When LifeLock decided to migrate their workloads to Amazon Web Services (AWS) from their on-premises data center, they were concerned that traditional security technology and processes would not transfer to the cloud. They turned to Symantec and deployed Cloud Workload Protection (CWP) to secure both their corporate and customer data, as well as their intellectual property, in part because CWP’s cloud-native design enabled seamless integration with their DevOps workflows and AWS infrastructure.
Transform Your Risk Systems for Greater Agility with Accenture & AWS PPTAmazon Web Services
Financial Institutions are facing ever increasing demands to satisfy regulatory compliance while also reducing costs and growing their business. This is driving institutions to conduct increasingly complex risk calculations, to be completed in a timely manner against ever greater volumes of data, with zero tolerance for failure. In house capabilities for such compute grids are limited and costly.
Accenture’s risk grid solution on AWS allows financial organizations worldwide to be able to scale to respond to the increased compute required, while reducing their overall costs and improving their controls, reliability, availability, flexibility and functionality.
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
Availability of cloud computing is helping Financial Services organizations realize accelerated go-to-market speeds, global scalability, and cost efficiencies. This new world forces considerations for security programs – what is different in the cloud and what do I do differently? AWS Security Architects will share protocols that need to be considered in the cloud, on premises, or in a hybrid model. They will also share best practices, lessons learned, efficiencies, and design patterns and architectures unique to cloud.
Warum ist Cloud-Sicherheit und Compliance wichtig?AWS Germany
Wer seine IT-Projekte in die Cloud bringen möchte, muss auf ein paar Fallstricke achten. Herausforderungen finden Sie vor allem im Bereich der Sicherheit. Ihre Daten müssen vor dem Zugriff Unberechtigter absolut sicher sein. Trotzdem muss das Zugriffsmanagement für Ihre Mitarbeiter gut funktionieren. Zu diesen technischen Aufgaben kommen handfeste Vorgaben aus Ihren betrieblichen Richtlinien sowie wichtige gesetzliche Auflagen hinzu. Diese Compliance-Fragen sollten Sie unbedingt kennen und zuverlässig erfüllen. Denn nur, wenn Sie alle Compliance-Vorgaben korrekt einhalten, kann Ihr Cloud-Projekt ein voller Erfolg werden.
by Rahul Sareen, Sr. Consultant, AWS
In this workshop you'll learn to build a web application using a serverless architecture. With fresh funding from its seed investors, Wild Rydes (www.wildrydes.com) is seeking to build the world’s greatest mobile/VR/AR unicorn transportation system. The scrappy startup needs a first-class webpage to begin marketing to new users and to begin its plans for global domination. Join us to help Wild Rydes build a website using a serverless architecture. You’ll build a scalable website using services like AWS Lambda, Amazon API Gateway, Amazon DynamoDB, Amazon Cognito, and Amazon S3.
by Zack Milem, Trend Micro
DevOps can be coded quickly in the cloud, but it still needs to be secured. In this session, we will discuss how an automated security infrastructure can be constructed. Building from the ground up with API driven security controls, a Security Fabric in AWS can be the foundation to deliver a fast and secure environment in the cloud.
This session provides a framework that can be used to build a Cloud Strategy tailor-made for your organization. The framework helps organisations consider changes from the perspective of their Business, People, Governance, Security, Platform and Operations. By taking a multi-faceted approach in the development of a Cloud Strategy, organisations can de-risk their cloud adoption program, avoid a stall, and position themselves to take advantage of the benefits of cloud that stretch beyond mere cost savings.
This presentation will give you the opening introduction on what is cloud computing with AWS, getting started, and the technical modules presented on the day.
Module 2: AWS Infrastructure: Storage (S3, EBS), Compute (EC2), Networking (VPC)
Module 3: Security, Identity, and Access Management: IAM
Module 4: Databases: Amazon DynamoDB and Amazon RDS
Module 5: AWS Elasticity and Management Tools: Auto Scaling, Elastic Load Balancing, Amazon CloudWatch, and AWS Trusted Advisor
Transform Your Risk Systems for Greater Agility with Accenture & AWS PPTAmazon Web Services
Financial Institutions are facing ever increasing demands to satisfy regulatory compliance while also reducing costs and growing their business. This is driving institutions to conduct increasingly complex risk calculations, to be completed in a timely manner against ever greater volumes of data, with zero tolerance for failure. In house capabilities for such compute grids are limited and costly.
Accenture’s risk grid solution on AWS allows financial organizations worldwide to be able to scale to respond to the increased compute required, while reducing their overall costs and improving their controls, reliability, availability, flexibility and functionality.
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
Availability of cloud computing is helping Financial Services organizations realize accelerated go-to-market speeds, global scalability, and cost efficiencies. This new world forces considerations for security programs – what is different in the cloud and what do I do differently? AWS Security Architects will share protocols that need to be considered in the cloud, on premises, or in a hybrid model. They will also share best practices, lessons learned, efficiencies, and design patterns and architectures unique to cloud.
