Breaking down monoliths - DEM08-S - New York AWS Summit
Breaking down monoliths - DEM08-S - New York AWS SummitBreaking down monoliths - DEM08-S - New York AWS Summit
Breaking down monoliths - DEM08-S - New York AWS Summit
 
Compliance superpowers aws chicago meetup august 16, 2018 [public]
Compliance superpowers   aws chicago meetup august 16, 2018 [public]Compliance superpowers   aws chicago meetup august 16, 2018 [public]
Compliance superpowers aws chicago meetup august 16, 2018 [public]
 
ESB Evaluation Framework
ESB Evaluation Framework ESB Evaluation Framework
ESB Evaluation Framework
 
Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellersCloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
 
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
Room 2 - 4 - Juncheng Anthony Lin - Redhat - A Practical Approach to Traditio...
 
Speeding up your team with GitOps
Speeding up your team with GitOpsSpeeding up your team with GitOps
Speeding up your team with GitOps
 
Cloud DevSecOps Considerations Leveraging AWS Marketplace Software
Cloud DevSecOps Considerations Leveraging AWS Marketplace SoftwareCloud DevSecOps Considerations Leveraging AWS Marketplace Software
Cloud DevSecOps Considerations Leveraging AWS Marketplace Software
 
Moving from Monolith to Microservices
Moving from Monolith to MicroservicesMoving from Monolith to Microservices
Moving from Monolith to Microservices
 
Deploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOpsDeploy 22 microservices from scratch in 30 mins with GitOps
Deploy 22 microservices from scratch in 30 mins with GitOps
 
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
Re-Architecting a Banking Application for Scale and Reliability (SRV220-R1) -...
 
Deploying large-scale, serverless and asynchronous systems - without integrat...
Deploying large-scale, serverless and asynchronous systems - without integrat...Deploying large-scale, serverless and asynchronous systems - without integrat...
Deploying large-scale, serverless and asynchronous systems - without integrat...
 
Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018
Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018
Continuous Integration Best Practices (DEV319-R1) - AWS re:Invent 2018
 

More from AWS Chicago

David Michels: DevOps My AI at AWS Community Day Midwest 2024
David Michels: DevOps My AI at AWS Community Day Midwest 2024David Michels: DevOps My AI at AWS Community Day Midwest 2024
David Michels: DevOps My AI at AWS Community Day Midwest 2024
AWS Chicago
 
Girish Bhatia: 2024 CommunityDay AWS Lambda develop locally with SAM, Docker ...
Girish Bhatia: 2024 CommunityDay AWS Lambda develop locally with SAM, Docker ...Girish Bhatia: 2024 CommunityDay AWS Lambda develop locally with SAM, Docker ...
Girish Bhatia: 2024 CommunityDay AWS Lambda develop locally with SAM, Docker ...
AWS Chicago
 
Julia Furst Morgado Managing EKS Clusters at Scale using Blueprints and Infra...
Julia Furst Morgado	Managing EKS Clusters at Scale using Blueprints and Infra...Julia Furst Morgado	Managing EKS Clusters at Scale using Blueprints and Infra...
Julia Furst Morgado Managing EKS Clusters at Scale using Blueprints and Infra...
AWS Chicago
 
Max De Jong: Avoiding Common Pitfalls with Hosting Machine Learning Models
Max De Jong: Avoiding Common Pitfalls with Hosting Machine Learning ModelsMax De Jong: Avoiding Common Pitfalls with Hosting Machine Learning Models
Max De Jong: Avoiding Common Pitfalls with Hosting Machine Learning Models
AWS Chicago
 
Jason Butz Building Testable Serverless Applications with the Hexagonal Archi...
Jason Butz	Building Testable Serverless Applications with the Hexagonal Archi...Jason Butz	Building Testable Serverless Applications with the Hexagonal Archi...
Jason Butz Building Testable Serverless Applications with the Hexagonal Archi...
AWS Chicago
 
