Zocdoc, an online healthcare scheduling service, receives more than 6 million patient visits monthly. In less than 12 months, Zocdoc became a cloud-first organization to meet their business goals. This digital transformation allowed for rapid innovation and the ability to deliver products that align with demands of the 21st-century patient. In this session, Brian Lozada, CISO at Zocdoc, and Jay Ball, Head of Application Security, explain how Zocdoc uses AWS security services to seamlessly and automatically monitor, audit, and enforce their security policies within all their AWS environments. They use AWS security services, such as AWS Config, Amazon GuardDuty, Amazon Inspector, and AWS Shield, while using AWS Lambda functions to augment their security team, all without slowing down their developers.
Using AWS Lambda as a Security Team (SEC322-R1) - AWS re:Invent 2018Amazon Web Services
Operating a security practice on AWS brings many new challenges and opportunities that have not been addressed in data center environments. The dynamic nature of infrastructure, the relationship between development team members and their applications, and the architecture paradigms have all changed as a result of building software on top of AWS. In this session, learn how your security team can leverage AWS Lambda as a tool to monitor, audit, and enforce your security policies within an AWS environment.
Meeting Enterprise Security Requirements with AWS Native Security Services (S...Amazon Web Services
GE has very deep security requirements for their cloud applications. In this session, hear their story on replacing on premises complex solutions with AWS native services like Amazon GuardDuty, VPC Flow logs, AWS CloudTrail, and AWS Config rules. Learn how large enterprises can accelerate their cloud adoption by meeting established security standards with AWS native services. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
The Executive Security Simulation takes senior security management and IT/business executive teams through an experiential exercise that illuminates key decision points for a successful and secure cloud journey. During this team-based, game-like competitive simulation, participants leverage an industry case study to make strategic security, risk, and compliance time-based decisions and investments. Participants experience the impact of these investments and decisions on the critical aspects of their secure cloud adoption. Join this workshop to gain an understanding of the major success factors to lead security, risk, and compliance in the cloud, and learn applicable decision and investment approaches to specific secure cloud adoption journeys. AWS facilitators translate lessons learned in the simulation into real-life examples and practical advice for your team.
Policy Verification and Enforcement at Scale with AWS (SEC320) - AWS re:Inven...Amazon Web Services
In an ever-growing cloud environment, scaling to a number of accounts can range in the thousands— where edge cases dominate your firm’s spectrum and changes in your environment happen quickly. The Goldman Sachs cloud engineering team finds enforcement of best security practice as a growing concern. With developers managing infrastructure as code (IaC), learn how Goldman Sachs uses distributed serverless logging pipelines and leverages AWS formal verification tools to help enforce access policy in the process. In this session, we cover AWS Config, AWS Lambda, Amazon DynamoDB, and Amazon Simple Notification Service (Amazon SNS) as distributed infrastructure that can help catch security issues early and remediate those that happen unexpectedly.
Stephen Schmidt, Chief Information Security Officer at AWS, addresses the current state of security in the cloud, with a particular focus on feature updates, the AWS internal "secret sauce," and what's on horizon in terms of security, identity, and compliance tooling.
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...Amazon Web Services
SaaS presents developers with a unique blend of architectural challenges. Supporting a multi-tenant model often means re-thinking your approach to almost every layer of your architecture. Onboarding, security, data partitioning, tenant isolation, identity—these are areas that must be factored into how you design, build, and deploy your SaaS solution. Of course, the best way to wrap your mind around these SaaS architectural principles is to dig into a working example. In this workshop, we’ll expose you to the core concepts of SaaS architecture then dive into a reference SaaS architecture where you can see the moving parts of a SaaS solution in action. The goal here is to provide a series of activities that allow you to interact with a functional solution, introducing code and configuration that realizes and extends the capabilities of this SaaS environment. Through this combination of a brief lecture and hands-on exercises, you’ll get a healthy dose of SaaS best practices all through the lens of a working reference solution.
Augmenting Security Posture and Improving Operational Health with AWS CloudTr...Amazon Web Services
Enabling AWS CloudTrail for auditing purposes is often a corporate mandate, but do you know how to use CloudTrail events to improve your security and operational posture? Come learn how CloudTrail can help improve your operational monitoring and troubleshooting, security analysis, and compliance auditing processes. Discover best practices for setting up and using CloudTrail; explore use cases for data mining CloudTrail event data; learn how to set up alerts based on activity in your account; and learn about advanced use cases. Also learn how to implement data plane governance autoEnabling AWS CloudTrail for auditing purposes is often a corporate mandate, but do you know how to use CloudTrail events to improve your security and operational posture? Come learn how CloudTrail can help improve your operational monitoring and troubleshooting, security analysis, and compliance auditing processes. Discover best practices for setting up and using CloudTrail; explore use cases for data mining CloudTrail event data; learn how to set up alerts based on activity in your account; and learn about advanced use cases. Also learn how to implement data plane governance automation using data events from Amazon S3 and AWS Lambda.
mation using data events from Amazon S3 and AWS Lambda.