Warum ist Cloud-Sicherheit und Compliance wichtig?AWS Germany
Wer seine IT-Projekte in die Cloud bringen möchte, muss auf ein paar Fallstricke achten. Herausforderungen finden Sie vor allem im Bereich der Sicherheit. Ihre Daten müssen vor dem Zugriff Unberechtigter absolut sicher sein. Trotzdem muss das Zugriffsmanagement für Ihre Mitarbeiter gut funktionieren. Zu diesen technischen Aufgaben kommen handfeste Vorgaben aus Ihren betrieblichen Richtlinien sowie wichtige gesetzliche Auflagen hinzu. Diese Compliance-Fragen sollten Sie unbedingt kennen und zuverlässig erfüllen. Denn nur, wenn Sie alle Compliance-Vorgaben korrekt einhalten, kann Ihr Cloud-Projekt ein voller Erfolg werden.
by Rahul Sareen, Sr. Consultant, AWS
In this workshop you'll learn to build a web application using a serverless architecture. With fresh funding from its seed investors, Wild Rydes (www.wildrydes.com) is seeking to build the world’s greatest mobile/VR/AR unicorn transportation system. The scrappy startup needs a first-class webpage to begin marketing to new users and to begin its plans for global domination. Join us to help Wild Rydes build a website using a serverless architecture. You’ll build a scalable website using services like AWS Lambda, Amazon API Gateway, Amazon DynamoDB, Amazon Cognito, and Amazon S3.
by Zack Milem, Trend Micro
DevOps can be coded quickly in the cloud, but it still needs to be secured. In this session, we will discuss how an automated security infrastructure can be constructed. Building from the ground up with API driven security controls, a Security Fabric in AWS can be the foundation to deliver a fast and secure environment in the cloud.
This session provides a framework that can be used to build a Cloud Strategy tailor-made for your organization. The framework helps organisations consider changes from the perspective of their Business, People, Governance, Security, Platform and Operations. By taking a multi-faceted approach in the development of a Cloud Strategy, organisations can de-risk their cloud adoption program, avoid a stall, and position themselves to take advantage of the benefits of cloud that stretch beyond mere cost savings.
This presentation will give you the opening introduction on what is cloud computing with AWS, getting started, and the technical modules presented on the day.
Module 2: AWS Infrastructure: Storage (S3, EBS), Compute (EC2), Networking (VPC)
Module 3: Security, Identity, and Access Management: IAM
Module 4: Databases: Amazon DynamoDB and Amazon RDS
Module 5: AWS Elasticity and Management Tools: Auto Scaling, Elastic Load Balancing, Amazon CloudWatch, and AWS Trusted Advisor
In this session, learn about all of the AWS storage solutions, and get guidance about which ones to use for different use cases. We discuss the core AWS storage services. These include Amazon Simple Storage Service (Amazon S3), Amazon Glacier, Amazon Elastic File System (Amazon EFS), and Amazon Elastic Block Store (Amazon EBS). We also discuss data transfer services such as AWS Snowball, Snowball Edge, and AWS Snowmobile, and hybrid storage solutions such as AWS Storage Gateway.
Welcome to the Introduction to AWS Workshop Series.
Learn about the 5 key tenets of Cloud Computing and the benefits that the AWS Cloud is bringing to business.
See some customer examples and use cases.
Security and Compliance – Most Commonly Asked Questions - Technical 101Amazon Web Services
We've heard from our customers that using AWS allows them to operate even more securely than they could in their own data centres. Why is this? We will tackle the most commonly asked security & compliance questions customers ask when adopting the AWS Cloud. We will demonstrate practical ways to make sure you're operating securely, and hear first-hand from an AWS customer about how they are using the platform today and the importance of getting this right.
Speaker: Matthew Jobson, Account Manager, Amazon Web Services & Ben Chung, Head of Security Assurance, Amazon Web Services, APAC
Featured Customer - Health Direct Australia
Financial Services Firms are moving enterprise workloads to AWS to drive agility and innovation. Being regulated entities, firms need to ensure they have necessary controls in place to attain compliance with the industry regulations.
Find out how Cowen, a leader in diversified financial services, achieved a solution with CTP and AWS. With CTP’s Continuous Compliance for AWS managed service, Cowen has the confidence to move their workloads to AWS and can continuously monitor their applications in AWS against PCI and NIST compliance frameworks
Because of AWS’ scale, customers inherit the robust security protocols AWS employs in their own data centers. Protecting our customers’ data is our first priority and we have architected our data centers to operate securely. We also offer numerous services so that customers running on AWS can build specific cloud-enabled solutions that improve security and can provide greater protection than on premises.
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks Amazon Web Services
End-user security is a constant challenge for IT leaders who must balance the business needs of BYOD, distributed workforce, and ready access to business resources, against protecting those same resources from hackers and malware. Amazon WorkSpaces provides a more secure environment over conventional desktop infrastructure because data and applications reside in the cloud, is encrypted during I/O, at rest, and in snapshots, and is not located on end-user devices. In this tech talk we will discuss how you can better secure your IT infrastructure, intellectual property, and sensitive information, and provide recommendations for best practices to help you protect your desktop computing devices using a managed Desktop-as-a-Service (DaaS) solution.
AWS FSI Symposium 2017 NYC - Moving at the Speed of Serverless ft BroadridgeAmazon Web Services
AWS’ suite of serverless technology has enabled enterprises in Financial Services to move quickly from conception to reality. By leveraging AWS, you can run code without provisioning or managing servers—and you only pay for what you use. In this session, we will walk through how we worked with Broadridge to take their Experience Manager application from design to deployment and provide details around how numerous AWS services were leveraged, including Cognito, Lambda, S3, DynamoDB, and SES. We will also dive into how the use of serverless technology can enable developers to move quickly, while improving security postures, minimizing management, and simplifying operations.