Muthukumaran Ardhanary AWS Datasync to migrate objects from on-prem to s3
Muthukumaran Ardhanary	AWS Datasync to migrate objects from on-prem to s3Muthukumaran Ardhanary	AWS Datasync to migrate objects from on-prem to s3
Muthukumaran Ardhanary AWS Datasync to migrate objects from on-prem to s3
AWS Chicago
 
Jeff Maruschek: How does RAG REALLY work?
Jeff Maruschek: How does RAG REALLY work?Jeff Maruschek: How does RAG REALLY work?
Jeff Maruschek: How does RAG REALLY work?
AWS Chicago
 
Jay Kahlon: Tagging Compliance The Tags are Coming!
Jay Kahlon: Tagging Compliance The Tags are Coming!Jay Kahlon: Tagging Compliance The Tags are Coming!
Jay Kahlon: Tagging Compliance The Tags are Coming!
AWS Chicago
 
Jason Wadsworth: Step Up Your SaaS Game: Serverless Orchestration and Automat...
Jason Wadsworth: Step Up Your SaaS Game: Serverless Orchestration and Automat...Jason Wadsworth: Step Up Your SaaS Game: Serverless Orchestration and Automat...
Jason Wadsworth: Step Up Your SaaS Game: Serverless Orchestration and Automat...
AWS Chicago
 
Drake Pocsatko: We have HOW many documents? We have HOW many Documents? Archi...
Drake Pocsatko: We have HOW many documents? We have HOW many Documents? Archi...Drake Pocsatko: We have HOW many documents? We have HOW many Documents? Archi...
Drake Pocsatko: We have HOW many documents? We have HOW many Documents? Archi...
AWS Chicago
 
Chris Ebert: Getting Started With Serverless Website Analytics.pdf
Chris Ebert: Getting Started With Serverless Website Analytics.pdfChris Ebert: Getting Started With Serverless Website Analytics.pdf
Chris Ebert: Getting Started With Serverless Website Analytics.pdf
AWS Chicago
 
Cameron Williams: Intelligent Document Processing for Artificial Intelligence
Cameron Williams: Intelligent Document Processing for Artificial IntelligenceCameron Williams: Intelligent Document Processing for Artificial Intelligence
Cameron Williams: Intelligent Document Processing for Artificial Intelligence
AWS Chicago
 
Brian Tarbox: S3 - Sophisticated Storage System
Brian Tarbox: S3 - Sophisticated Storage SystemBrian Tarbox: S3 - Sophisticated Storage System
Brian Tarbox: S3 - Sophisticated Storage System
AWS Chicago
 
Bob Eisenmann and Justin Ranta: Automated Application Delivery on AWS using G...
Bob Eisenmann and Justin Ranta: Automated Application Delivery on AWS using G...Bob Eisenmann and Justin Ranta: Automated Application Delivery on AWS using G...
Bob Eisenmann and Justin Ranta: Automated Application Delivery on AWS using G...
AWS Chicago
 
Mayur Runwal and Steven David: User desktops in AWS for low latency and grap...
Mayur Runwal and Steven David:  User desktops in AWS for low latency and grap...Mayur Runwal and Steven David:  User desktops in AWS for low latency and grap...
Mayur Runwal and Steven David: User desktops in AWS for low latency and grap...
AWS Chicago
 
Justin Wheeler How to Explain AWS to Non-Technical People
Justin Wheeler	How to Explain AWS to Non-Technical PeopleJustin Wheeler	How to Explain AWS to Non-Technical People
Justin Wheeler How to Explain AWS to Non-Technical People
AWS Chicago
 
Angelo Mandato: Learn about the benefits with examples how to create and main...
Angelo Mandato: Learn about the benefits with examples how to create and main...Angelo Mandato: Learn about the benefits with examples how to create and main...
Angelo Mandato: Learn about the benefits with examples how to create and main...
AWS Chicago
 
Christopher Judd: Monitor All Your Stuff with OpenTelemetry and AWS
Christopher Judd: Monitor All Your Stuff with OpenTelemetry and AWSChristopher Judd: Monitor All Your Stuff with OpenTelemetry and AWS
Christopher Judd: Monitor All Your Stuff with OpenTelemetry and AWS
AWS Chicago
 