Optimizing Costs as You Scale on AWS (ENT302) - AWS re:Invent 2018Amazon Web Services
The cloud offers a first-in-a-career opportunity to constantly optimize your costs as you grow and stay on the leading edge of innovation. By developing a cost-conscious culture and assigning the responsibility for efficiency to the appropriate business owners, you can deliver innovation efficiently and cost effectively. In this session, we share The Vanguard Group’s real-world experience of optimizing their costs, and we review a wide range of cost planning, monitoring, and optimization strategies.
Using AWS Lambda as a Security Team (SEC322-R1) - AWS re:Invent 2018Amazon Web Services
Operating a security practice on AWS brings many new challenges and opportunities that have not been addressed in data center environments. The dynamic nature of infrastructure, the relationship between development team members and their applications, and the architecture paradigms have all changed as a result of building software on top of AWS. In this session, learn how your security team can leverage AWS Lambda as a tool to monitor, audit, and enforce your security policies within an AWS environment.
Meeting Enterprise Security Requirements with AWS Native Security Services (S...Amazon Web Services
GE has very deep security requirements for their cloud applications. In this session, hear their story on replacing on premises complex solutions with AWS native services like Amazon GuardDuty, VPC Flow logs, AWS CloudTrail, and AWS Config rules. Learn how large enterprises can accelerate their cloud adoption by meeting established security standards with AWS native services. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
The Executive Security Simulation takes senior security management and IT/business executive teams through an experiential exercise that illuminates key decision points for a successful and secure cloud journey. During this team-based, game-like competitive simulation, participants leverage an industry case study to make strategic security, risk, and compliance time-based decisions and investments. Participants experience the impact of these investments and decisions on the critical aspects of their secure cloud adoption. Join this workshop to gain an understanding of the major success factors to lead security, risk, and compliance in the cloud, and learn applicable decision and investment approaches to specific secure cloud adoption journeys. AWS facilitators translate lessons learned in the simulation into real-life examples and practical advice for your team.
Policy Verification and Enforcement at Scale with AWS (SEC320) - AWS re:Inven...Amazon Web Services
In an ever-growing cloud environment, scaling to a number of accounts can range in the thousands— where edge cases dominate your firm’s spectrum and changes in your environment happen quickly. The Goldman Sachs cloud engineering team finds enforcement of best security practice as a growing concern. With developers managing infrastructure as code (IaC), learn how Goldman Sachs uses distributed serverless logging pipelines and leverages AWS formal verification tools to help enforce access policy in the process. In this session, we cover AWS Config, AWS Lambda, Amazon DynamoDB, and Amazon Simple Notification Service (Amazon SNS) as distributed infrastructure that can help catch security issues early and remediate those that happen unexpectedly.
Stephen Schmidt, Chief Information Security Officer at AWS, addresses the current state of security in the cloud, with a particular focus on feature updates, the AWS internal "secret sauce," and what's on horizon in terms of security, identity, and compliance tooling.
Hands-on SaaS: Constructing a Multi-Tenant Solution on AWS (ARC327-R1) - AWS ...Amazon Web Services
SaaS presents developers with a unique blend of architectural challenges. Supporting a multi-tenant model often means re-thinking your approach to almost every layer of your architecture. Onboarding, security, data partitioning, tenant isolation, identity—these are areas that must be factored into how you design, build, and deploy your SaaS solution. Of course, the best way to wrap your mind around these SaaS architectural principles is to dig into a working example. In this workshop, we’ll expose you to the core concepts of SaaS architecture then dive into a reference SaaS architecture where you can see the moving parts of a SaaS solution in action. The goal here is to provide a series of activities that allow you to interact with a functional solution, introducing code and configuration that realizes and extends the capabilities of this SaaS environment. Through this combination of a brief lecture and hands-on exercises, you’ll get a healthy dose of SaaS best practices all through the lens of a working reference solution.
Augmenting Security Posture and Improving Operational Health with AWS CloudTr...Amazon Web Services
Enabling AWS CloudTrail for auditing purposes is often a corporate mandate, but do you know how to use CloudTrail events to improve your security and operational posture? Come learn how CloudTrail can help improve your operational monitoring and troubleshooting, security analysis, and compliance auditing processes. Discover best practices for setting up and using CloudTrail; explore use cases for data mining CloudTrail event data; learn how to set up alerts based on activity in your account; and learn about advanced use cases. Also learn how to implement data plane governance autoEnabling AWS CloudTrail for auditing purposes is often a corporate mandate, but do you know how to use CloudTrail events to improve your security and operational posture? Come learn how CloudTrail can help improve your operational monitoring and troubleshooting, security analysis, and compliance auditing processes. Discover best practices for setting up and using CloudTrail; explore use cases for data mining CloudTrail event data; learn how to set up alerts based on activity in your account; and learn about advanced use cases. Also learn how to implement data plane governance automation using data events from Amazon S3 and AWS Lambda.
mation using data events from Amazon S3 and AWS Lambda.