La seguridad en la nube de AWS es la mayor prioridad. Como cliente de AWS, se beneficiará de una arquitectura de red y un centro de datos diseñados para satisfacer los requisitos de seguridad de las organizaciones más exigentes.
Una ventaja de la nube de AWS es que permite a los clientes escalar e innovar al mismo tiempo que garantizan la seguridad del entorno. Los clientes solo pagan por los servicios que usan, es decir, que puede gozar de la seguridad que necesite sin tener que realizar pagos iniciales y a un costo inferior que el de un entorno on-premise.
https://aws.amazon.com/es/security/
TiVo: How to Scale New Products with a Data Lake on AWS and QuboleAmazon Web Services
In our webinar, representatives from TiVo, creator of a digital recording platform for television content, will explain how they implemented a new big data and analytics platform that dynamically scales in response to changing demand. You’ll learn how the solution enables TiVo to easily orchestrate big data clusters using Amazon Elastic Cloud Compute (Amazon EC2) and Amazon EC2 Spot instances that read data from a data lake on Amazon Simple Storage Service (Amazon S3) and how this reduces the development cost and effort needed to support its network and advertiser users. TiVo will share lessons learned and best practices for quickly and affordably ingesting, processing, and making available for analysis terabytes of streaming and batch viewership data from millions of households.
Module 1: AWS Introduction and History - AWSome Day Online Conference - APACAmazon Web Services
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdfAmazon Web Services
Companies needing to control user access to resources, whether that be restricting access to certain applications or access to specific web sites, often find it difficult to implement adequate user access controls. Sophos UTM on Amazon Web Services (AWS) provides organizations with an all-in-one security solution that enables them to easily enforce usage policies, control outbound access, filter content, defend against malware, and more. Register for our upcoming webinar with AWS to see how ATLO Software uses Sophos UTM to limit the online activities on inmates in the Louisiana Department of Corrections, while delivering educational and testing programs via the cloud.
Amazon Web Services (AWS) gives you the flexibility to provision Dev & Test resources in the cloud on demand, with a low-cost, pay-as-you-consume model. This Hebrew webinar helps you to get started with Dev & Test on AWS.
(SEC203) Journey to Securing Time Inc's Move to the CloudAmazon Web Services
"Learn how Time Inc. met security requirements as they transitioned from their data centers to the AWS cloud. Colin Bodell, CTO from Time Inc. will start off this session by presenting Time’s objective to move away from on-premise and co-location data centers to AWS and the cost savings that has been realized with this transition. Chris Nicodemo from Time Inc. and Derek Uzzle from Alert Logic will then share lessons learned in the journey to secure dozens of high volume media websites during the migration, and how it has enhanced overall security flexibility and scalability. They will also provide a deep dive on the solutions Time has leveraged for their enterprise security best practices, and show you how they were able to execute their security strategy.
Who should attend: InfoSec and IT management.
Session sponsored by Alert Logic."
Amazon WorkSpaces is a secure, managed, virtual desktop service running on the AWS cloud. The service helps organizations support a modern mobile workforce, improve information security, and save money with a pay-as-you-go model. In this session, we'll cover how cloud desktops can benefit your organization, what's new with Amazon WorkSpaces, and some of the top technical considerations like user identity and access management, VPC design, network traffic flow, and application delivery. This session is for IT professionals and business decision makers interested in learning how to simplify desktop management and productivity for their organizations.
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...Amazon Web Services
While security is a top concern in every organization these days, it often gets a bad rap. In many minds, security has the reputation of the bothersome villain who attempts to hinder performance or restrain agility. In this session we will outline three strategies to protect your valuable workloads, without falling into traditional security traps. We will walk through three stories of EC2 security superheroes who saved the day by overcoming compliance and design challenges, using a (not so) secret arsenal of AWS and Trend Micro security tools.
Key takeaways from this session include how to:
· Design a workload-centric security architecture
· Improve visibility of AWS-only or hybrid environments
· Stop patching live instances but still prevent exploits
Speaker: Sasha Pavlovic, Director, Cloud & Datacentre Security, Asia Pacific, Trend Micro
Automate the Provisioning of Secure Developer Environments on AWS PPTAmazon Web Services
Providing development and engineering teams with access to cloud resources introduces challenges around deploying the proper security policies. Organizations need automated security solutions that enable their engineers to spin up their own secure environments for application development with a push of a button. Join our upcoming webinar with Palo Alto Networks, REAN Cloud, and AWS, to learn how organizations are leveraging Palo Alto Networks VM-Series and REAN Cloud to build a simple, fast, and automated solution on AWS that helps provision secure environments for developers.
Check Point Software Technologies: Secure Your AWS WorkloadsAmazon Web Services
Hosting workloads on AWS provides organizations with agility, speed, efficiency, and reduced costs. Check Point vSEC further enhances this experience by delivering advanced, multi-layered threat prevention security for your AWS workloads, protecting assets and enabling secure connectivity from enterprise networks to your AWS resources. Register for our upcoming webinar to learn how Check Point vSEC on AWS provided customers with an advanced threat prevention solution to enable secure application delivery. Learn how to migrate your applications and workloads to AWS with vSEC’s comprehensive security solution tailored to help protect your cloud environment.
