AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)Amazon Web Services
In this session, we share best practices and easily-leveraged solutions for enacting autonomous systems in the face of subversion. From gag orders to warrantless searches and seizures, learn about specific tactics to protect and exercise data privacy, both for partners and customers.
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish. In this session, we'll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Five Steps to Creating a Secure Hybrid Cloud ArchitectureAmazon Web Services
A hybrid Architecture is one of the easiest ways to securely address new application requirements and cloud-first development initiatives. This approach allows you to start small and expand as your requirements change while maintaining a strong security posture. In this session, you will learn the 5 key steps to building a hybrid architecture on AWS using the VM-Series next-generation firewall.
CloudHSM: Secure, Scalable Key Storage in AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Educate customers in the types of problems CloudHSM solves for them
- Build customer trust in the ability of CloudHSM to secure their workloads and data
- Energize customers to try out the service and use it to transfer and/or modernize workloads in AWS
One of the biggest challenges in writing code that manages encrypted data is developing a secure model for obtaining keys and rotating them when an administrator leaves. AWS Key Management Service (KMS) changes the equation by offering key management as a service, enabling a number of security improvements over conventional key storage methods. Jon Todd will show how Okta uses the KMS API to secure a multi-region system serving thousands of customers. This talk is oriented toward developers looking to secure their applications and simplify key management.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
AWS re:Invent 2016: AWS Partners and Data Privacy (GPST303)Amazon Web Services
In this session, we share best practices and easily-leveraged solutions for enacting autonomous systems in the face of subversion. From gag orders to warrantless searches and seizures, learn about specific tactics to protect and exercise data privacy, both for partners and customers.
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability, and control. You have to know what you have and where it is before you can assess the environment against best practices, internal standards, and compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says that "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish. In this session, we'll cover these topics to provide a practical understanding of the security programs, procedures, and best practices you can use to enhance your current security posture.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Five Steps to Creating a Secure Hybrid Cloud ArchitectureAmazon Web Services
A hybrid Architecture is one of the easiest ways to securely address new application requirements and cloud-first development initiatives. This approach allows you to start small and expand as your requirements change while maintaining a strong security posture. In this session, you will learn the 5 key steps to building a hybrid architecture on AWS using the VM-Series next-generation firewall.
CloudHSM: Secure, Scalable Key Storage in AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Educate customers in the types of problems CloudHSM solves for them
- Build customer trust in the ability of CloudHSM to secure their workloads and data
- Energize customers to try out the service and use it to transfer and/or modernize workloads in AWS
One of the biggest challenges in writing code that manages encrypted data is developing a secure model for obtaining keys and rotating them when an administrator leaves. AWS Key Management Service (KMS) changes the equation by offering key management as a service, enabling a number of security improvements over conventional key storage methods. Jon Todd will show how Okta uses the KMS API to secure a multi-region system serving thousands of customers. This talk is oriented toward developers looking to secure their applications and simplify key management.
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...Amazon Web Services
As attackers become more sophisticated, web application developers need to constantly update their security configurations. Static firewall rules are no longer good enough. Developers need a way to deploy automated security that can learn from the application behavior and identify bad traffic patterns to detect bad bots or bad actors on the Internet. This session showcases some of the real-world customer use cases that use machine learning and AWS WAF (a web application firewall) with automated incident response and machine learning to automatically identify bad actors. We also present tutorials and code samples that show how customers can analyze traffic patterns and deploy new AWS WAF rules on the fly.
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar SeriesAmazon Web Services
Today’s web applications are becoming increasingly difficult to secure. AWS WAF helps to protect web applications from attack by blocking common web exploits like SQL injection and cross-site scripting. This session will introduce AWS WAF, how it integrates with other AWS services and how to use it to help protect your web applications. We will also demo how to deploy preconfigured rules and security automation on AWS WAF.
Learning Objectives:
• Understand the basics of AWS WAF
• Learn about AWS WAF’s ease of use and fast incident response
• Learn how to deploy preconfigured rules and security automation
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss Key Management Service, S3, access controls, and database platform security features.
AWS Summit 2014 Melbourne - Breakout 3
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
Creating Your Virtual Data Center: Amazon VPC Fundamentals and Connectivity O...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
AWS re:Invent 2016: Advanced Techniques for Managing Sensitive Data in the Cl...Amazon Web Services
In this session, we discuss compliance programs at AWS, as well as key AWS security best practices for technology and consulting partners. Regardless of whether you have customers with stringent compliance requirements, security should be a top priority when thinking about your customer service model. AWS provides native security tools at all layers with such services AWS Identity and Access Management (IAM) and AWS Key Management Service (AWS KMS), which we dive deep into during this session. We provide a framework for using IAM roles and customer-managed encryption keys to securely interact with your customer's data and also showcase working example code that can be implemented across all compliance frameworks, as well as across applications that do not have specific compliance requirements.
