The document discusses how AWS can help customers achieve compliance with the General Data Protection Regulation (GDPR). It provides an overview of the GDPR, what it regulates, and potential consequences for non-compliance. It then outlines specific AWS services, tools, and features that can help customers implement appropriate technical and organizational measures for security, encryption, access control, monitoring, and logging as required by the GDPR. The document emphasizes that GDPR compliance is a shared responsibility between AWS as the processor and customers as controllers.
Foundations - Understanding the Critical Building Blocks of AWS Identity & Go...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop. Level 200
by Michael St. Onge, Global Cloud Security Architect, AWS
Responding to an incident requires that you’re aware that an incident exists. To be aware that an incident exists, you have to know where to look and what to look for. In this session, you will learn the tools and techniques to take in the breadth of visibility that AWS offers to your environment as well as some ideas on how to inspect events of interest and identify indicators of compromise. Level 200
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...Amazon Web Services
by Quint Van Deman, Sr. Business Development Manager, AWS
Across the AWS customer base there's a wide spectrum of experience levels. In this session, we'll dive deep into a number of advanced patterns that some of our most advanced customers are using to make themselves successful. By equipping you with these deep learnings, you'll be able to raise the bar within your organization, allowing you to achieve greater levels of control, speed, and visibility at a greatly accelerated pace. Level 400
by Nathan Case, Sr. Consultant, AWS
Insider threat detection! How do we use AWS products to find an insider threat. We will cover Macie, GuardDuty and lambda to review a production account actions and remediate findings as they arise . We will also cover the utilization of CloudWatch to unify our finds into a single pane of glass. Level 400
Responding to an incident requires that you’re aware that an incident exists. To be aware that an incident exists, you have to know where to look and what to look for. In this session, you will learn the tools and techniques to take in the breadth of visibility that AWS offers to your environment as well as some ideas on how to inspect events of interest and identify indicators of compromise.
DevSecOps is the premise that everyone in the software development lifecycle is responsible for security. DevSecOps aims to embed security in every part of the development process. In this *workshop*, participants explore taking a standard CI/CD pipeline and adding security stages to improve security posture. Learn how to use AWS CodeCommit and AWS CodePipeline to build and publish golden AMI images. Also, learn how to modify pipeline flow to add security test cases. You also have to opportunity to perform CVE analysis and code analysis using Amazon Inspector and perform observational container analysis using Amazon GuardDuty.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments. Level 200
Foundations - Understanding the Critical Building Blocks of AWS Identity & Go...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop. Level 200
by Michael St. Onge, Global Cloud Security Architect, AWS
Responding to an incident requires that you’re aware that an incident exists. To be aware that an incident exists, you have to know where to look and what to look for. In this session, you will learn the tools and techniques to take in the breadth of visibility that AWS offers to your environment as well as some ideas on how to inspect events of interest and identify indicators of compromise. Level 200
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...Amazon Web Services
by Quint Van Deman, Sr. Business Development Manager, AWS
Across the AWS customer base there's a wide spectrum of experience levels. In this session, we'll dive deep into a number of advanced patterns that some of our most advanced customers are using to make themselves successful. By equipping you with these deep learnings, you'll be able to raise the bar within your organization, allowing you to achieve greater levels of control, speed, and visibility at a greatly accelerated pace. Level 400
by Nathan Case, Sr. Consultant, AWS
Insider threat detection! How do we use AWS products to find an insider threat. We will cover Macie, GuardDuty and lambda to review a production account actions and remediate findings as they arise . We will also cover the utilization of CloudWatch to unify our finds into a single pane of glass. Level 400
Responding to an incident requires that you’re aware that an incident exists. To be aware that an incident exists, you have to know where to look and what to look for. In this session, you will learn the tools and techniques to take in the breadth of visibility that AWS offers to your environment as well as some ideas on how to inspect events of interest and identify indicators of compromise.
DevSecOps is the premise that everyone in the software development lifecycle is responsible for security. DevSecOps aims to embed security in every part of the development process. In this *workshop*, participants explore taking a standard CI/CD pipeline and adding security stages to improve security posture. Learn how to use AWS CodeCommit and AWS CodePipeline to build and publish golden AMI images. Also, learn how to modify pipeline flow to add security test cases. You also have to opportunity to perform CVE analysis and code analysis using Amazon Inspector and perform observational container analysis using Amazon GuardDuty.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments. Level 200
by Michael St. Onge, Global Cloud Security Architect, AWS
Events are precursor to incidents, but how do you decide if an event is harmful? Tuning the signal to noise means that every event needs to be inspected and its impact calculated in as short amount of time as possible to stop bad things from happening. In this session, we will dive deep into a few event types to do advanced analysis in pursuit of deciding if it is a security incident, and how to resolve it by the time the alert hits your inbox.