Optimizing Costs as You Scale on AWS (ENT302) - AWS re:Invent 2018Amazon Web Services
The cloud offers a first-in-a-career opportunity to constantly optimize your costs as you grow and stay on the leading edge of innovation. By developing a cost-conscious culture and assigning the responsibility for efficiency to the appropriate business owners, you can deliver innovation efficiently and cost effectively. In this session, we share The Vanguard Group’s real-world experience of optimizing their costs, and we review a wide range of cost planning, monitoring, and optimization strategies.
IAM for Enterprises: How Vanguard Matured IAM Controls to Support Micro Accou...Amazon Web Services
In this session, learn how Vanguard has matured their IAM controls and automation to support a micro-account strategy, providing further agility to developers while reducing blast radius and improving governance. You learn how Vanguard uses STS Federation at the OU level, builds common roles across all micro accounts, implements AWS Organizations SCPs, and uses different network control zones for admin vs. non-admin functions. Vanguard also shares how they are using AWS Lambda to block escalation of privilege.
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...Amazon Web Services
Performing forensics on AWS resources is a new experience for many customers who might have older runbooks based on on-premises workflows using manual steps, or perhaps no processes in place at all. In this session, get a deeper insight into the various runbooks to perform practical forensic tasks on AWS resources like Amazon EC2 instances, using a combination of industry tooling, AWS serverless services like AWS Lambda and AWS Step Functions, and managed services like Amazon Athena.
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Amazon Web Services
Join us for this hands-on workshop where you learn about a number of AWS services involved with threat detection and remediation as we walk through some real-world threat scenarios. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector and, of course, Amazon GuardDuty.
A DIY Guide to Runbooks, Security Incident Reports, & Incident Response (SEC3...Amazon Web Services
In this session, we discuss how you should be building your runbooks and security incident report system (SIRS) using your company's real-world configuration and processes. Our goal is to give you an easier way to start your runbooks and create a SIRS. Now you can be the hero for your company by building a strategy and finding out how secure you are. You also learn more about why you should be running a DevSecOps pipeline and how it will help your team find threats in your production environment. Finally, learn how things are different in each level of environment and where your developers should be working.
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...Amazon Web Services
Managing that balance between running machine learning (ML) and deep learning algorithms and following approved security practices from your security organization is critical in keeping your data and your customers’ data safe. In this chalk talk, we introduce a common ML/deep learning flow using Amazon SageMaker, identify various points of data exchange with Amazon EMR and Amazon S3, and dive deep into the security and governance of the data and infrastructure. Learn about using security controls and building processes with services like AWS CloudTrail, AWS Config, Amazon CloudWatch Events, and AWS Lambda. Gain an understanding of the options and best practices for running ML and deep learning on AWS.Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
Automating Compliance Certification with Automated Mathematical Proof (SEC330...Amazon Web Services
At AWS, we have begun using automated mathematical proof search methods to automate compliance certification. Our approach uses automated mathematical proof tools to find arguments that express, in a repeatable precise way, what controls are used, and why and how they are correctly implemented. In this chalk talk, learn how auditors can independently validate design and operating effectiveness using open-source and community-validated tools. This validation approach provides evidence of the operating effectiveness of a control at all times, for all operations. This approach can reduce costs and takes the time spent achieving compliance certification from months to seconds. This approach can also remove ambiguity from what it means to be compliant with a particular control.
The Perimeter is Dead. Long Live the Perimeters. (SEC312-S) - AWS re:Invent 2018Amazon Web Services
Traditional data center environments have regarded the network boundary as a stable perimeter of defense, using gateway firewalls for effective protection. The public cloud, however, is exposing a plethora of hosted services directly to its users, bypassing traditional network filtering technologies, and effectively creating new perimeters around the various services and data element. Examples of these new perimeters include Amazon S3 buckets, Amazon EBS snapshots, and AWS Lambda functions. This session is brought to you by AWS partner, Dome9 Security Inc.
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...Amazon Web Services
In this session, learn how LogMeIn moves quickly and stays secure through the power of automation on AWS. We walk through core AWS security building blocks, such as IAM, AWS CloudTrail, AWS Config, and Amazon CloudWatch. We dive deep into LogMeIn’s approach for empowering developers on AWS while also meeting required security controls.
Building Fraud Detection Systems with AWS Batch and Containers (DVC301) - AWS...Amazon Web Services
When analyzing information for fraud detection, tasks must be run periodically. When building a fraud detection system, start by preparing the data, and work with small chunks of data and run parallel jobs so your machine learning (ML) models can predict fraudulent activity. For that, you schedule computer resources and, of course, the script. With AWS Batch, you only worry about your application job and run it at scale. With containers, you think in small processes and let AWS Batch run them concurrently. In this session, learn to build a fraud detection system and integrate it with other AWS services.