(SEC301) Strategies for Protecting Data Using Encryption in AWSAmazon Web Services
Protecting sensitive data in the cloud typically requires encryption. Managing the keys used for encryption can be challenging as your sensitive data passes between services and applications. AWS offers several options for using encryption and managing keys to help simplify the protection of your data at rest. This session will help you understand which features are available and how to use them, with emphasis on AWS Key Management Service and AWS CloudHSM. Adobe Systems Incorporated will present their experience using AWS encryption services to solve data security needs.
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Amazon Web Services
(Presented by Alert Logic) AWS provides multiple levels of security between the physical server and facilities up to the host operating system and virtualization layer. This session covers strategies for ensuring your applications, network, and data are secure in a highly-scalable environment.
In this session, you receive practical guidance for implementing scalable web application security in the AWS cloud, including:
-Common techniques and tools used to provide security for auto-scaling web applications including Chef/Puppet, AWS CloudFormation, and Elastic Load Balancing.
-Using auto-scaling groups and requirements for management APIs in automatically deploying web security infrastructure.
-Common scaling triggers and mechanisms by which web application security infrastructure must scale to operate in lockstep with elastic web server farms.
-Approach for deploying application security controls embedded directly into web applications, and considerations for PaaS cloud environments.
This session is designed for an advanced audience with strong understanding of IP networking, web application security fundamentals, and experience in managing security infrastructure in a public cloud environment; however, the information covered is also of interest to intermediate attendees that set technology strategy and formulate requirements for cloud security controls.
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
Amazon Web Services (AWS) delivers a scalable cloud computing platform with high availability and dependability, offering flexibility for customers to build a wide range of applications. Helping to protect the security of our customers’ content is of utmost importance to AWS, as is maintaining customer trust and confidence. Under the AWS shared responsibility model, AWS provides a secure global infrastructure, including compute, storage, networking and database services, as well as a range of high level services. AWS provides a range of security services and features that AWS customers can use to secure their content and meet their own specific business requirements for security. This webinar focuses on how you can make use of AWS security features to meet your own organization's security and compliance objectives.
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). We will discuss core VPC concepts including picking your IP space, subnetting, routing, security, NAT and VPC Endpoints.
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity OptionsAmazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013Amazon Web Services
This session will discuss the options available for encrypting data at rest and key management in AWS. It will focus on two primary scenarios: (1) AWS manages encryption keys on behalf of the customer to provide automated server-side encryption; (2) the customer manages their own encryption keys using partner solutions and/or AWS CloudHSM. Real-world customer examples will be presented to demonstrate adoption drivers of specific encryption technologies in AWS. Netflix Jason Chan will provide an overview of how NetFlix uses CloudHSM for secure key storage.
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013Amazon Web Services
AWS OpsWorks is a solution for managing applications of any scale or complexity on the AWS cloud. Accelerate your use of OpsWorks by learning how to use several of its operational features in this Zero to Sixty session. It starts with a demo of the OpsWorks main workflows—manage and configure instances, create and deploy apps, monitoring, and security. BeachMint will explain how they set up OpsWorks as part of their continuous deployment pipeline. The session finishes off by explaining how to use the OpsWorks API and Chef recipes to automate standard operating procedures. Demos and code samples are available to all session attendees.
Are you new to AWS OpsWorks? Get up to speed for this session by first completing the 60-minute Introduction to AWS OpsWorks lab in the Self-Paced Hands-On Lab Lounge. It will lead you through all major functions of the service with a fun example.
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...Amazon Web Services
Cloud computing offers many advantages, such as the ability to scale your web applications or website on demand. But how do you scale your security and compliance infrastructure along with the business? Join this session to understand best practices for scaling your security resources as you grow from zero to millions of users. Specifically, you learn the following:
How to scale your security and compliance infrastructure to keep up with a rapidly expanding threat base.
The security implications of scaling for numbers of users and numbers of applications, and how to satisfy both needs.
How agile development with integrated security testing and validation leads to a secure environment.
Best practices and design patterns of a continuous delivery pipeline and the appropriate security-focused testing for each.
The necessity of treating your security as code, just as you would do with infrastructure.