In this webinar, you'll learn how to create security workspaces for multiple teams through your AWS account. Discover how IAM works and find out how it integrates with AWS services. In addition, learn how AWS Config rules and AWS Cloud Trial can help you identify and rectify misconfiguration issues quickly and effectively.
How to Implement a Well-Architected Security Solution.pdfAmazon Web Services
Securing your workload in alignment with best practices is necessary to protect information, systems and assets while delivering business value through risk assessments and mitigation strategies. In this tech talk, we’ll walk you through how to secure your workload using AWS Identity & Access Management, AWS CloudTrail, Amazon GuardDuty and AWS Config services.
Let's spend some time prepping for the GuardDuty lab and set everyone up with Amazon account credits. Then we will do a short warm up lab that builds out a real-time serverless dashboard for monitoring account activity using a number of different services. Level 200
La sicurezza nel cloud, per AWS, è una priorità. I clienti che scelgono di utilizzare i servizi AWS traggono vantaggio da un'architettura di data center e di rete progettata per soddisfare i requisiti delle organizzazioni più esigenti a livello di sicurezza.Durante questa sessione vedremo quali sono gli strumenti che AWS mette a disposizione dei propri clienti per rendere le proprie applicazioni e i propri dati sicuri.
Customers using AWS benefit from a multitude of security and compliance controls built into AWS solutions. In this session, you will learn how to take advantage of the advanced security features of AWS to gain the visibility, agility, and control that the cloud affords users over legacy environments. We will take a look at several reference architectures for common workloads and highlight the innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the Shared Responsibility Model and ways you can inherit security controls from the rich compliance and accreditation programs maintained by AWS.
Matt Johnson, Solutions Architect, AWS
Security by design examines a wide range of issues, such as: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. This standardized, automated, prescriptive and repeatable design can be deployed for common use cases, security standards and audit requirements across multiple industries and workloads.
by Nathan Case, Sr. Consultant, AWS
Responding to an incident requires that you’re aware that an incident exists. To be aware that an incident exists, you have to know where to look and what to look for. In this session, you will learn the tools and techniques to take in the breadth of visibility that AWS offers to your environment as well as some ideas on how to inspect events of interest and identify indicators of compromise.
The General Data Protection Regulation (GDPR) becomes enforceable on May 25, 2018. Complying with GDPR can be challenging, but AWS can guide you through the process. This webinar is hosted by a GDPR compliance expert who will explain the automation mechanisms AWS offers its customers to help with their compliance programs. Specific GDPR articles will be matched to tooling, so knowledge of both will be helpful in understanding the material. A Q&A will follow.
AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...Brian Andrzejewski
AWS CloudTrail helps you discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. In this session, you learn about the AWS CloudTrail service and its value for security operations. The session dives deep into sources of data enrichment and reviews how to leverage AWS CloudTrail as part of your security operations and incident response procedures.
YouTube: https://www.youtube.com/watch?v=Tr78kq-Oa70
GDPR - Top 10 AWS Security and Compliance Best PracticesAhmad Khan
AWS Cloud GDPR challenges solved, this webinar (see our youtube channel). We show you exactly which Articles you need to worry about and how to address the data security using automation and top 10 best practices to implement step by step.
by Bill Reid, Sr. Manager of Solutions Architecture, AWS
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs.
by Quint Van Deman, Sr. Business Development Manager, AWS
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. Amazon Cognito scales to millions of users and supports sign-in.
The EU’s General Data Protection Regulation (GDPR) introduces mandatory requirements for data controllers and processors. Join this webinar to learn more about the AWS Shared Responsibility Model in the context of the GDPR. Find how AWS services can help you realise data protection by design principles under the GDPR.
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...Amazon Web Services
Warden is a homegrown compliance engine used at Discover that leverages AWS native service, such as AWS Lambda, AWS CloudTrail, Amazon S3, Amazon CloudWatch, and Amazon SNS. In this session, discover how Warden empowers Discover employees to deploy AWS resources that meet Discover’s rigorous information security requirements through automated guardrails and near-real-time configuration monitoring, in addition to configuration self-healing and auto-remediation of noncompliant resources.
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Insider Threat detection! Working on active systems! How can you find a threat in a current, and realistic production environment. Just like yours. Different ways to find signals in the noise. Bring your questions and logs to discuss.