Join us to learn:
• How Check Point vSEC enabled customers to confidently migrate from an on-premises infrastructure to AWS
• How to prevent network attacks and data breaches when hosting workloads in a cloud-based environment
• How Courtagen Life Sciences secured their cloud environment to maintain compliance, reduce IT expenses and leverage the full capabilities of the AWS Cloud
Who should attend:
IT Admins, Security Admins, Cloud Admins, Business Decision Makers, Compliance & governance officers, Line of Business leaders, DevOps engineers & architects
In this session, learn about all of the AWS storage solutions, and get guidance about which ones to use for different use cases. We discuss the core AWS storage services. These include Amazon Simple Storage Service (Amazon S3), Amazon Glacier, Amazon Elastic File System (Amazon EFS), and Amazon Elastic Block Store (Amazon EBS). We also discuss data transfer services such as AWS Snowball, Snowball Edge, and AWS Snowmobile, and hybrid storage solutions such as AWS Storage Gateway.
Welcome to the Introduction to AWS Workshop Series.
Learn about the 5 key tenets of Cloud Computing and the benefits that the AWS Cloud is bringing to business.
See some customer examples and use cases.
Security and Compliance – Most Commonly Asked Questions - Technical 101Amazon Web Services
We've heard from our customers that using AWS allows them to operate even more securely than they could in their own data centres. Why is this? We will tackle the most commonly asked security & compliance questions customers ask when adopting the AWS Cloud. We will demonstrate practical ways to make sure you're operating securely, and hear first-hand from an AWS customer about how they are using the platform today and the importance of getting this right.
Speaker: Matthew Jobson, Account Manager, Amazon Web Services & Ben Chung, Head of Security Assurance, Amazon Web Services, APAC
Featured Customer - Health Direct Australia
Financial Services Firms are moving enterprise workloads to AWS to drive agility and innovation. Being regulated entities, firms need to ensure they have necessary controls in place to attain compliance with the industry regulations.
Find out how Cowen, a leader in diversified financial services, achieved a solution with CTP and AWS. With CTP’s Continuous Compliance for AWS managed service, Cowen has the confidence to move their workloads to AWS and can continuously monitor their applications in AWS against PCI and NIST compliance frameworks
Because of AWS’ scale, customers inherit the robust security protocols AWS employs in their own data centers. Protecting our customers’ data is our first priority and we have architected our data centers to operate securely. We also offer numerous services so that customers running on AWS can build specific cloud-enabled solutions that improve security and can provide greater protection than on premises.
Securing Your Desktops with Amazon WorkSpaces - AWS Online Tech Talks Amazon Web Services
End-user security is a constant challenge for IT leaders who must balance the business needs of BYOD, distributed workforce, and ready access to business resources, against protecting those same resources from hackers and malware. Amazon WorkSpaces provides a more secure environment over conventional desktop infrastructure because data and applications reside in the cloud, is encrypted during I/O, at rest, and in snapshots, and is not located on end-user devices. In this tech talk we will discuss how you can better secure your IT infrastructure, intellectual property, and sensitive information, and provide recommendations for best practices to help you protect your desktop computing devices using a managed Desktop-as-a-Service (DaaS) solution.
AWS FSI Symposium 2017 NYC - Moving at the Speed of Serverless ft BroadridgeAmazon Web Services
AWS’ suite of serverless technology has enabled enterprises in Financial Services to move quickly from conception to reality. By leveraging AWS, you can run code without provisioning or managing servers—and you only pay for what you use. In this session, we will walk through how we worked with Broadridge to take their Experience Manager application from design to deployment and provide details around how numerous AWS services were leveraged, including Cognito, Lambda, S3, DynamoDB, and SES. We will also dive into how the use of serverless technology can enable developers to move quickly, while improving security postures, minimizing management, and simplifying operations.
La seguridad en la nube de AWS es la mayor prioridad. Como cliente de AWS, se beneficiará de una arquitectura de red y un centro de datos diseñados para satisfacer los requisitos de seguridad de las organizaciones más exigentes.
Una ventaja de la nube de AWS es que permite a los clientes escalar e innovar al mismo tiempo que garantizan la seguridad del entorno. Los clientes solo pagan por los servicios que usan, es decir, que puede gozar de la seguridad que necesite sin tener que realizar pagos iniciales y a un costo inferior que el de un entorno on-premise.
https://aws.amazon.com/es/security/
TiVo: How to Scale New Products with a Data Lake on AWS and QuboleAmazon Web Services
In our webinar, representatives from TiVo, creator of a digital recording platform for television content, will explain how they implemented a new big data and analytics platform that dynamically scales in response to changing demand. You’ll learn how the solution enables TiVo to easily orchestrate big data clusters using Amazon Elastic Cloud Compute (Amazon EC2) and Amazon EC2 Spot instances that read data from a data lake on Amazon Simple Storage Service (Amazon S3) and how this reduces the development cost and effort needed to support its network and advertiser users. TiVo will share lessons learned and best practices for quickly and affordably ingesting, processing, and making available for analysis terabytes of streaming and batch viewership data from millions of households.