The services covered in this session include AWS IAM, Auto Scaling, Amazon Inspector, AWS WAF, and Amazon Cognito.
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...Amazon Web Services
In this workshop, we help you understand how you can help protect your web applications from threats cost effectively by using AWS WAF and Amazon CloudFront. As attacks and attempts to exploit vulnerabilities in web applications become more sophisticated and automated, having an effective web request filtering solution becomes key to keeping your users' data safe. We will cover common attack vectors and what you can do to mitigate them. You will learn how to leverage AWS WAF in conjunction with Amazon CloudFront to detect unwanted traffic and block it using simple configurations and automations.
Prerequisites:
Participants should have an AWS account established and available for use during the workshop.
Please bring your own laptop.
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...Amazon Web Services
This session tells the story of how security-minded enterprises provide end-to-end protection of their sensitive data in AWS. Learn about the enterprise security architecture design decisions made by Fortune 500 organizations during actual sensitive workload deployments, as told by the AWS security solution architects and professional service security, risk, and compliance team members who lived them. In this technical walkthrough, we share lessons learned from the development of enterprise security strategy, security use-case development, end-to-end security architecture and service composition, security configuration decisions, and the creation of AWS security operations playbooks to support the architecture.
AWS re:Invent 2016: Security Automation: Spend Less Time Securing Your Applic...Amazon Web Services
As attackers become more sophisticated, web application developers need to constantly update their security configurations. Static firewall rules are no longer good enough. Developers need a way to deploy automated security that can learn from the application behavior and identify bad traffic patterns to detect bad bots or bad actors on the Internet. This session showcases some of the real-world customer use cases that use machine learning and AWS WAF (a web application firewall) with automated incident response and machine learning to automatically identify bad actors. We also present tutorials and code samples that show how customers can analyze traffic patterns and deploy new AWS WAF rules on the fly.
Setup Preconfigured Protections on AWS WAF - November 2016 Webinar SeriesAmazon Web Services
Today’s web applications are becoming increasingly difficult to secure. AWS WAF helps to protect web applications from attack by blocking common web exploits like SQL injection and cross-site scripting. This session will introduce AWS WAF, how it integrates with other AWS services and how to use it to help protect your web applications. We will also demo how to deploy preconfigured rules and security automation on AWS WAF.
Learning Objectives:
• Understand the basics of AWS WAF
• Learn about AWS WAF’s ease of use and fast incident response
• Learn how to deploy preconfigured rules and security automation
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss Key Management Service, S3, access controls, and database platform security features.
AWS Summit 2014 Melbourne - Breakout 3
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
Creating Your Virtual Data Center: Amazon VPC Fundamentals and Connectivity O...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
AWS re:Invent 2016: Advanced Techniques for Managing Sensitive Data in the Cl...Amazon Web Services
In this session, we discuss compliance programs at AWS, as well as key AWS security best practices for technology and consulting partners. Regardless of whether you have customers with stringent compliance requirements, security should be a top priority when thinking about your customer service model. AWS provides native security tools at all layers with such services AWS Identity and Access Management (IAM) and AWS Key Management Service (AWS KMS), which we dive deep into during this session. We provide a framework for using IAM roles and customer-managed encryption keys to securely interact with your customer's data and also showcase working example code that can be implemented across all compliance frameworks, as well as across applications that do not have specific compliance requirements.
(SEC301) Strategies for Protecting Data Using Encryption in AWSAmazon Web Services
Protecting sensitive data in the cloud typically requires encryption. Managing the keys used for encryption can be challenging as your sensitive data passes between services and applications. AWS offers several options for using encryption and managing keys to help simplify the protection of your data at rest. This session will help you understand which features are available and how to use them, with emphasis on AWS Key Management Service and AWS CloudHSM. Adobe Systems Incorporated will present their experience using AWS encryption services to solve data security needs.
Auto-Scaling Web Application Security in Amazon Web Services (SEC308) | AWS r...Amazon Web Services
(Presented by Alert Logic) AWS provides multiple levels of security between the physical server and facilities up to the host operating system and virtualization layer. This session covers strategies for ensuring your applications, network, and data are secure in a highly-scalable environment.
In this session, you receive practical guidance for implementing scalable web application security in the AWS cloud, including:
-Common techniques and tools used to provide security for auto-scaling web applications including Chef/Puppet, AWS CloudFormation, and Elastic Load Balancing.
-Using auto-scaling groups and requirements for management APIs in automatically deploying web security infrastructure.
-Common scaling triggers and mechanisms by which web application security infrastructure must scale to operate in lockstep with elastic web server farms.