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019 Amazon Web Services
In agile and elastic environments, having real-time visibility into instances and ensuring that they are secure and compliant is critical. Solutions must work with your DevOps tools to provide visibility without slowing down your release cadence. In this session, Qualys shares how you can implement an AWS golden AMI pipeline that is integrated with Qualys to assess your AMIs and monitor the instances for changes in production. Learn how Ancestry uses Qualys in its CI/CD pipeline to secure its applications and track-approved AMIs. Using Qualys, Ancestry was able to reduce the vulnerabilities in its application deployments by 80 percent in a few months.
Monitoring and administrating privilegeMonitoring and administrating privileg...Amazon Web Services
A key security consideration for the enterprise is monitoring and administrating privileged access for business-critical applications that are running on the AWS Cloud. Join Saviynt in this session and learn how to request, fulfill, certify, and govern privileged assets in the cloud with Saviynt’s Cloud privileged access management (PAM) solution. Saviynt covers best practices and the benefits of securing privileged access in the cloud, ranging from the AWS Management Console to elastic workloads. This session helps you understand why privileged access is a cornerstone of best practices and compliance for cloud security.
This session will review how to secure your enterprise adoption of AWS at scale. At AWS security is job zero and at the heart of everything we build. This session will review the patterns of usage for AWS Identity and Access Management, AWS Key Management Service, AWS CloudTrail, AWS Config, Amazon GuardDuty AWS Systems Manager Parameter Store, Amazon EC2 Run Command, AWS Single Sign-On, AWS WAF, AWS Shield, and AWS Service Catalog to an create end-to-end security approach for your AWS cloud adoption. You will gain insight how these AWS services come together to increase your security posture in ways that are unique to AWS workloads.
Accelerate your Cloud journey with security and compliance by design - Margo ...Net4All
What is the GDPR, and what does it imply ? How can AWS help customers achieve GDPR compliance ?
Margo Cronin, Cloud Architect for Amazon Web Services, answers these questions to ease your mind about security on AWS !
Cloud Security Day - May 17th, 2018
by Michael St. Onge, Global Cloud Security Architect, AWS
Events are precursor to incidents, but how do you decide if an event is harmful? Tuning the signal to noise means that every event needs to be inspected and its impact calculated in as short amount of time as possible to stop bad things from happening. In this session, we will dive deep into a few event types to do advanced analysis in pursuit of deciding if it is a security incident, and how to resolve it by the time the alert hits your inbox.
In this webinar, you'll learn how to create security workspaces for multiple teams through your AWS account. Discover how IAM works and find out how it integrates with AWS services. In addition, learn how AWS Config rules and AWS Cloud Trial can help you identify and rectify misconfiguration issues quickly and effectively.
How to Implement a Well-Architected Security Solution.pdfAmazon Web Services
Securing your workload in alignment with best practices is necessary to protect information, systems and assets while delivering business value through risk assessments and mitigation strategies. In this tech talk, we’ll walk you through how to secure your workload using AWS Identity & Access Management, AWS CloudTrail, Amazon GuardDuty and AWS Config services.
Let's spend some time prepping for the GuardDuty lab and set everyone up with Amazon account credits. Then we will do a short warm up lab that builds out a real-time serverless dashboard for monitoring account activity using a number of different services. Level 200
La sicurezza nel cloud, per AWS, è una priorità. I clienti che scelgono di utilizzare i servizi AWS traggono vantaggio da un'architettura di data center e di rete progettata per soddisfare i requisiti delle organizzazioni più esigenti a livello di sicurezza.Durante questa sessione vedremo quali sono gli strumenti che AWS mette a disposizione dei propri clienti per rendere le proprie applicazioni e i propri dati sicuri.
Customers using AWS benefit from a multitude of security and compliance controls built into AWS solutions. In this session, you will learn how to take advantage of the advanced security features of AWS to gain the visibility, agility, and control that the cloud affords users over legacy environments. We will take a look at several reference architectures for common workloads and highlight the innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the Shared Responsibility Model and ways you can inherit security controls from the rich compliance and accreditation programs maintained by AWS.
Matt Johnson, Solutions Architect, AWS
Security by design examines a wide range of issues, such as: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. This standardized, automated, prescriptive and repeatable design can be deployed for common use cases, security standards and audit requirements across multiple industries and workloads.
by Nathan Case, Sr. Consultant, AWS
Responding to an incident requires that you’re aware that an incident exists. To be aware that an incident exists, you have to know where to look and what to look for. In this session, you will learn the tools and techniques to take in the breadth of visibility that AWS offers to your environment as well as some ideas on how to inspect events of interest and identify indicators of compromise.