Module 1: AWS Introduction and History - AWSome Day Online Conference - APACAmazon Web Services
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
ATLO Software Delivers Secure Training Programs with Sophos UTM on AWS.pdfAmazon Web Services
Companies needing to control user access to resources, whether that be restricting access to certain applications or access to specific web sites, often find it difficult to implement adequate user access controls. Sophos UTM on Amazon Web Services (AWS) provides organizations with an all-in-one security solution that enables them to easily enforce usage policies, control outbound access, filter content, defend against malware, and more. Register for our upcoming webinar with AWS to see how ATLO Software uses Sophos UTM to limit the online activities on inmates in the Louisiana Department of Corrections, while delivering educational and testing programs via the cloud.
Amazon Web Services (AWS) gives you the flexibility to provision Dev & Test resources in the cloud on demand, with a low-cost, pay-as-you-consume model. This Hebrew webinar helps you to get started with Dev & Test on AWS.
(SEC203) Journey to Securing Time Inc's Move to the CloudAmazon Web Services
"Learn how Time Inc. met security requirements as they transitioned from their data centers to the AWS cloud. Colin Bodell, CTO from Time Inc. will start off this session by presenting Time’s objective to move away from on-premise and co-location data centers to AWS and the cost savings that has been realized with this transition. Chris Nicodemo from Time Inc. and Derek Uzzle from Alert Logic will then share lessons learned in the journey to secure dozens of high volume media websites during the migration, and how it has enhanced overall security flexibility and scalability. They will also provide a deep dive on the solutions Time has leveraged for their enterprise security best practices, and show you how they were able to execute their security strategy.
Who should attend: InfoSec and IT management.
Session sponsored by Alert Logic."
Amazon WorkSpaces is a secure, managed, virtual desktop service running on the AWS cloud. The service helps organizations support a modern mobile workforce, improve information security, and save money with a pay-as-you-go model. In this session, we'll cover how cloud desktops can benefit your organization, what's new with Amazon WorkSpaces, and some of the top technical considerations like user identity and access management, VPC design, network traffic flow, and application delivery. This session is for IT professionals and business decision makers interested in learning how to simplify desktop management and productivity for their organizations.
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...Amazon Web Services
While security is a top concern in every organization these days, it often gets a bad rap. In many minds, security has the reputation of the bothersome villain who attempts to hinder performance or restrain agility. In this session we will outline three strategies to protect your valuable workloads, without falling into traditional security traps. We will walk through three stories of EC2 security superheroes who saved the day by overcoming compliance and design challenges, using a (not so) secret arsenal of AWS and Trend Micro security tools.
Key takeaways from this session include how to:
· Design a workload-centric security architecture
· Improve visibility of AWS-only or hybrid environments
· Stop patching live instances but still prevent exploits
Speaker: Sasha Pavlovic, Director, Cloud & Datacentre Security, Asia Pacific, Trend Micro
Automate the Provisioning of Secure Developer Environments on AWS PPTAmazon Web Services
Providing development and engineering teams with access to cloud resources introduces challenges around deploying the proper security policies. Organizations need automated security solutions that enable their engineers to spin up their own secure environments for application development with a push of a button. Join our upcoming webinar with Palo Alto Networks, REAN Cloud, and AWS, to learn how organizations are leveraging Palo Alto Networks VM-Series and REAN Cloud to build a simple, fast, and automated solution on AWS that helps provision secure environments for developers.
Check Point Software Technologies: Secure Your AWS WorkloadsAmazon Web Services
Hosting workloads on AWS provides organizations with agility, speed, efficiency, and reduced costs. Check Point vSEC further enhances this experience by delivering advanced, multi-layered threat prevention security for your AWS workloads, protecting assets and enabling secure connectivity from enterprise networks to your AWS resources. Register for our upcoming webinar to learn how Check Point vSEC on AWS provided customers with an advanced threat prevention solution to enable secure application delivery. Learn how to migrate your applications and workloads to AWS with vSEC’s comprehensive security solution tailored to help protect your cloud environment.
Join us to learn:
• How Check Point vSEC enabled customers to confidently migrate from an on-premises infrastructure to AWS
• How to prevent network attacks and data breaches when hosting workloads in a cloud-based environment
• How Courtagen Life Sciences secured their cloud environment to maintain compliance, reduce IT expenses and leverage the full capabilities of the AWS Cloud
Who should attend:
IT Admins, Security Admins, Cloud Admins, Business Decision Makers, Compliance & governance officers, Line of Business leaders, DevOps engineers & architects
Tom Jones, Solution Architect at Amazon Web Services leads a 60-minute tour through everything you need to know to develop, deploy and operate your first secure applications and services on AWS.
How a National Transportation Software Provider Migrated a Mission-Critical T...Amazon Web Services
In this webinar, Cascadeo will show you how they helped a national transportation software provider build an AWS architecture that enables them to effectively support more than 3,300 complex integration tests against nightly builds of their Interoperable Train Control Messaging (ITCM) application. You’ll also learn about how this software provider can scale on-demand, has improved governance and cost management, and rapidly supports new projects without increasing IT overhead using AWS.
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
Security is a top priority to both AWS and its customers and many enterprises trust us with some of their most sensitive information, including financial, personal and health information. Learn about the key security features of AWS that these enterprise customers are using to build their own secure applications and secure and encrypt their content. We will also share how you can integrate AWS into your existing security policies and how partners like Trend Micro can help you extend this into the AWS Cloud.