Lena Taupier: Secure your App from bots and attacks with AWS WAF (Web Applica...
Lena Taupier: Secure your App from bots and attacks with AWS WAF (Web Applica...Lena Taupier: Secure your App from bots and attacks with AWS WAF (Web Applica...
Lena Taupier: Secure your App from bots and attacks with AWS WAF (Web Applica...
AWS Chicago
 
Rob Sable: Gen AI and Manufacfuring Community Day
Rob Sable: Gen AI and Manufacfuring Community DayRob Sable: Gen AI and Manufacfuring Community Day
Rob Sable: Gen AI and Manufacfuring Community Day
AWS Chicago
 

More from AWS Chicago (20)

David Michels: DevOps My AI at AWS Community Day Midwest 2024
David Michels: DevOps My AI at AWS Community Day Midwest 2024David Michels: DevOps My AI at AWS Community Day Midwest 2024
David Michels: DevOps My AI at AWS Community Day Midwest 2024
 
Girish Bhatia: 2024 CommunityDay AWS Lambda develop locally with SAM, Docker ...
Girish Bhatia: 2024 CommunityDay AWS Lambda develop locally with SAM, Docker ...Girish Bhatia: 2024 CommunityDay AWS Lambda develop locally with SAM, Docker ...
Girish Bhatia: 2024 CommunityDay AWS Lambda develop locally with SAM, Docker ...
 
Julia Furst Morgado Managing EKS Clusters at Scale using Blueprints and Infra...
Julia Furst Morgado	Managing EKS Clusters at Scale using Blueprints and Infra...Julia Furst Morgado	Managing EKS Clusters at Scale using Blueprints and Infra...
Julia Furst Morgado Managing EKS Clusters at Scale using Blueprints and Infra...
 
Max De Jong: Avoiding Common Pitfalls with Hosting Machine Learning Models
Max De Jong: Avoiding Common Pitfalls with Hosting Machine Learning ModelsMax De Jong: Avoiding Common Pitfalls with Hosting Machine Learning Models
Max De Jong: Avoiding Common Pitfalls with Hosting Machine Learning Models
 
Jason Butz Building Testable Serverless Applications with the Hexagonal Archi...
Jason Butz	Building Testable Serverless Applications with the Hexagonal Archi...Jason Butz	Building Testable Serverless Applications with the Hexagonal Archi...
Jason Butz Building Testable Serverless Applications with the Hexagonal Archi...
 
Muthukumaran Ardhanary AWS Datasync to migrate objects from on-prem to s3
Muthukumaran Ardhanary	AWS Datasync to migrate objects from on-prem to s3Muthukumaran Ardhanary	AWS Datasync to migrate objects from on-prem to s3
Muthukumaran Ardhanary AWS Datasync to migrate objects from on-prem to s3
 
Jeff Maruschek: How does RAG REALLY work?
Jeff Maruschek: How does RAG REALLY work?Jeff Maruschek: How does RAG REALLY work?
Jeff Maruschek: How does RAG REALLY work?
 
Jay Kahlon: Tagging Compliance The Tags are Coming!
Jay Kahlon: Tagging Compliance The Tags are Coming!Jay Kahlon: Tagging Compliance The Tags are Coming!
Jay Kahlon: Tagging Compliance The Tags are Coming!
 
Jason Wadsworth: Step Up Your SaaS Game: Serverless Orchestration and Automat...
Jason Wadsworth: Step Up Your SaaS Game: Serverless Orchestration and Automat...Jason Wadsworth: Step Up Your SaaS Game: Serverless Orchestration and Automat...
Jason Wadsworth: Step Up Your SaaS Game: Serverless Orchestration and Automat...
 
Drake Pocsatko: We have HOW many documents? We have HOW many Documents? Archi...
Drake Pocsatko: We have HOW many documents? We have HOW many Documents? Archi...Drake Pocsatko: We have HOW many documents? We have HOW many Documents? Archi...
Drake Pocsatko: We have HOW many documents? We have HOW many Documents? Archi...
 
