by Eric Rose, Sr. Security Consultant, AWS
With a minimum security baseline in place, you can host data—which means data protection is required. In this session, we discuss defining an encryption strategy and selecting native AWS tools (AWS KMS, AWS CloudHSM) or third-party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
by Kristen Haught, Customer Outreach Manager, AWS
Security is the top priority at AWS, and whether you are a startup or an enterprise-level company, our compliance programs can help you demonstrate the effectiveness of this security to your customers. In this session, you will learn how to build your own compliance programs on AWS and how to show your customers evidence of this compliance. Bring both your business and technical hats as we dive into a cross-functional strategy that will accelerate your path to compliance on AWS and your business growth in regulated markets.
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
by Fritz Kunstler, Sr. Security Consultant, AWS
AWS Identity and Access Management (IAM) is first in the Security Perspective of the AWS Cloud Adoption Framework CAF because in the cloud, first you grant access and only then can you provision infrastructure (the opposite approach of on-premises). In this session, you will learn how to define fine-grained access to AWS resources via users, roles, and groups; design privileged user and multifactor authentication mechanisms; and operate IAM at scale.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
The Security Perspective of the AWS Cloud Adoption Framework provides a framework for maturation via a structured program that incorporates best practices and processes for define, build and optimize how you operate security controls in the AWS platform. The Security perspective of the CAF provides a set of 5 core foundational theme designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. During this session, we address how to put the Security Perspective of the CAF into practice and follow with an afternoon agenda that will dive deep in each of the individual core topics.
by Fritz Kunstler, Sr. Security Consultant, AWS
Put detective controls in place to have visibility into your deployments. In this session, you will learn about deployment visibility at the AWS platform, application, operating system, and network levels, as well as how to build monitoring solutions at scale to leverage AWS services that turn logging data into security insight.
In this session, you will learn about Amazon Macie, a new visibility security service that helps you classify and secure your sensitive and business-critical content. Macie uses machine learning to automatically discover, classify, and protect sensitive data in the AWS Cloud, and it recognizes sensitive data such as personally identifiable information (PII) and intellectual property. You also will learn about the available types of alerts (basic and predictive) and demonstrate how you can use Amazon CloudWatch Events, AWS Lambda, and Amazon SNS topics to automate remediation actions to unauthorized access and inadvertent data leaks.
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
by Steve Laino, GRC Consultant, AWS
The Security Perspective of the AWS Cloud Adoption Framework (CAF) provides a framework for maturation via a structured program that incorporates best practices and processes to define, build, and optimize how you operate security controls in the AWS Cloud. The Security Perspective of the CAF provides a set of five core foundational themes designed to help you structure your selection and implementation of controls that are right for your business: AWS Identity and Access Management, detective controls, infrastructure security, data protection, and incident response. During this session, you will learn how to put the Security Perspective of the CAF into practice.
After IAM you want to have Detective Controls in place to have visibility your deployments. In this session we’ll cover visibility at the AWS platform level, the application, Operating System and network levels and how to build monitoring solutions at scale leverage AWS services that turn logging data into security insight.
by Kristen Haught, Customer Outreach Manager, AWS
Security is the top priority at AWS, and whether you are a startup or an enterprise-level company, our compliance programs can help you demonstrate the effectiveness of this security to your customers. In this session, you will learn how to build your own compliance programs on AWS and how to show your customers evidence of this compliance. Bring both your business and technical hats as we dive into a cross-functional strategy that will accelerate your path to compliance on AWS and your business growth in regulated markets.
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
by Fritz Kunstler, Sr. Security Consultant, AWS
AWS Identity and Access Management (IAM) is first in the Security Perspective of the AWS Cloud Adoption Framework CAF because in the cloud, first you grant access and only then can you provision infrastructure (the opposite approach of on-premises). In this session, you will learn how to define fine-grained access to AWS resources via users, roles, and groups; design privileged user and multifactor authentication mechanisms; and operate IAM at scale.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
The Security Perspective of the AWS Cloud Adoption Framework provides a framework for maturation via a structured program that incorporates best practices and processes for define, build and optimize how you operate security controls in the AWS platform. The Security perspective of the CAF provides a set of 5 core foundational theme designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. During this session, we address how to put the Security Perspective of the CAF into practice and follow with an afternoon agenda that will dive deep in each of the individual core topics.
by Fritz Kunstler, Sr. Security Consultant, AWS
Put detective controls in place to have visibility into your deployments. In this session, you will learn about deployment visibility at the AWS platform, application, operating system, and network levels, as well as how to build monitoring solutions at scale to leverage AWS services that turn logging data into security insight.