Compliance in the Cloud Using “Security by Design” PrinciplesAmazon Web Services
Up-front design of your AWS account can be done in a way that creates a reliably secure and controlled environment no matter how the AWS resources are used. This session will focus on "Secure by Design" principles and show how an AWS environment can be configured to provide a reliable operational security control capability to meet the compliance needs across multiple industry verticals (e.g. HIPAA, FISMA, PCI, etc.).
How Online Retailer Resident Scaled DevOps with AWS and CloudShell ColonyDevOps.com
Application development is driving the digital transformation. For the online retailer, Resident, that meant the need to quickly develop, test, and release business critical applications in AWS cloud using a DevOps approach. However, Resident needed to accomplish all of this within budget, while they were facing rapid growth, distributed development teams, and complex back-end applications that supported revenue generation.
Join this webinar to learn how Resident selected Quali’s Environment as a Service solution, CloudShell Colony, and AWS public cloud to:
Provide self-service application environments to globally distributed development teams
Control cloud costs with dynamic staging environments
Gain visibility into cloud resources for predictable growth
Consume native AWS services
(SEC321) Implementing Policy, Governance & Security for EnterprisesAmazon Web Services
"CSC engineers will demonstrate enterprise policy, governance, and security products to deploy and manage enterprise and industry applications AWS. We will demonstrate automated provisioning and management of big data platforms and industry specific enterprise applications with automatically provisioned secure network connectivity from the datacenter to AWS over layer 2 routed AT&T NetBond (provides AWS DirectConnect access) connection. We will demonstrate how applications blueprinted on CSC's Agility Platform can be re-hosted on AWS in minutes or re-instantiated across multiple AWS regions. CSC Cybersecurity will also demonstrate how CSC can provide agile & consumption based endpoint security for workloads in any cloud or virtual infrastructure, providing enterprise management and 24x7 monitoring of workload compliance, vulnerabilities, and potential threats.
Session sponsored by CSC."
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
Thinking through how you want to run Microsoft Windows Server and application workloads on AWS is straightforward, when you have a game plan. Understanding which service to leverage– like Amazon EC2, Amazon RDS, and Directory Services to name a few – will accelerate the process further. There are also a number of new enhancements to help make things even easier. In this session we will walk through how to think about mapping to the various AWS services available so you can get your deployment or migration project off to the right start. Think of this session as the decoder ring between your on-premises deployment and what you can expect from the AWS cloud for your Microsoft Windows Server and applications.
AWS APAC Webinar Week - Introduction to Cloud Computing With Amazon Web ServicesAmazon Web Services
Join this foundational session to understand the core concepts of “Cloud Computing” and different attributes such as reliability, fault tolerance, elasticity, scalability and pay-as-you-go pricing. Whether you are a startup who wants to accelerate growth without a big upfront investment in cash or time for technology or an Enterprise looking for IT innovation, agility and resiliency while reducing costs, the AWS Cloud provides a complete set of infrastructure services at zero upfront costs which are available with a few clicks and within minutes. Join this webinar to learn more about the benefits of Cloud Computing.
Today, it is critical that IT teams are able to easily, consistently deploy to production. Running Docker containers on Amazon Web Services makes it possible to engineer a compliant and DevOps-friendly environment from the ground up. Spring Venture Group successfully migrated to AWS with Docker containers and leveraged Logicworks to migrate to AWS and automate infrastructure build-out and deployment. Join our webinar to learn how Spring Venture Group, an innovative insurance brokerage, reduced risk and improved deployment velocity with Logicworks, AWS, and Docker.
During the session we will describe common methods used to create a Hybrid Cloud with AWS. We step through successful operational models, how to get started, and tools to simplify operations. We will explore topics such as networking, directories, DNS, and security. Importantly, we will cover ongoing operational and management practices.
Speaker: Phil Barlow, Solutions Architect, Amazon Web Services
Featured Customer - AMP
Segurança é uma das principais características da nuvem da AWS. Nesta apresentação, analisamos o modelo de segurança compartilhada da AWS, e os serviços usados para implementar este modelo.
Pragmatic Approach to Workload Migrations - London Summit Enteprise Track RePlayAmazon Web Services
Migrating a portfolio of legacy applications to AWS cloud infrastructure requires careful planning as each phase needs balancing between risk tolerance and the speed of migration. This session will present a set of successful best practices, tools and techniques that help migration speed of delivery and increase success rate. We will also cover the complete lifecycle of an application portfolio migration including a special focus on how to organise and conduct the assessment and identify elements that can benefit from cloud architecture.
In dynamic cloud environments, many organizations have a need to implement a unified threat management solution that enhances visibility across their workloads. Learn how REAN Cloud adopted Sophos Unified Threat Management (UTM) for increased simplicity, visibility, and security of their AWS workloads. Sophos is an Advanced Technology Partner in the AWS Partner Network that provides a reliable, unified security solution capable of scaling to meet the agility and speed of the AWS Cloud. Join the upcoming webinar to hear Sri Vasireddy from REAN Cloud, Bryan Nairn from Sophos, and Nick Matthews from AWS discuss security innovations on the AWS Cloud. Join us to learn: • Why Sophos end user REAN Cloud trusts Sophos UTM for simplicity, visibility and security. • How easy it can be to protect your AWS workloads, with a proven and scalable solution designed for the AWS Cloud. • AWS security innovations, including support across multiple Availability Zones and UTM Auto Scaling.