The General Data Protection Regulation (GDPR) becomes enforceable on May 25, 2018. Complying with GDPR can be challenging, but AWS can guide you through the process. This webinar is hosted by a GDPR compliance expert who will explain the automation mechanisms AWS offers its customers to help with their compliance programs. Specific GDPR articles will be matched to tooling, so knowledge of both will be helpful in understanding the material. A Q&A will follow.
AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...Brian Andrzejewski
AWS CloudTrail helps you discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. In this session, you learn about the AWS CloudTrail service and its value for security operations. The session dives deep into sources of data enrichment and reviews how to leverage AWS CloudTrail as part of your security operations and incident response procedures.
YouTube: https://www.youtube.com/watch?v=Tr78kq-Oa70
GDPR - Top 10 AWS Security and Compliance Best PracticesAhmad Khan
AWS Cloud GDPR challenges solved, this webinar (see our youtube channel). We show you exactly which Articles you need to worry about and how to address the data security using automation and top 10 best practices to implement step by step.
by Bill Reid, Sr. Manager of Solutions Architecture, AWS
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs.
by Quint Van Deman, Sr. Business Development Manager, AWS
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. Amazon Cognito scales to millions of users and supports sign-in.
The EU’s General Data Protection Regulation (GDPR) introduces mandatory requirements for data controllers and processors. Join this webinar to learn more about the AWS Shared Responsibility Model in the context of the GDPR. Find how AWS services can help you realise data protection by design principles under the GDPR.
Serverless remediation in Financial Services: A custom tool - SEP311 - AWS re...Amazon Web Services
Warden is a homegrown compliance engine used at Discover that leverages AWS native service, such as AWS Lambda, AWS CloudTrail, Amazon S3, Amazon CloudWatch, and Amazon SNS. In this session, discover how Warden empowers Discover employees to deploy AWS resources that meet Discover’s rigorous information security requirements through automated guardrails and near-real-time configuration monitoring, in addition to configuration self-healing and auto-remediation of noncompliant resources.
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Insider Threat detection! Working on active systems! How can you find a threat in a current, and realistic production environment. Just like yours. Different ways to find signals in the noise. Bring your questions and logs to discuss.
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019 Amazon Web Services
In agile and elastic environments, having real-time visibility into instances and ensuring that they are secure and compliant is critical. Solutions must work with your DevOps tools to provide visibility without slowing down your release cadence. In this session, Qualys shares how you can implement an AWS golden AMI pipeline that is integrated with Qualys to assess your AMIs and monitor the instances for changes in production. Learn how Ancestry uses Qualys in its CI/CD pipeline to secure its applications and track-approved AMIs. Using Qualys, Ancestry was able to reduce the vulnerabilities in its application deployments by 80 percent in a few months.
Monitoring and administrating privilegeMonitoring and administrating privileg...Amazon Web Services
A key security consideration for the enterprise is monitoring and administrating privileged access for business-critical applications that are running on the AWS Cloud. Join Saviynt in this session and learn how to request, fulfill, certify, and govern privileged assets in the cloud with Saviynt’s Cloud privileged access management (PAM) solution. Saviynt covers best practices and the benefits of securing privileged access in the cloud, ranging from the AWS Management Console to elastic workloads. This session helps you understand why privileged access is a cornerstone of best practices and compliance for cloud security.
This session will review how to secure your enterprise adoption of AWS at scale. At AWS security is job zero and at the heart of everything we build. This session will review the patterns of usage for AWS Identity and Access Management, AWS Key Management Service, AWS CloudTrail, AWS Config, Amazon GuardDuty AWS Systems Manager Parameter Store, Amazon EC2 Run Command, AWS Single Sign-On, AWS WAF, AWS Shield, and AWS Service Catalog to an create end-to-end security approach for your AWS cloud adoption. You will gain insight how these AWS services come together to increase your security posture in ways that are unique to AWS workloads.
Accelerate your Cloud journey with security and compliance by design - Margo ...Net4All
What is the GDPR, and what does it imply ? How can AWS help customers achieve GDPR compliance ?
Margo Cronin, Cloud Architect for Amazon Web Services, answers these questions to ease your mind about security on AWS !