This session is part of re:Invent Developer Community Day, a series led by AWS enthusiasts who share first-hand, technical insights on trending topics.
Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018Amazon Web Services
In this session, we cover the most common cloud security questions that we hear from customers. We provide detailed answers for each question, distilled from our practical experience working with organizations around the world. This session is for everyone who is curious about the cloud, cautious about the cloud, or excited about the cloud.
In this session, learn how AWS thinks about threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps address these challenges. We also provide an overview of key AWS services that detect and remediate threats to AWS. Finally, Terren Peterson, the VP of Software Engineering at Capital One, shares how his organization detects and remediates threats using Amazon GuardDuty and other AWS services.
A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...Amazon Web Services
The allure of the cloud is compelling and offers greater agility, elasticity, and reduced capex. Businesses seek to reap these benefits by migrating to AWS, all while enforcing corporate governance and security policies to minimize risk. To accomplish this objective, businesses must continuously monitor the performance of complex applications, which is not practical with point solutions, such as bytecode instrumentation. In this session, learn how NETSCOUT’s smart data platform enables continuous monitoring in hybrid cloud environments to minimize risk and control costs. Hear real-life examples of how businesses optimized their AWS migration, gaining visibility and deep insights into both the physical and virtual worlds, to maintain the continuity and security of the services throughout the migration process.This session is brought to you by AWS partner, NETSCOUT Systems.
Detecting Credential Compromise in AWS (SEC389) - AWS re:Invent 2018Amazon Web Services
Credential compromise in the cloud is not a threat that a single company faces. Rather, it is a widespread concern as more and more companies operate in the cloud. Credential compromise can lead to many different outcomes, depending on the motive of the attacker. In certain cases, this has led to erroneous AWS service usage for bitcoin mining or other nondestructive yet costly abuse. In other cases, it has led to companies shutting down due to the loss of data and infrastructure.
Drive Self-Service & Standardization in the First 100 Days of Your Cloud Migr...Amazon Web Services
In this session, learn how GoDaddy achieved self-service, standardization, and governance through AWS Service Catalog in the first 100 days of their cloud migration journey. We walk through GoDaddy’s use case of how they migrated to AWS with AWS Landing Zone, AWS Service Catalog, and the initial 100 days to establish their Cloud Center of Excellence to increase their speed of delivery and improve performance and reliability, while not sacrificing on security and financial controls.
A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...Amazon Web Services
Users are increasingly adopting AWS Cloud for their IT strategy to drive digital transformation. Securing clouds requires shared security responsibility. In this session, learn about the inherent threats and solutions needed to secure your entire cloud stack, from infrastructure to applications. Learn the importance of total visibility across your public clouds, and how to set up security for workloads from both internal and in the perimeter. Avoid issues such as data leaks and crypto-mining attacks through your cloud infrastructure with continuous security monitoring. Learn best practices from real-world examples of customers transparently orchestrating security into their practices and DevOps pipelines. This session is brought to you by AWS partner, Qualys.
Best Practices for Securing Serverless Applications (SEC362-R1) - AWS re:Inve...Amazon Web Services
Serverless for security professionals is a concept that deviates from traditional Infrastructure such as servers, network, and storage infrastructure. Serverless represents a new ecosystem of operational and security paradigms and enables new data flows. In this talk, we walk through a new model for securing serverless applications. We dissect a serverless application and examine the security best practices implemented. Participants learn to secure serverless applications using Amazon CloudFront, AWS WAF, Amazon Macie, AWS Secrets Manager, Amazon Cognito, AWS IAM, AWS KMS, AWS CloudTrail, AWS Config, and DevSecOps. Walk away with an understanding of the options and best practices for securing serverless workloads and adopting secure DevOps practices.
Inside AWS: Technology Choices for Modern Applications (SRV305-R1) - AWS re:I...Amazon Web Services
AWS offers a wide range of cloud computing services and technologies, but we rarely state opinions about which services and technologies customers should choose. When it comes to building our own services, our engineering groups have strong opinions, and they express them in the technologies they pick. Join Tim Bray, Senior Principal Engineer, to hear about the high-level choices that developers at AWS and our customers have to make. Here are a few: Are microservices always the way to go? Serverless, containers, or serverless containers? Is relational over? Is Java over? The talk is technical and based on our experience in building AWS services and working with customers on their cloud-native apps.
Operational Excellence with Containerized Workloads Using AWS Fargate (CON320...Amazon Web Services
This session will focus on how leveraging Fargate and its serverless approach to deploying and managing containers will help increase operational efficiencies and reduce the time to ramp up your operations to run production containerized workloads. Datree will share their journey to adopt containers and the steps they were able to accelerate and avoid by using Fargate as well do a demo.