Who should attend: Security Managers, Security Engineers, Security Architects, IT System Administrators, System Administrators, IT Administrators, IT Managers, DevOps, Architects, IT Architects, IT Security Engineers, Business Decision Makers
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
2. Protect your Cloud Environment
with AWS
Patrick McDowell, Solutions Architect, AWS
3. What is Driving AWS Adoption?
Urgent Need to Respond to Business Needs for:
Increased
Agility
Flexibility
Lower Costs and
Transparency
More
Capabilities
Go Global in
Minutes
Remove Infrastructure
Dependencies
Remove IT as a “Blocker” to Innovation
4. Compelling Events on the Journey
Value
Time
Discovery
and Testing
Application-
Based Projects
Cloud-First /
Standardization
Business
Transformation
Build applications
to run in AWS cloud
Dev & Test /
Startups
Production App
Migration
“Cloud-First”
Standardization /
Mass Migration
Automation /
Business Innovation
Projects
Current State
1
2
3
4
5
5. $6.53M
https://www.csid.com/resources/stats/data-breaches/
Average cost of
a data breach
Your Data and IP Are Your Most
Valuable Assets
56%
Increase in theft of hard
intellectual property
http://www.pwc.com/gx/en/issues/cyber-security/
information-security-survey.html
70%
Of consumers indicated
they’d avoid businesses
following a security breach
https://www.csid.com/resources/stats/data-breaches/
6. Automating logging
and monitoring
Simplifying resource
access
Making it easy
to encrypt properly
Enforcing
strong authentication
AWS Can Be More Secure than Your
Existing Environment
In a recent IDC report which found that most customers can be more secure
in AWS than their on-premises environment. How?
8. Constantly Monitored
Network access is monitored by AWS
security managers daily
AWS CloudTrail lets you monitor
and record all API calls
Amazon Inspector automatically assesses
applications for vulnerabilities
The AWS infrastructure is protected by extensive network
and security monitoring systems:
9. Highly Available
44 Availability Zones in 16 regions for
multi-synchronous geographic redundancy
Retain control of where your data resides
for compliance with regulatory requirements
Mitigate the risk of DDoS attacks using
services like Route 53
Dynamically grow to meet unforeseen demand
using Auto Scaling
The AWS infrastructure footprint helps protect your data
from costly downtime:
10. Integrated with Your Existing Resources
Integrate your existing Active Directory
Use dedicated connections as a secure,
low-latency extension of your data center
Provide and manage your own encryption
keys if you choose
AWS enables you to improve your security using
many of your existing tools and practices:
13. v
Hybrid Cloud Data Center Evolution
Modern (Off-Premises)Traditional (On-Premises)
Physical Private Cloud (SDDC) Managed Private Cloud AWS Cloud
More Agility - Lower Cost - More Workloads per Server
14. v
Symantec Cloud Workload Protection
Protect AWS and Hybrid Cloud Workloads From a Single Console
Benefits:
Protect all workloads from a single
cloud-based console
Automatic discovery and visibility of public
cloud workloads
Elastic, cloud-native protection scales easily
Symantec Cloud
Workload Protection
Cloud Workload Protection
DevOps /
Security Admin
Physical Data
Center
Private Cloud
15. v
How do I Know if Our Workloads Are Secure?
CISO, Cloud Security Architect
I need to know what
workloads are running across
my hybrid cloud, where they
are, and if they’re protected.Mobile &
Remote
HQBranch DevOps/Test
AWS Regions
Unauthorized
User
Private Cloud
16. v
Continuous visibility of AWS and hybrid
cloud workloads from a single console
Automatic discovery of software services
on AWS workloads
Automatic identification of workload
security postures
Real-time visibility into AWS infrastructure
changes
Agent Not
Installed
Policy Not
Applied
Protected
Symantec CWP Provides:
Visibility and Security for AWS and Hybrid
Cloud Workloads from a Single Console
Discover and view
security postures of
workloads wherever they
are
Shut down rogue
instances to reduce
attack surface
17. v
Shared Responsibility for Security
Security Analyst/Admin
I need to ensure
security of our assets
“IN” the cloud.
18. v
Controls
Anti-Malware
RT-FIM
App Control
Anti-Malware OS Hardening
Single Agent
Single Console
Traditional Workloads
General Purpose Computing
Long Lifespan
IT Managed
App Isolation App Control RT-FIM
Controls
OS Hardening
App Control
RT-FIM
App Isolation
Cloud Workloads
Scalable Business Apps
Short Lifespan
Developer Managed
Comprehensive Protection for All Types of AWS Workloads
Symantec CWP Provides:
19. v
Symantec CWP Provides:
Virtual Patching, Real-time Monitoring and Vulnerability Protection for AWS Workloads
Identify potential threats and
apply security policies
in the same view
Benefits:
Block advanced threats that target
vulnerabilities (virtual patching)
Stop zero-day attacks
Prevent unauthorized changes
Identify suspicious behaviors
Block application-centric malware
20. v
Why “Lift and Shift” Approach to Security Fails
Traditional security solutions can’t keep up.
Velocity of Deployment
ScaleofDeployment
Physical and Private
Cloud Data Centers
AWS Cloud
Public cloud infrastructure is built and
deployed as code
DevOps practitioners use continuous
deployment workflows, increasing velocity
– especially in container environments
Security controls must integrate into DevOps
processes to support cloud elasticity
I need security that integrates
with our DevOps workflows
and scales automatically.