In this session, you will learn about Amazon Macie, a new visibility security service that helps you classify and secure your sensitive and business-critical content. Macie uses machine learning to automatically discover, classify, and protect sensitive data in the AWS Cloud, and it recognizes sensitive data such as personally identifiable information (PII) and intellectual property. You also will learn about the available types of alerts (basic and predictive) and demonstrate how you can use Amazon CloudWatch Events, AWS Lambda, and Amazon SNS topics to automate remediation actions to unauthorized access and inadvertent data leaks.
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
by Steve Laino, GRC Consultant, AWS
The Security Perspective of the AWS Cloud Adoption Framework (CAF) provides a framework for maturation via a structured program that incorporates best practices and processes to define, build, and optimize how you operate security controls in the AWS Cloud. The Security Perspective of the CAF provides a set of five core foundational themes designed to help you structure your selection and implementation of controls that are right for your business: AWS Identity and Access Management, detective controls, infrastructure security, data protection, and incident response. During this session, you will learn how to put the Security Perspective of the CAF into practice.
After IAM you want to have Detective Controls in place to have visibility your deployments. In this session we’ll cover visibility at the AWS platform level, the application, Operating System and network levels and how to build monitoring solutions at scale leverage AWS services that turn logging data into security insight.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in source repositories, discuss SSH access and necessary SDKs, and more.
Identify and Access Management: The First Step in AWS SecurityAmazon Web Services
IAM is first in the Security CAF because in the cloud first you grant access and only then can you provision infrastructure (the opposite of on-prem). In this session we’ll cover how to define fine grained access to AWS resources via users, roles and groups; designing privileged user & multi-factor authentication mechanisms and how to operate IAM at scale.
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
IAM is first in the Security CAF because in the cloud first you grant access and only then can you provision infrastructure (the opposite of on-prem). In this session we’ll cover how to define fine grained access to AWS resources via users, roles and groups; designing privileged user & multi-factor authentication mechanisms and how to operate IAM at scale.
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
by Eric Rose, Sr. Security Consultant, AWS
After you have built and deployed a security infrastructure and automated key aspects of security operations, you should validate your work through an incident response simulation. In this session, you will learn about the best way to protect your logs; how and why to develop automated incident response capabilities via AWS tooling such as AWS Lambda; the importance of testing existing forensics tools to ensure efficacy in the cloud environment; and ways to test your plan early and often.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
by Bill Reid, Sr. Manager of Solutions Architecture, AWS
The Security Perspective of the AWS Cloud Adoption Framework (CAF) provides a framework for maturation via a structured program that incorporates best practices and processes to define, build, and optimize how you operate security controls in the AWS Cloud. The Security Perspective of the CAF provides a set of five core foundational themes designed to help you structure your selection and implementation of controls that are right for your business: AWS Identity and Access Management, detective controls, infrastructure security, data protection, and incident response. During this session, you will learn how to put the Security Perspective of the CAF into practice.
Staying Armed with AWS Cloud HSM and AWS WAF - AWS Public Sector Summit Singa...Amazon Web Services
<Technical Track>
Ankush Chowdhary, World Wide Public Sector, Head, Security Risk Compliance, Amazon Web Services
In the cloud, security is priority number one. In this session, you will learn how to run restricted workloads using AWS CloudHSM, a cloud-based hardware security module that enables you to easily generate and use your own encryption keys. Discover how to protect your web-based infrastructure from an advanced security threat such as distributed denial-of-service or layer 7 attack. Witness a demo on how to set up an AWS CloudHSM cluster across multiple availability zones. Build AWS WAF – a customizable firewall – with OWASP Top 10 2017 security controls with help from AWS CloudFormation.