Hybrid Identity Management and Security for Large Enterprises (ENT307-R2) - A...Amazon Web Services
In IT environments, identity is the key to governance and security. In this session, we discuss the challenges with identity in hybrid environments and some of the solutions. Topics include identity lifecycle management, single sign-on, multi-factor authentication, and dealing with multiple identity providers from different parties. We also cover the security requirements of a hybrid cloud environment: maintaining visbility, encryption, secure remote access, and compliance and auditing requirements.
Configure Your Cloud to Make It Rain on Threats (SEC335-R1) - AWS re:Invent 2018Amazon Web Services
Security on AWS is robust and feature rich, but how do you know what to do and how to start? This workshop covers how to start your AWS threat response automation platform using native AWS tools and OSS. We begin with how to collect and analyze all the different data sources in an AWS account. Next, we cover how to take that log data and automatically address risks identified from network intrusion, insider threats, or misconfigurations. We also cover preventative controls that can help block risk in the first place and alert you when drift occurs. Finally, we cover how to scale this all out to multiple accounts.
Supercharge GuardDuty with Partners: Threat Detection and Response at Scale (...Amazon Web Services
Amazon GuardDuty has the ability to detect threats. However, threat detection is only the first step. In this session, we combine the high fidelity findings of GuardDuty with partner products, and we demonstrate how to quickly respond, remediate, and prevent security incidents in order to supercharge and centralize your cloud security operations center (SOC).
IAM for Enterprises: How Vanguard Matured IAM Controls to Support Micro Accou...Amazon Web Services
In this session, learn how Vanguard has matured their IAM controls and automation to support a micro-account strategy, providing further agility to developers while reducing blast radius and improving governance. You learn how Vanguard uses STS Federation at the OU level, builds common roles across all micro accounts, implements AWS Organizations SCPs, and uses different network control zones for admin vs. non-admin functions. Vanguard also shares how they are using AWS Lambda to block escalation of privilege.
How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...Amazon Web Services
Performing forensics on AWS resources is a new experience for many customers who might have older runbooks based on on-premises workflows using manual steps, or perhaps no processes in place at all. In this session, get a deeper insight into the various runbooks to perform practical forensic tasks on AWS resources like Amazon EC2 instances, using a combination of industry tooling, AWS serverless services like AWS Lambda and AWS Step Functions, and managed services like Amazon Athena.
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Amazon Web Services
Join us for this hands-on workshop where you learn about a number of AWS services involved with threat detection and remediation as we walk through some real-world threat scenarios. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector and, of course, Amazon GuardDuty.
A DIY Guide to Runbooks, Security Incident Reports, & Incident Response (SEC3...Amazon Web Services
In this session, we discuss how you should be building your runbooks and security incident report system (SIRS) using your company's real-world configuration and processes. Our goal is to give you an easier way to start your runbooks and create a SIRS. Now you can be the hero for your company by building a strategy and finding out how secure you are. You also learn more about why you should be running a DevSecOps pipeline and how it will help your team find threats in your production environment. Finally, learn how things are different in each level of environment and where your developers should be working.
Securing Machine Learning Deployments for the Enterprise (SEC369-R1) - AWS re...Amazon Web Services
Managing that balance between running machine learning (ML) and deep learning algorithms and following approved security practices from your security organization is critical in keeping your data and your customers’ data safe. In this chalk talk, we introduce a common ML/deep learning flow using Amazon SageMaker, identify various points of data exchange with Amazon EMR and Amazon S3, and dive deep into the security and governance of the data and infrastructure. Learn about using security controls and building processes with services like AWS CloudTrail, AWS Config, Amazon CloudWatch Events, and AWS Lambda. Gain an understanding of the options and best practices for running ML and deep learning on AWS.Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
Automating Compliance Certification with Automated Mathematical Proof (SEC330...Amazon Web Services
At AWS, we have begun using automated mathematical proof search methods to automate compliance certification. Our approach uses automated mathematical proof tools to find arguments that express, in a repeatable precise way, what controls are used, and why and how they are correctly implemented. In this chalk talk, learn how auditors can independently validate design and operating effectiveness using open-source and community-validated tools. This validation approach provides evidence of the operating effectiveness of a control at all times, for all operations. This approach can reduce costs and takes the time spent achieving compliance certification from months to seconds. This approach can also remove ambiguity from what it means to be compliant with a particular control.
The Perimeter is Dead. Long Live the Perimeters. (SEC312-S) - AWS re:Invent 2018Amazon Web Services
Traditional data center environments have regarded the network boundary as a stable perimeter of defense, using gateway firewalls for effective protection. The public cloud, however, is exposing a plethora of hosted services directly to its users, bypassing traditional network filtering technologies, and effectively creating new perimeters around the various services and data element. Examples of these new perimeters include Amazon S3 buckets, Amazon EBS snapshots, and AWS Lambda functions. This session is brought to you by AWS partner, Dome9 Security Inc.