DevOps, SecDevOps
Disruptive Increase in Velocity and Scale of Workload Deployments
21. v
Symantec CWP Provides:
Security scales automatically with dynamic
AWS infrastructure
Integration with AWS enables DevOps to
build security directly into service
deployment workflows
Flexible pay-for-use and annual
subscription pricing models support agile
business planning
Cloud-native Security that Integrates with AWS Infrastructure and DevOps Service
Workflows for Rapid Deployment and Scalability
Instances in auto-scaling
group with policies
applied
Complete instance
mapping with
real-time
protection status
Automatic policy
recommendations
22. v
Need to Secure Containers
Why are containers vulnerable?
High rate of change in container environments
makes standard security best practices impossible
Varied images provide more points of entry
Direct access to the OS kernel creates a larger
attack surface area
How are they attacked?
Real-world attacks use containers to get to the
management framework or container host
Source: https://www.rsaconference.com/videos/orchestration-ownage-exploiting-container-centric-data-center-platforms
Frameworks
Supporting
Apps
Attack RCE
Kernel
23. v
Visibility
Know security posture and
suspicious activity
What container was online and
what it was doing
Full monitoring of container
activity including file integrity
Symantec CWP Provides:
Frictionless Security
Complete protection with
no footprint in container
Enforce security controls
without impacting agility
Containers and their
applications cannot be
used to take control of
the Infrastructure
Built for DevOps
Fully Instrumented for DevOps
ALL UI features have
corresponding RESTAPI
Full Control of security
controls applied
Security for Amazon EC2 Container Services
24. v
Superior Protection
Stop unknown threats with
multi-layered protection
Advanced machine learning
Memory exploit mitigation
Intelligent threat cloud
and more
Symantec CWP Provides:
Seamless Scalability
Autoscaling security
infrastructure of scanners
required to protect storage
based on load
Clean Pipes for Applications
Enable clean S3 storage
Near real-time S3
anti-malware scanning
Container adoption
Serverless solutions
(AWS Lambda)
CWP for Storage - Anti-malware for AWS S3 Storage (Coming Soon)
25. v
Symantec Cloud Workload Protection
Protect AWS and Hybrid Cloud Workloads From a Single Console
Benefits:
Protect all workloads from a single cloud-
based console
Automatic discovery and visibility of public
cloud workloads
Elastic, cloud-native protection scales
easily
Symantec Cloud
Workload Protection
Cloud Workload Protection
DevOps /
Security Admin
Physical Data
Center
Private Cloud
27. v v
Background
Datacenter move to AWS – Full Workload that
included LOB services, internal workloads,
consumer facing, and enterprise security solutions
Required no gaps of visibility and compliance
controls – PCI compliance top priority
Support for Amazon Linux, RHEL, and Windows
Usage of CWP:
Real-Time File Integrity Monitoring (FIM)
28. v v
Solution
Symantec CWP offering with CWP
Agents on AWS workloads & on-premises
legacy infrastructure
Single CWP console to monitor and control
hybrid workloads during the migration
Conduct Proof of Value (PoV) with CWP File
Integrity Monitoring (FIM) capabilities and
reporting
Usage of CWP: Cont.
Real-Time File Integrity Monitoring (FIM)
Results
Seamless transition from PoV to production
environment with no downtime
Improved monitoring and compliance
efficiency and performance of FIM in CWP
29. v v
CWP Usage:
Real-Time File Integrity Monitoring (RT-FIM)
LifeLock Hybrid Architecture Provides
Visibility and Control
Seamless migration from Data Center to AWS
FIM Policy Enforcement- Provide visibility and
compliance reporting of FIM activities
Agents support for Amazon Linux, RHEL,
Windows, and Centos
Protect application vulnerabilities that could
be exploited to attack infrastructure
Alerting and Notifications
Symantec Cloud
Workload Protection
Cloud Workload Protection
CloudOps /
Security Admin
Physical Data
Center
30. v v
Proof of Value Results
Automated installation and easy to
deploy CWP Agents across the
enterprise – required to support
Amazon Linux workloads
No loss of coverage when migrating
hosts to AWS
CWP provides pre-built policies to build
or custom based on requirements
Summary - Results and Benefits
Automated protection profiling
based on workload – CWP
recommends profiles to apply
Continuous visibility, discovery, and
monitoring
Continuous visibility into threat
and vulnerability scores for public
cloud deployments
31. v v
Continuous Improvement for
Cloud & Container Protection
Container protection and discovery
with Docker workloads
Enhanced policy enforcement and
prevention through Real-time File Integrity
Monitoring (FIM) to ensure compliance and
auditing
AV included to scan Linux hosts in CWP
Micro-segmentation capabilities to enforce
security policies and protect workloads
Summary - Results and Benefits
33. Cloud Workload Protection on AWS:
go.Symantec.com/aws-cwp
Learn more about CWP:
go.Symantec.com/cwp
More Symantec on AWS:
aws.amazon.com/featured-partners/Symantec
Find Out More
Additional Resources:
Buy CWP on Marketplace
Free Trial through Symantec
CWP Help and Resources
What’s New in CWP
CWP Security Competency on AWS
Find out more on
LifeLock:
www.lifelock.com