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Amazon Web Services
by Daniele Stroppa, Technical Account Manager, AWS
As organizations move their workloads to the cloud, companies must take steps to protect and audit their private and confidential information. This session will focus on Amazon S3 best practices and using AWS Config rules and AWS CloudTrail Data Events to help better protect data residing within S3. The session will include a demonstration of how AWS Config and CloudTrail, in combination with other AWS services, can help with S3 governance and compliance requirements.
After IAM you want to have Detective Controls in place to have visibility into your deployments. In this session we’ll cover visibility at the AWS platform level, the application, Operating System and network levels and how to build monitoring solutions at scale leverage AWS services that turn logging data into security insight.
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWSAmazon Web Services
Security practitioners face new and evolving threats every day. BrightEdge needed to take a more proactive and efficient stance to monitor, investigate and triage threats, and maintain their security posture on the AWS Cloud. Splunk’s analytics-driven security solution made it easy for BrightEdge to gain visibility across their entire cloud environment to secure critical customer data and ensure compliance.
In this webinar, you’ll hear how BrightEdge gained the end-to-end visibility required to respond quickly and effectively to security threats using Splunk.
by Steve Laino, GRC Consultant, AWS
After AWS IAM and detective controls, the afternoon at AWS Security Week turns to infrastructure security, which means tuning AWS service configurations, AMI composition, and hardening other digital assets that will be deployed. You will learn how to define networking architecture (VPCs, subnets, security groups); how to develop hardened AMIs based on your requirements; the importance of defining Internet ingress and egress flows; and how to determine vulnerability management and operational maintenance cadence.
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
Once you have built and deployed security infrastructure and automated key aspects of security operations you should validate your work through an Incident Response simulation. In this session we discuss the best way to protect your logs; how and why to develop automated IR capabilities via AWS tooling (e.g. Lambda); the importance of testing existing forensics tools to ensure efficacy in cloud environment; and ways to test your plan early and often.
Whether you’re just beginning to explore cloud computing or adopting it at enterprise-scale, it is important to build security into your architecture. But gone are the days of manual security audits that slow down agile development. Your modern continuous integration and continuous delivery architecture demands continuous security that doesn’t hinder DevOps. In this session, we’ll share tips to help your organization embrace DevSecOps. Presented by RedLock.
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
Once you have built and deployed security infrastructure and automated key aspects of security operations you should validate your work through an Incident Response simulation. In this session we discuss the best way to protect your logs; how and why to develop automated IR capabilities via AWS tooling (e.g. Lambda); the importance of testing existing forensics tools to ensure efficacy in cloud environment; and ways to test your plan early and often.
After IAM and Detective Controls you’ll turn to Infrastructure Security, which means tuning AWS Service configurations, AMI composition, and hardening other digital assets that will be deployed. We will cover how to define networking architecture (e.g. VPC, subnets, security groups); how to develop hardened AMIs based on your requirements; the importance of defining Internet ingress and egress flows, and how to determine Vulnerability Management and operational maintenance cadence.
The Future of Securing Access Controls in Information SecurityAmazon Web Services
by Tim Kropp and Greg Frascadore from Bridgewater Associates
Identity Access and Management is a critical information security control used by companies of all shapes and sizes. Tim Kropp and Greg Frascadore from Bridgewater Associates worked with the Automated Reasoning Group (ARG) within AWS to drive innovation in automating, scaling, and future-proofing access controls. Join us to hear how Bridgewater Associates and AWS are leading the future of securing policies through a mathematics based methodology called formal reasoning.
by Leo Zhadanovsky, Principal Solutions Architect, AWS
Amazon EC2 Systems Manager is a management service that helps you securely and safely manage instances at scale, automatically collect software inventory, apply operating system patches, create system images, and configure Windows and Linux operating systems. These capabilities help you define and track system configurations, prevent drift, and maintain software compliance of your Amazon EC2 and on-premises configurations. By providing a management approach that is designed for the scale and agility of the cloud but extends into your on-premises data center, Systems Manager makes it easier for you to seamlessly bridge your existing infrastructure with AWS.