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...Amazon Web Services
In this session, learn how LogMeIn moves quickly and stays secure through the power of automation on AWS. We walk through core AWS security building blocks, such as IAM, AWS CloudTrail, AWS Config, and Amazon CloudWatch. We dive deep into LogMeIn’s approach for empowering developers on AWS while also meeting required security controls.
Building Fraud Detection Systems with AWS Batch and Containers (DVC301) - AWS...Amazon Web Services
When analyzing information for fraud detection, tasks must be run periodically. When building a fraud detection system, start by preparing the data, and work with small chunks of data and run parallel jobs so your machine learning (ML) models can predict fraudulent activity. For that, you schedule computer resources and, of course, the script. With AWS Batch, you only worry about your application job and run it at scale. With containers, you think in small processes and let AWS Batch run them concurrently. In this session, learn to build a fraud detection system and integrate it with other AWS services.
This session is part of re:Invent Developer Community Day, a series led by AWS enthusiasts who share first-hand, technical insights on trending topics.
Top Cloud Security Myths - Dispelled! (SEC202-R1) - AWS re:Invent 2018Amazon Web Services
In this session, we cover the most common cloud security questions that we hear from customers. We provide detailed answers for each question, distilled from our practical experience working with organizations around the world. This session is for everyone who is curious about the cloud, cautious about the cloud, or excited about the cloud.
In this session, learn how AWS thinks about threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps address these challenges. We also provide an overview of key AWS services that detect and remediate threats to AWS. Finally, Terren Peterson, the VP of Software Engineering at Capital One, shares how his organization detects and remediates threats using Amazon GuardDuty and other AWS services.
A New Approach to Continuous Monitoring in the Cloud: Migrate to AWS with NET...Amazon Web Services
The allure of the cloud is compelling and offers greater agility, elasticity, and reduced capex. Businesses seek to reap these benefits by migrating to AWS, all while enforcing corporate governance and security policies to minimize risk. To accomplish this objective, businesses must continuously monitor the performance of complex applications, which is not practical with point solutions, such as bytecode instrumentation. In this session, learn how NETSCOUT’s smart data platform enables continuous monitoring in hybrid cloud environments to minimize risk and control costs. Hear real-life examples of how businesses optimized their AWS migration, gaining visibility and deep insights into both the physical and virtual worlds, to maintain the continuity and security of the services throughout the migration process.This session is brought to you by AWS partner, NETSCOUT Systems.
Detecting Credential Compromise in AWS (SEC389) - AWS re:Invent 2018Amazon Web Services
Credential compromise in the cloud is not a threat that a single company faces. Rather, it is a widespread concern as more and more companies operate in the cloud. Credential compromise can lead to many different outcomes, depending on the motive of the attacker. In certain cases, this has led to erroneous AWS service usage for bitcoin mining or other nondestructive yet costly abuse. In other cases, it has led to companies shutting down due to the loss of data and infrastructure.
Drive Self-Service & Standardization in the First 100 Days of Your Cloud Migr...Amazon Web Services
In this session, learn how GoDaddy achieved self-service, standardization, and governance through AWS Service Catalog in the first 100 days of their cloud migration journey. We walk through GoDaddy’s use case of how they migrated to AWS with AWS Landing Zone, AWS Service Catalog, and the initial 100 days to establish their Cloud Center of Excellence to increase their speed of delivery and improve performance and reliability, while not sacrificing on security and financial controls.
A 360-Degree Cloud-Native Approach to Secure Your AWS Cloud Stack (SEC313-S) ...Amazon Web Services
Users are increasingly adopting AWS Cloud for their IT strategy to drive digital transformation. Securing clouds requires shared security responsibility. In this session, learn about the inherent threats and solutions needed to secure your entire cloud stack, from infrastructure to applications. Learn the importance of total visibility across your public clouds, and how to set up security for workloads from both internal and in the perimeter. Avoid issues such as data leaks and crypto-mining attacks through your cloud infrastructure with continuous security monitoring. Learn best practices from real-world examples of customers transparently orchestrating security into their practices and DevOps pipelines. This session is brought to you by AWS partner, Qualys.
Best Practices for Securing Serverless Applications (SEC362-R1) - AWS re:Inve...Amazon Web Services
Serverless for security professionals is a concept that deviates from traditional Infrastructure such as servers, network, and storage infrastructure. Serverless represents a new ecosystem of operational and security paradigms and enables new data flows. In this talk, we walk through a new model for securing serverless applications. We dissect a serverless application and examine the security best practices implemented. Participants learn to secure serverless applications using Amazon CloudFront, AWS WAF, Amazon Macie, AWS Secrets Manager, Amazon Cognito, AWS IAM, AWS KMS, AWS CloudTrail, AWS Config, and DevSecOps. Walk away with an understanding of the options and best practices for securing serverless workloads and adopting secure DevOps practices.