Cloud Security Day - May 17th, 2018
AWS per la semplificazione del percorso di conformità al GDPRAmazon Web Services
"Il Regolamento generale sulla protezione dei dati (GDPR) dell'Unione Europea tutela il diritto fondamentale alla privacy e alla protezione dei dati personali dei cittadini dell'Unione europea. Esso costituisce una grande opportunità ed una grande sfida, specie per la PA, perché introduce requisiti rigorosi che definiscono e armonizzano nuovi standard in materia di compliance, sicurezza e protezione dei dati.
L’obiettivo di questa sessione è quello di esplorare le misure tecniche ed organizzative (TOM) indicate dal regolamento e di illustrare come AWS può aiutare i titolari ed i responsabili del trattamento dei dati all’interno delle organizzazioni nel loro percorso di conformità al GDPR."
Navigating GDPR Compliance on AWS & Data Regulations in ChinaAmazon Web Services
As the most stringent privacy regulation ever enacted, compliance with the General Data Protection Regulation (GDPR) has enterprise customers assessing their current mechanisms for deletion, PII detection, and customer consent. While on-prem, hybrid, and all-in environments involve different challenges, the AWS cloud offers services and features that are consistent with GDPR considerations, including encryption, pseudonymisation, confidentiality, resilience, and availability. In this webinar we’ll walk customers through potential GDPR obligations as well as the specific tooling and benchmarking that should be considered in the ramp-up to the May 25th, 2018 enforcement date. Also, we will top it up with data regulations in China you should be on the lookout for.
The General Data Protection Regulation (GDPR) takes effect May 25, 2018. Complying with GDPR can be challenging, but AWS can guide you through the process. In this session we explain the automation mechanisms AWS offers its customers to help with their compliance programs. Specific GDPR articles are matched to tooling, so knowledge of both is helpful in understanding the material.
The General Data Protection Regulation (GDPR) comes into force on May 25, 2018. Complying with GDPR can be challenging, but AWS can guide you through the process. In this session, we'll explain the automation mechanisms AWS offers its customers to help with their compliance programs. Specific GDPR articles will be matched to tooling, so knowledge of both will be helpful in understanding the material.
Essere conformi al GDPR, il regolamento generale sulla protezione dei dati personali entrato in vigore il 25 maggio 2018, può risultare complicato ma AWS ha gli strumenti per guidarti attraverso tutto il processo. In questa sessione approfondiremo i meccanismi di automazione che AWS offre ai propri clienti per aiutarli nell'implementazione dei propri programmi di sicurezza e privacy e vedremo quali sono gli strumenti specifici messi a disposizione da AWS per indirizzare alcuni requisiti del GDPR.
Navigating GDPR Compliance on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Learn about General Data Protection Regulation (GDPR)
- Learn how AWS supports your journey to GDPR compliance
- Examples of how the GDPR articles may map to your own business activities
GDPR: Raising the Bar for Security & Compliance Across the EUAmazon Web Services
The European Union’s General Data Protection Regulation (GDPR) protects European Union citizens’ fundamental right to privacy and the protection of personal data. It introduces robust requirements that will raise and harmonize standards for data protection, security, and compliance. Come learn how to work with AWS to build your security and data protection strategy, and how to transform the way your organisation processes data. In this session, we will examine GDPR as the baseline for data protection, with the belief that organisations should aim higher. The cloud makes this a realistic goal.
Security & Compliance are very important for most businesses. Learn how AWS enables you to securely use the cloud for you most vital business applications and how you can ensure that you are compliant with a large set of security standards and government regulations like GDPR.
La seguridad en la nube de AWS es la mayor prioridad. Como cliente de AWS, se beneficiará de una arquitectura de red y un centro de datos diseñados para satisfacer los requisitos de seguridad de las organizaciones más exigentes.
Una ventaja de la nube de AWS es que permite a los clientes escalar e innovar al mismo tiempo que garantizan la seguridad del entorno. Los clientes solo pagan por los servicios que usan, es decir, que puede gozar de la seguridad que necesite sin tener que realizar pagos iniciales y a un costo inferior que el de un entorno on-premise.
https://aws.amazon.com/es/security/
by Greg McConnel, Sr. Security Solutions Architect, AWS
This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.
Secure Your Customers' Data from Day 1: Armando Leite, AWS
All companies, regardless of size, should build with protection of customer data as a top priority. This session will examine how to achieve this through topics including: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. You'll learn key principles of how to build a secure organization and protect your customers data. Don't wait until your first security incident before putting these best practices in place.