-Approach for deploying application security controls embedded directly into web applications, and considerations for PaaS cloud environments.
This session is designed for an advanced audience with strong understanding of IP networking, web application security fundamentals, and experience in managing security infrastructure in a public cloud environment; however, the information covered is also of interest to intermediate attendees that set technology strategy and formulate requirements for cloud security controls.
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
Amazon Web Services (AWS) delivers a scalable cloud computing platform with high availability and dependability, offering flexibility for customers to build a wide range of applications. Helping to protect the security of our customers’ content is of utmost importance to AWS, as is maintaining customer trust and confidence. Under the AWS shared responsibility model, AWS provides a secure global infrastructure, including compute, storage, networking and database services, as well as a range of high level services. AWS provides a range of security services and features that AWS customers can use to secure their content and meet their own specific business requirements for security. This webinar focuses on how you can make use of AWS security features to meet your own organization's security and compliance objectives.
Amazon Virtual Private Cloud (VPC): Networking Fundamentals and Connectivity ...Amazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). We will discuss core VPC concepts including picking your IP space, subnetting, routing, security, NAT and VPC Endpoints.
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity OptionsAmazon Web Services
In this session, we will walk through the fundamentals of Amazon Virtual Private Cloud (VPC). First, we will cover build-out and design fundamentals for VPC, including picking your IP space, subnetting, routing, security, NAT, and much more. We will then transition into different approaches and use cases for optionally connecting your VPC to your physical data center with VPN or AWS Direct Connect. This mid-level architecture discussion is aimed at architects, network administrators, and technology decision-makers interested in understanding the building blocks AWS makes available with VPC and how you can connect this with your offices and current data center footprint.
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013Amazon Web Services
This session will discuss the options available for encrypting data at rest and key management in AWS. It will focus on two primary scenarios: (1) AWS manages encryption keys on behalf of the customer to provide automated server-side encryption; (2) the customer manages their own encryption keys using partner solutions and/or AWS CloudHSM. Real-world customer examples will be presented to demonstrate adoption drivers of specific encryption technologies in AWS. Netflix Jason Chan will provide an overview of how NetFlix uses CloudHSM for secure key storage.
Zero to Sixty: AWS OpsWorks (DMG202) | AWS re:Invent 2013Amazon Web Services
AWS OpsWorks is a solution for managing applications of any scale or complexity on the AWS cloud. Accelerate your use of OpsWorks by learning how to use several of its operational features in this Zero to Sixty session. It starts with a demo of the OpsWorks main workflows—manage and configure instances, create and deploy apps, monitoring, and security. BeachMint will explain how they set up OpsWorks as part of their continuous deployment pipeline. The session finishes off by explaining how to use the OpsWorks API and Chef recipes to automate standard operating procedures. Demos and code samples are available to all session attendees.
Are you new to AWS OpsWorks? Get up to speed for this session by first completing the 60-minute Introduction to AWS OpsWorks lab in the Self-Paced Hands-On Lab Lounge. It will lead you through all major functions of the service with a fun example.
AWS re:Invent 2016: Scaling Security Resources for Your First 10 Million Cust...Amazon Web Services
Cloud computing offers many advantages, such as the ability to scale your web applications or website on demand. But how do you scale your security and compliance infrastructure along with the business? Join this session to understand best practices for scaling your security resources as you grow from zero to millions of users. Specifically, you learn the following:
How to scale your security and compliance infrastructure to keep up with a rapidly expanding threat base.
The security implications of scaling for numbers of users and numbers of applications, and how to satisfy both needs.
How agile development with integrated security testing and validation leads to a secure environment.
Best practices and design patterns of a continuous delivery pipeline and the appropriate security-focused testing for each.
The necessity of treating your security as code, just as you would do with infrastructure.
The services covered in this session include AWS IAM, Auto Scaling, Amazon Inspector, AWS WAF, and Amazon Cognito.
AWS re:Invent 2016: Workshop: Secure Your Web Application with AWS WAF and Am...Amazon Web Services
In this workshop, we help you understand how you can help protect your web applications from threats cost effectively by using AWS WAF and Amazon CloudFront. As attacks and attempts to exploit vulnerabilities in web applications become more sophisticated and automated, having an effective web request filtering solution becomes key to keeping your users' data safe. We will cover common attack vectors and what you can do to mitigate them. You will learn how to leverage AWS WAF in conjunction with Amazon CloudFront to detect unwanted traffic and block it using simple configurations and automations.
Prerequisites:
Participants should have an AWS account established and available for use during the workshop.