Inside AWS: Technology Choices for Modern Applications (SRV305-R1) - AWS re:I...Amazon Web Services
AWS offers a wide range of cloud computing services and technologies, but we rarely state opinions about which services and technologies customers should choose. When it comes to building our own services, our engineering groups have strong opinions, and they express them in the technologies they pick. Join Tim Bray, Senior Principal Engineer, to hear about the high-level choices that developers at AWS and our customers have to make. Here are a few: Are microservices always the way to go? Serverless, containers, or serverless containers? Is relational over? Is Java over? The talk is technical and based on our experience in building AWS services and working with customers on their cloud-native apps.
Operational Excellence with Containerized Workloads Using AWS Fargate (CON320...Amazon Web Services
This session will focus on how leveraging Fargate and its serverless approach to deploying and managing containers will help increase operational efficiencies and reduce the time to ramp up your operations to run production containerized workloads. Datree will share their journey to adopt containers and the steps they were able to accelerate and avoid by using Fargate as well do a demo.
Hybrid Identity Management and Security for Large Enterprises (ENT307-R2) - A...Amazon Web Services
In IT environments, identity is the key to governance and security. In this session, we discuss the challenges with identity in hybrid environments and some of the solutions. Topics include identity lifecycle management, single sign-on, multi-factor authentication, and dealing with multiple identity providers from different parties. We also cover the security requirements of a hybrid cloud environment: maintaining visbility, encryption, secure remote access, and compliance and auditing requirements.
Configure Your Cloud to Make It Rain on Threats (SEC335-R1) - AWS re:Invent 2018Amazon Web Services
Security on AWS is robust and feature rich, but how do you know what to do and how to start? This workshop covers how to start your AWS threat response automation platform using native AWS tools and OSS. We begin with how to collect and analyze all the different data sources in an AWS account. Next, we cover how to take that log data and automatically address risks identified from network intrusion, insider threats, or misconfigurations. We also cover preventative controls that can help block risk in the first place and alert you when drift occurs. Finally, we cover how to scale this all out to multiple accounts.
Supercharge GuardDuty with Partners: Threat Detection and Response at Scale (...Amazon Web Services
Amazon GuardDuty has the ability to detect threats. However, threat detection is only the first step. In this session, we combine the high fidelity findings of GuardDuty with partner products, and we demonstrate how to quickly respond, remediate, and prevent security incidents in order to supercharge and centralize your cloud security operations center (SOC).
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Insider Threat detection! Working on active systems! How can you find a threat in a current, and realistic production environment. Just like yours. Different ways to find signals in the noise. Bring your questions and logs to discuss.
Sebastien Linsolas, Solutions Architect, AWS
Come and learn the latest and greatest tricks for automating your incident response and forensics in the cloud. This session focuses on automating your cloud incident response processes covering external and insider threats, triggers, canaries, containment, and data loss prevention. Products & Services: AWS IAM, AWS Lambda, Amazon GuardDuty, AWS Step Functions, Amazon CloudWatch, AWS Cloud Trail, Amazon Macie.
Threat Detection and Mitigation at Scale on AWS - SID301 - Toronto AWS SummitAmazon Web Services
In this session, you learn how AWS handles threat detection and remediation. We summarize the challenges of traditional threat detection efforts, and we explain how AWS helps to address these challenges. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty.
Easily Transform Compliance to Code using AWS Config, Config Rules, and the R...Amazon Web Services
Topic: Easily transform compliance to code using AWS Config, Config Rules, and the Rules Development Kit
Synopsis:
Enterprises find that they have specific requirements imposed by their business, internal policies, or their particular auditors. As an organisation's cloud environments continue to scale and grow, how do you ensure that the number of growing resources are adhering to your security standards and compliance requirements? In this webinar, we'll learn about how to use cloud native services such as AWS config and custom config rules, to automate audits in a rapidly changing environment and ensure we achieve continuous detection of existing and newly launched AWS resources along with their levels of compliance to enterprise security requirements.
Security policies and standards can be difficult to decipher by developers or the business. Using a behaviour driven development approach, we can define our security requirements to scenario based tests in Gherkin, making it easy for developers and the business to understand the requirement. Security Operations teams or developers can then build scenario based tests as well as develop the associated lambda function for their custom Config Rule. The Rules Development Kit (RDK) for Config Rules is an open-source command-line utility designed to help you shorten the development time of custom Config Rules by up to 5 times. In this session, we'll cover how to use the RDK to write unit tests and build the lambda functions for the custom Config Rule in python, and ensure it behaves as per our requirements defined in Gherkin.