AWS offers customers multiple solutions for federating identities on the AWS Cloud. In this session, we will embark on a tour of these solutions and the use cases they support. Along the way, we will dive deep with demonstrations and best practices to help you be successful managing identities on the AWS Cloud. We will cover how and when to use Security Assertion Markup Language 2.0 (SAML), OpenID Connect (OIDC), and other AWS native federation mechanisms. You will learn how these solutions enable federated access to the AWS Management Console, APIs, and CLI, AWS Infrastructure and Managed Services, your web and mobile applications running on the AWS Cloud, and much more.
by Brad Dispensa, Sr. Solutions Architect, AWS
At AWS, security is job zero and we have architected our infrastructure for the most data-sensitive organizations in the world. In this session, we will cover our Shared Responsibility Model in relation to Security and our Compliance Program, and what that means for our customers when using our suite of storage services.
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in source repositories, discuss SSH access and necessary SDKs, and more.
Identify and Access Management: The First Step in AWS SecurityAmazon Web Services
IAM is first in the Security CAF because in the cloud first you grant access and only then can you provision infrastructure (the opposite of on-prem). In this session we’ll cover how to define fine grained access to AWS resources via users, roles and groups; designing privileged user & multi-factor authentication mechanisms and how to operate IAM at scale.
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
IAM is first in the Security CAF because in the cloud first you grant access and only then can you provision infrastructure (the opposite of on-prem). In this session we’ll cover how to define fine grained access to AWS resources via users, roles and groups; designing privileged user & multi-factor authentication mechanisms and how to operate IAM at scale.
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
by Eric Rose, Sr. Security Consultant, AWS
After you have built and deployed a security infrastructure and automated key aspects of security operations, you should validate your work through an incident response simulation. In this session, you will learn about the best way to protect your logs; how and why to develop automated incident response capabilities via AWS tooling such as AWS Lambda; the importance of testing existing forensics tools to ensure efficacy in the cloud environment; and ways to test your plan early and often.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
by Bill Reid, Sr. Manager of Solutions Architecture, AWS
The Security Perspective of the AWS Cloud Adoption Framework (CAF) provides a framework for maturation via a structured program that incorporates best practices and processes to define, build, and optimize how you operate security controls in the AWS Cloud. The Security Perspective of the CAF provides a set of five core foundational themes designed to help you structure your selection and implementation of controls that are right for your business: AWS Identity and Access Management, detective controls, infrastructure security, data protection, and incident response. During this session, you will learn how to put the Security Perspective of the CAF into practice.
Staying Armed with AWS Cloud HSM and AWS WAF - AWS Public Sector Summit Singa...Amazon Web Services
<Technical Track>
Ankush Chowdhary, World Wide Public Sector, Head, Security Risk Compliance, Amazon Web Services
In the cloud, security is priority number one. In this session, you will learn how to run restricted workloads using AWS CloudHSM, a cloud-based hardware security module that enables you to easily generate and use your own encryption keys. Discover how to protect your web-based infrastructure from an advanced security threat such as distributed denial-of-service or layer 7 attack. Witness a demo on how to set up an AWS CloudHSM cluster across multiple availability zones. Build AWS WAF – a customizable firewall – with OWASP Top 10 2017 security controls with help from AWS CloudFormation.
Using AWS CloudTrail and AWS Config to Enhance the Governance and Compliance ...Amazon Web Services
by Daniele Stroppa, Technical Account Manager, AWS
As organizations move their workloads to the cloud, companies must take steps to protect and audit their private and confidential information. This session will focus on Amazon S3 best practices and using AWS Config rules and AWS CloudTrail Data Events to help better protect data residing within S3. The session will include a demonstration of how AWS Config and CloudTrail, in combination with other AWS services, can help with S3 governance and compliance requirements.
After IAM you want to have Detective Controls in place to have visibility into your deployments. In this session we’ll cover visibility at the AWS platform level, the application, Operating System and network levels and how to build monitoring solutions at scale leverage AWS services that turn logging data into security insight.