Chris Ebert: Getting Started With Serverless Website Analytics.pdf
Chris Ebert: Getting Started With Serverless Website Analytics.pdfChris Ebert: Getting Started With Serverless Website Analytics.pdf
Chris Ebert: Getting Started With Serverless Website Analytics.pdf
 
Cameron Williams: Intelligent Document Processing for Artificial Intelligence
Cameron Williams: Intelligent Document Processing for Artificial IntelligenceCameron Williams: Intelligent Document Processing for Artificial Intelligence
Cameron Williams: Intelligent Document Processing for Artificial Intelligence
 
Brian Tarbox: S3 - Sophisticated Storage System
Brian Tarbox: S3 - Sophisticated Storage SystemBrian Tarbox: S3 - Sophisticated Storage System
Brian Tarbox: S3 - Sophisticated Storage System
 
Bob Eisenmann and Justin Ranta: Automated Application Delivery on AWS using G...
Bob Eisenmann and Justin Ranta: Automated Application Delivery on AWS using G...Bob Eisenmann and Justin Ranta: Automated Application Delivery on AWS using G...
Bob Eisenmann and Justin Ranta: Automated Application Delivery on AWS using G...
 
Mayur Runwal and Steven David: User desktops in AWS for low latency and grap...
Mayur Runwal and Steven David:  User desktops in AWS for low latency and grap...Mayur Runwal and Steven David:  User desktops in AWS for low latency and grap...
Mayur Runwal and Steven David: User desktops in AWS for low latency and grap...
 
Justin Wheeler How to Explain AWS to Non-Technical People
Justin Wheeler	How to Explain AWS to Non-Technical PeopleJustin Wheeler	How to Explain AWS to Non-Technical People
Justin Wheeler How to Explain AWS to Non-Technical People
 
Angelo Mandato: Learn about the benefits with examples how to create and main...
Angelo Mandato: Learn about the benefits with examples how to create and main...Angelo Mandato: Learn about the benefits with examples how to create and main...
Angelo Mandato: Learn about the benefits with examples how to create and main...
 
Christopher Judd: Monitor All Your Stuff with OpenTelemetry and AWS
Christopher Judd: Monitor All Your Stuff with OpenTelemetry and AWSChristopher Judd: Monitor All Your Stuff with OpenTelemetry and AWS
Christopher Judd: Monitor All Your Stuff with OpenTelemetry and AWS
 
Lena Taupier: Secure your App from bots and attacks with AWS WAF (Web Applica...
Lena Taupier: Secure your App from bots and attacks with AWS WAF (Web Applica...Lena Taupier: Secure your App from bots and attacks with AWS WAF (Web Applica...
Lena Taupier: Secure your App from bots and attacks with AWS WAF (Web Applica...
 
Rob Sable: Gen AI and Manufacfuring Community Day
Rob Sable: Gen AI and Manufacfuring Community DayRob Sable: Gen AI and Manufacfuring Community Day
Rob Sable: Gen AI and Manufacfuring Community Day
 

Recently uploaded

How RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptxHow RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptx
SynapseIndia
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
Neo4j
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
Shiv Technolabs
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
SynapseIndia
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
ArgaBisma
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
Safe Software
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Networks
 
Pigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending PlantPigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending Plant
LINUS PROJECTS (INDIA)
 
Applying Retrieval-Augmented Generation (RAG) to Combat Hallucinations in GenAI
Applying Retrieval-Augmented Generation (RAG) to Combat Hallucinations in GenAIApplying Retrieval-Augmented Generation (RAG) to Combat Hallucinations in GenAI
Applying Retrieval-Augmented Generation (RAG) to Combat Hallucinations in GenAI
ssuserd4e0d2
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Muhammad Ali
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
aslasdfmkhan4750
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
HackersList
 
Comparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdfComparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdf
Andrey Yasko
 