In this session, learn how AWS thinks about threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps address these challenges. We also provide an overview of key AWS services that detect and remediate threats to AWS. Finally, Terren Peterson, the VP of Software Engineering at Capital One, shares how his organization detects and remediates threats using Amazon GuardDuty and other AWS services.
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
4. What is the GDPR?
• The "GDPR" is the General Data Protection Regulation, a significant new
EU Data Protection Regulation
• Introduces robust requirements that will raise and harmonize standards for
data protection, security, and compliance across the EU
• The GDPR is enforceable May 25th, 2018 and it replaces the EU Data
Protection Directive (Directive 95/46/EC)
• Territorial scope: Organisations established in the EU and Organisations
without an EU presence who target or monitor EU individuals
5. Content vs. Personal Data
Content
= anything that a customer
(or any end user) stores, or
processes using AWS services,
including:
Software ǀ Data ǀ Text ǀ Audio ǀ Video
Personal Data
= information from which a
living individual may be
identified or identifiable
(under EU data protection
law)
• Customer’s “content” might
include “personal data”
6. What Else Comes With GDPR?
Individuals have the right to a copy of all
the personal data that controllers have
regarding him or her. It also must be
provided in a way that facilitates reuse.
7. What Else Comes With GDPR?
This gives individuals the right to have
certain personal data deleted so third
parties can no longer trace them.
8. This helps to facilitate the inclusion of
policies, guidelines, and work instructions
related to data protection in the earliest
stages of projects including personal data.
What Else Comes With GDPR?
9. Controllers must report personal data breaches
to the relevant supervisory authority within 72
hours. If there is a high risk to the rights and
freedoms of data subjects, they must also
notify the data subjects.
What Else Comes With GDPR?
10. Potential Consequences
• Penalties – Apply to both controllers and processors
• Fines of up to €20,000,000 or 4% of global turnover
• Fines will be dissuasive
• Claims from individuals and class action suits
11. How AWS Can Help Customers
Achieve GDPR Compliance
12. Security of Content and Data Breaches
ProcessorData Subject Controller
x
x
X
Must implement appropriate
technical and organizational
measures (“TOMs”)
Must monitor own environment
Must notify regulators and data
subjects
Content agnostic
Own TOMs
13. Under GDPR Controllers and Processors are required to implement
appropriate Technical and Organization Measures (“TOMs”)
1) Pseudonymisation and
encryption of personal data
(2) Ensure ongoing
confidentiality, integrity,
availability, and resilience of
processing systems and services
(3) Ability to restore availability
and access to personal data in a
timely manner in the event of a
physical or technical incident
(4) Process for regularly testing,
assessing, and evaluating the
effectiveness of TOMs
GDPR in Practice: Implementing TOMs
14. What AWS Provides
Tools and Services
Compliance Framework
Partner Network
§§ Data Protection Contract§§
15. AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge
Locations
Client-side Data
Encryption
Server-side Data
Encryption
Network Traffic
Protection
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Customer content
Customers
AWS Shared Responsibility Model
Customers are
responsible for
their security
and compliance
IN the Cloud
AWS is
responsible for
the security OF
the Cloud
16. GDPR is also a “Shared Responsibility”
Legal Compliance
(both controllers and processors)
System Security and Data Protection by Design
(both controllers and processors; AWS has tooling to help)
Records of Processing Activities
(both controllers and processors; AWS has tooling to help)
Encryption
(both controllers and processors; AWS has have tooling to help)
Security of Personal Data
(controller responsibility)
Managing Data Subject Consent
(controller responsibility)
Managing Personal Data Deletion
(both controllers and processors; AWS has tooling to help)
Managing Personal Data Portability
(controller responsibility)
44. AWS Foundation Services
AWS Global Infrastructure
Your own
accreditations
Meet Your Own Security Objectives
Your own
certifications
Your own
external audits
Customer scope
and effort is
reduced
Better results
through focused
efforts
Built on AWS
consistent
baseline controls
Customers
GDPR
Code of
Conducts
46. AWS Services will be compliant with GDPR by May 25, 2018
Will your services be ready? What will that require?
AWS will help educate and enable customers to architect their AWS
environment to support data protection and privacy
Scope of Work Includes
Review current AWS architecture
Educate on AWS services & defined controls
Recommend Partners and Solutions who can support/provide technical
solutions
Professional Services: Privacy-by-Design Offering
Contact Us: aws-preserve-src-gdpr@amazon.com
47. AWS Partner Network (APN) & GDPR
Consulting Partners
APN consulting partners can help
your customers get ready for GDPR.
Technology Partners
APN technology partners offer
security & identity solutions.
/