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWSAmazon Web Services
Security practitioners face new and evolving threats every day. BrightEdge needed to take a more proactive and efficient stance to monitor, investigate and triage threats, and maintain their security posture on the AWS Cloud. Splunk’s analytics-driven security solution made it easy for BrightEdge to gain visibility across their entire cloud environment to secure critical customer data and ensure compliance.
In this webinar, you’ll hear how BrightEdge gained the end-to-end visibility required to respond quickly and effectively to security threats using Splunk.
by Steve Laino, GRC Consultant, AWS
After AWS IAM and detective controls, the afternoon at AWS Security Week turns to infrastructure security, which means tuning AWS service configurations, AMI composition, and hardening other digital assets that will be deployed. You will learn how to define networking architecture (VPCs, subnets, security groups); how to develop hardened AMIs based on your requirements; the importance of defining Internet ingress and egress flows; and how to determine vulnerability management and operational maintenance cadence.
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
Once you have built and deployed security infrastructure and automated key aspects of security operations you should validate your work through an Incident Response simulation. In this session we discuss the best way to protect your logs; how and why to develop automated IR capabilities via AWS tooling (e.g. Lambda); the importance of testing existing forensics tools to ensure efficacy in cloud environment; and ways to test your plan early and often.
Whether you’re just beginning to explore cloud computing or adopting it at enterprise-scale, it is important to build security into your architecture. But gone are the days of manual security audits that slow down agile development. Your modern continuous integration and continuous delivery architecture demands continuous security that doesn’t hinder DevOps. In this session, we’ll share tips to help your organization embrace DevSecOps. Presented by RedLock.
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
Once you have built and deployed security infrastructure and automated key aspects of security operations you should validate your work through an Incident Response simulation. In this session we discuss the best way to protect your logs; how and why to develop automated IR capabilities via AWS tooling (e.g. Lambda); the importance of testing existing forensics tools to ensure efficacy in cloud environment; and ways to test your plan early and often.
After IAM and Detective Controls you’ll turn to Infrastructure Security, which means tuning AWS Service configurations, AMI composition, and hardening other digital assets that will be deployed. We will cover how to define networking architecture (e.g. VPC, subnets, security groups); how to develop hardened AMIs based on your requirements; the importance of defining Internet ingress and egress flows, and how to determine Vulnerability Management and operational maintenance cadence.
The Future of Securing Access Controls in Information SecurityAmazon Web Services
by Tim Kropp and Greg Frascadore from Bridgewater Associates
Identity Access and Management is a critical information security control used by companies of all shapes and sizes. Tim Kropp and Greg Frascadore from Bridgewater Associates worked with the Automated Reasoning Group (ARG) within AWS to drive innovation in automating, scaling, and future-proofing access controls. Join us to hear how Bridgewater Associates and AWS are leading the future of securing policies through a mathematics based methodology called formal reasoning.
by Leo Zhadanovsky, Principal Solutions Architect, AWS
Amazon EC2 Systems Manager is a management service that helps you securely and safely manage instances at scale, automatically collect software inventory, apply operating system patches, create system images, and configure Windows and Linux operating systems. These capabilities help you define and track system configurations, prevent drift, and maintain software compliance of your Amazon EC2 and on-premises configurations. By providing a management approach that is designed for the scale and agility of the cloud but extends into your on-premises data center, Systems Manager makes it easier for you to seamlessly bridge your existing infrastructure with AWS.
AWS offers customers multiple solutions for federating identities on the AWS Cloud. In this session, we will embark on a tour of these solutions and the use cases they support. Along the way, we will dive deep with demonstrations and best practices to help you be successful managing identities on the AWS Cloud. We will cover how and when to use Security Assertion Markup Language 2.0 (SAML), OpenID Connect (OIDC), and other AWS native federation mechanisms. You will learn how these solutions enable federated access to the AWS Management Console, APIs, and CLI, AWS Infrastructure and Managed Services, your web and mobile applications running on the AWS Cloud, and much more.
by Brad Dispensa, Sr. Solutions Architect, AWS
At AWS, security is job zero and we have architected our infrastructure for the most data-sensitive organizations in the world. In this session, we will cover our Shared Responsibility Model in relation to Security and our Compliance Program, and what that means for our customers when using our suite of storage services.