What to expect:
-Learn AWS Config and Config Rules Concepts
-Understand best practice and concepts on behaviour driven development for config rules
-Learn to develop lambda functions for config rules in python using the Rules Development Kit (RDK)
-Discover how to securely set up your environment for deployments
This workshop is a Level 200 session and is best suited for:
-Developers
-DevOps
-Security Architects
-Engineers
-Security Operations
-Technical Managers
Lock It Down: How to Secure Your Organization's AWS AccountAmazon Web Services
The cloud enables users to run workloads in a more secure fashion than what typically can be done in a traditional datacenter. However, many customers are still not sure how to actually harden their AWS accounts and resources and make sure compliance is being enforced. When large customers have multiple accounts, ensuring consistency around governance can also be of concern. In this session we will review how to use automation, tools and techniques to harden and audit your AWS accounts and also how to leverage AWS Organizations to ensure compliance in your enterprise.
Geordie Anderson, Security Specialist Solutions Architect, Amazon Web Services
Sean Donaghy, Senior Cyber Security Advisor, Canadian Centre for Cyber Security, Communications Security Establishment, Government of Canada
Michael Davie, Security Engineer, Canadian Centre for Cyber Security, Communications Security Establishment, Government of Canada
Intro to Threat Detection & Remediation on AWS: AWS Security Week at the SF LoftAmazon Web Services
Introduction to Threat Detection and Remediation on AWS: AWS Security Week at the San Francisco Loft
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Level: 100
Speaker: Nathan Case - Sr. Solutions Architect, AWS
Threat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS SummitAmazon Web Services
In this session, learn how AWS thinks about threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps address these challenges. We also provide an overview of key AWS services that detect and remediate threats to AWS.
Red Team vs. Blue Team on AWS (DVC304) - AWS re:Invent 2018Amazon Web Services
Red teamers, penetration testers, and attackers can leverage the same tools used by developers to attack AWS accounts. In this session, two technical security experts demonstrate how an attacker can perform reconnaissance and pivoting on AWS, leverage network, AWS Lambda functions, and implementation weaknesses to steal credentials and data. They then show you how to defend your environment from these threats.This session is part of re:Invent Developer Community Day, a series led by AWS enthusiasts who share first-hand, technical insights on trending topics.
In this session, we provide an overview of how AWS thinks about threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps address these challenges. We also provide an overview of key AWS services that can be used to detect and remediate threats to AWS. Finally, we conclude with examples of threat detection and remediation on AWS and an provide an opportunity for key service demos.
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS SummitAmazon Web Services
In this session, you learn how AWS handles threat detection and remediation. We summarize the challenges of traditional threat detection efforts, and we explain how AWS helps to address these challenges. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty.
Red Team vs. Blue Team on AWS ~ re:Invent 2018Teri Radichel
Red Teaming and Pen Testing steps taken on a vulnerable account followed by Blue Teaming and cloud security defensive strategies. Teri Radichel and Kolby Allen at re:Invent 2018
This session will review how to secure your enterprise adoption of AWS at scale. At AWS security is job zero and at the heart of everything we build. This session will review the patterns of usage for AWS Identity and Access Management, AWS Key Management Service, AWS CloudTrail, AWS Config, Amazon GuardDuty AWS Systems Manager Parameter Store, Amazon EC2 Run Command, AWS Single Sign-On, AWS WAF, AWS Shield, and AWS Service Catalog to an create end-to-end security approach for your AWS cloud adoption. You will gain insight how these AWS services come together to increase your security posture in ways that are unique to AWS workloads.
Turner’s Journey to Scale Securely on a Lean Budget (SEC357-R1) - AWS re:Inve...Amazon Web Services
Enterprises increasingly segregate workloads (or teams) into multiple AWS accounts as a best practice for security and billing purposes. Some enterprises even have healthy security budgets largely driven by legal requirements. But, what do you do if you don't have a regulatory imperative and the budget that comes with it? This session discusses Turner's journey from a handful of accounts to a secure, multi-account AWS environment. We discuss how we automate and audit across a global organization using almost exclusively native AWS tools.
by Greg McConnel, Sr. Security Solutions Architect, AWS
This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.
Scalable, Automated Anomaly Detection with GuardDuty, CloudTrail, & Amazon Sa...Amazon Web Services
This workshop gives attendees an opportunity to develop a solution that can continuously monitor for and detect a realistic threat using Amazon GuardDuty in combination with machine learning-based AWS CloudTrail log analysis in Amazon SageMaker. Attendees learn how to perform serverless analysis of the Amazon CloudWatch Events for GuardDuty findings in AWS Lambda, load them into an ML model in Amazon SageMaker, and produce predictive alerts.
Learning Objectives:
- Learn how GuardDuty continuously monitors for unauthorized behavior to help protect AWS accounts and workloads
- Understand how GuardDuty uses machine learning to detect anomalous account and network activities
- See how a SOC team can triage threats from a single console and automate security responses
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS SummitAmazon Web Services
In this session, learn how AWS addresses threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps you address them. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty.
Similar to How Zocdoc Achieves Automatic Threat Detection & Remediation with Security as Code (SEC321-R1) - AWS re:Invent 2018 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.