Choose our Linux Web Hosting for a seamless and successful online presence
Choose our Linux Web Hosting for a seamless and successful online presenceChoose our Linux Web Hosting for a seamless and successful online presence
Choose our Linux Web Hosting for a seamless and successful online presence
rajancomputerfbd
 
Password Rotation in 2024 is still Relevant
Password Rotation in 2024 is still RelevantPassword Rotation in 2024 is still Relevant
Password Rotation in 2024 is still Relevant
Bert Blevins
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
Emerging Tech
 
The Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdfThe Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdf
paysquare consultancy
 
Recent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS InfrastructureRecent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS Infrastructure
KAMAL CHOUDHARY
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
maigasapphire
 
Calgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptxCalgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptx
ishalveerrandhawa1
 

Recently uploaded (20)

How RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptxHow RPA Help in the Transportation and Logistics Industry.pptx
How RPA Help in the Transportation and Logistics Industry.pptx
 
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdfBT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
BT & Neo4j: Knowledge Graphs for Critical Enterprise Systems.pptx.pdf
 
The Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF GuideThe Role of IoT in Australian Mobile App Development - PDF Guide
The Role of IoT in Australian Mobile App Development - PDF Guide
 
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptxUse Cases & Benefits of RPA in Manufacturing in 2024.pptx
Use Cases & Benefits of RPA in Manufacturing in 2024.pptx
 
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdfWhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
WhatsApp Image 2024-03-27 at 08.19.52_bfd93109.pdf
 
Data Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining DataData Integration Basics: Merging & Joining Data
Data Integration Basics: Merging & Joining Data
 
IPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite SolutionIPLOOK Remote-Sensing Satellite Solution
IPLOOK Remote-Sensing Satellite Solution
 
Pigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending PlantPigging Unit Lubricant Oil Blending Plant
Pigging Unit Lubricant Oil Blending Plant
 
Applying Retrieval-Augmented Generation (RAG) to Combat Hallucinations in GenAI
Applying Retrieval-Augmented Generation (RAG) to Combat Hallucinations in GenAIApplying Retrieval-Augmented Generation (RAG) to Combat Hallucinations in GenAI
Applying Retrieval-Augmented Generation (RAG) to Combat Hallucinations in GenAI
 
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
Litestack talk at Brighton 2024 (Unleashing the power of SQLite for Ruby apps)
 
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
High Profile Girls Call ServiCe Hyderabad 0000000000 Tanisha Best High Class ...
 
How Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdfHow Social Media Hackers Help You to See Your Wife's Message.pdf
How Social Media Hackers Help You to See Your Wife's Message.pdf
 
Comparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdfComparison Table of DiskWarrior Alternatives.pdf
Comparison Table of DiskWarrior Alternatives.pdf
 
Choose our Linux Web Hosting for a seamless and successful online presence
Choose our Linux Web Hosting for a seamless and successful online presenceChoose our Linux Web Hosting for a seamless and successful online presence
Choose our Linux Web Hosting for a seamless and successful online presence
 
Password Rotation in 2024 is still Relevant
Password Rotation in 2024 is still RelevantPassword Rotation in 2024 is still Relevant
Password Rotation in 2024 is still Relevant
 
Implementations of Fused Deposition Modeling in real world
Implementations of Fused Deposition Modeling  in real worldImplementations of Fused Deposition Modeling  in real world
Implementations of Fused Deposition Modeling in real world
 
The Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdfThe Role of Technology in Payroll Statutory Compliance (1).pdf
The Role of Technology in Payroll Statutory Compliance (1).pdf
 
Recent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS InfrastructureRecent Advancements in the NIST-JARVIS Infrastructure
Recent Advancements in the NIST-JARVIS Infrastructure
 
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
Girls Call Churchgate 9910780858 Provide Best And Top Girl Service And No1 in...
 
Calgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptxCalgary MuleSoft Meetup APM and IDP .pptx
Calgary MuleSoft Meetup APM and IDP .pptx
 

Compliance Superpowers - Ben Blair, Chicago