With a minimum security baseline in place, you’re now ready to host data—which means Data Protection is required. Here we will discuss defining encryption strategy and selecting native AWS (KMS, CloudHSM) or third party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Collecting, maintaining, and analyzing data is key to keeping pace within any industry today. In addition to being a critical competitive asset, maintaining corporate data requires careful foundational planning to ensure that the data is secure at all stages. Your big data may include not only proprietary non-public information, but also controlled data that must adhere to regulations such as HIPAA or ITAR. Securing this data while maintaining access for authorized data analytics and reporting workloads can pose significant challenges. In this talk, you’ll learn about strategies leveraging tools such as AWS Identity and Access Management (IAM), AWS Key Management Service (KMS) , Amazon S3, and Amazon EMR to secure your big data workloads in the cloud.
Level: 200
Speaker: Hannah Marlowe - Consultant, Federal, WWPS Professional Services
(SEC301) Strategies for Protecting Data Using Encryption in AWSAmazon Web Services
Protecting sensitive data in the cloud typically requires encryption. Managing the keys used for encryption can be challenging as your sensitive data passes between services and applications. AWS offers several options for using encryption and managing keys to help simplify the protection of your data at rest. This session will help you understand which features are available and how to use them, with emphasis on AWS Key Management Service and AWS CloudHSM. Adobe Systems Incorporated will present their experience using AWS encryption services to solve data security needs.
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAmazon Web Services
How do you protect your private information and customer PII in the cloud when you don’t control all the hardware or software components that might access that information? AWS allows you to offload many management and data-handling tasks, but how do you evaluate the risks to your data as it passes through these services? AWS offers many options for using encryption to protect your data in transit and at rest. A variety of features let you determine how much control you want over your encryption keys in order to meet your security goals. This webinar will help you understand which AWS encryption features are available, when to use them, and how to integrate them in your workloads. In this webinar, you will learn:
• Learn how to think about using encryption to protect your private information in the cloud • Learn how to evaluate key management architectures to determine whether they meet your needs • Learn how to use AWS encryption features to accomplish your data security goals
Who Should Attend: • Developers, DevOps Engineers, and IT Security Administrators
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAmazon Web Services
How do you protect your private information and customer PII in the cloud when you don’t control all the hardware or software components that might access that information? AWS allows you to offload many management and data-handling tasks, but how do you evaluate the risks to your data as it passes through these services? AWS offers many options for using encryption to protect your data in transit and at rest. A variety of features let you determine how much control you want over your encryption keys in order to meet your security goals. This webinar will help you understand which AWS encryption features are available, when to use them, and how to integrate them in your workloads. In this webinar, you will learn:
• Learn how to think about using encryption to protect your private information in the cloud • Learn how to evaluate key management architectures to determine whether they meet your needs • Learn how to use AWS encryption features to accomplish your data security goals.
Who Should Attend: • Developers, DevOps Engineers, and IT Security Administrators
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss Key Management Service, S3, access controls, and database platform security features.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss Key Management Service, S3, access controls, and database platform security features.
With a minimum security baseline in place, you can host data—which means data protection is required. In this session, we discuss defining an encryption strategy and selecting native AWS tools (AWS KMS, AWS CloudHSM) or third-party tools; defining key rotation and key protection mechanisms; and defining data at rest and data in transit protection requirements.
Speaker: Nathan Case - Sr. Solutions Architect, AWS
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
For customers with hundreds or thousands of secrets, like database credentials and API keys, manually rotating and managing access to those secrets can be complex and cause application disruptions. AWS Secrets Manager protects access to your IT resources by enabling you to easily and centrally rotate and manage access to secrets. In this session, we explore the benefits and key features of Secrets Manager. We demonstrate how to safely rotate secrets, manage access to secrets with fine-grained access policies, and centrally secure and audit your secrets.
Similar to Data Protection in Transit and at Rest (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.