Please bring your own laptop.
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...Amazon Web Services
This session tells the story of how security-minded enterprises provide end-to-end protection of their sensitive data in AWS. Learn about the enterprise security architecture design decisions made by Fortune 500 organizations during actual sensitive workload deployments, as told by the AWS security solution architects and professional service security, risk, and compliance team members who lived them. In this technical walkthrough, we share lessons learned from the development of enterprise security strategy, security use-case development, end-to-end security architecture and service composition, security configuration decisions, and the creation of AWS security operations playbooks to support the architecture.
AWS December 2015 Webinar Series - Introducing Amazon InspectorAmazon Web Services
Amazon Inspector is a new service from AWS that helps you identify security issues in the applications that you deploy and run on AWS. Use Amazon Inspector to assess the security posture of the Amazon EC2 instances running your applications, in order to identify areas that can be improved before you expose them to a production threat environment.
This webinar will cover getting started with Amazon Inspector, how to automate the process, how to manage and act on findings, and additional ways you can enhance your development and release lifecycle using Amazon Inspector.
Learning Objectives:
Understand the basics of Amazon Inspector
Learn how to assess your security posture and identify areas that can be improved
Who Should Attend:
Security professionals, people who are responsible for host or application security, and anyone interested in standards compliance
[AWS Days Microsoft-LA 2015]: Software Licensing Considerations for Enterpris...Amazon Web Services
Migrating your enterprise applications to the cloud may mean reconsidering your software licensing as well as existing investments in operating systems and enterprise applications. This presentation will cover what AWS offers to protect your existing investments in software licenses and give you pointers towards significant savings, including licensing models and architecture considerations for the cloud. We will also explore popular ways to save on licenses for Microsoft products including SharePoint Server, Exchange Server, SQL Server and Windows on the AWS cloud using programs like Microsoft License Mobility and features like Amazon EC2 Dedicated Instances.
In this video from the 2014 HPC User Forum in Seattle, David Pellerin from Amazon presents: Update on HPC Use on AWS.
"High Performance Computing (HPC) allows scientists and engineers to solve complex science, engineering, and business problems using applications that require high bandwidth, low latency networking, and very high compute capabilities. AWS allows you to increase the speed of research by running high performance computing in the cloud and to reduce costs by providing Cluster Compute or Cluster GPU servers on-demand without large capital investments. You have access to a full-bisection, high bandwidth network for tightly-coupled, IO-intensive workloads, which enables you to scale out across thousands of cores for throughput-oriented applications."
Watch the video presentation: http://wp.me/p3RLHQ-d0n
Behind the Scenes: Deploying a Low-Latency Multiplayer Game GloballyJames Gwertzman
A deep dive into the guts of running a low-latency multiplayer game on a global scale using Amazon Web Services. You’ll get the details on how the Top 10 F2P shooter Loadout was launched on both PC and PS4 and how PlayFab’s complete backend and live game operations platform is architected to handle the scale these kind of games demand. Delivered on July 7 at the AWS Loft in San Francisco.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
Security and Compliance – Most Commonly Asked Questions - Technical 101Amazon Web Services
We've heard from our customers that using AWS allows them to operate even more securely than they could in their own data centres. Why is this? We will tackle the most commonly asked security & compliance questions customers ask when adopting the AWS Cloud. We will demonstrate practical ways to make sure you're operating securely, and hear first-hand from an AWS customer about how they are using the platform today and the importance of getting this right.
Speaker: Matthew Jobson, Account Manager, Amazon Web Services & Ben Chung, Head of Security Assurance, Amazon Web Services, APAC
Featured Customer - Health Direct Australia
AWS re:Invent 2016: AWS Customers Saving Lives with Mobile and IoT Technology...Amazon Web Services
Join us for a compelling session to learn how technological innovation can save lives. Hear from a customer that uses AWS very differently and has the ability to move rapidly to address pressing societal problems with the aid of AWS. Learn how mobile and IoT technology allows them to scale and accelerate their impact. Speakers talk about why they selected specific AWS services, and how that allowed their teams to be agile and focus more on their solutions instead of undifferentiated plumbing. The ShotSpotter Flex gunfire data service uses acoustic sensors to detect gunshots in the field. Data is then transmitted to the AWS Cloud, and further processed to validate signatures and, if necessary, alert emergency dispatch teams.
Engage Your Customers with Amazon SNS Mobile Push (MBL308) | AWS re:Invent 2013Amazon Web Services
Amazon SNS mobile push is a scalable, fully-managed, cross-platform mobile push notifications service. In this session, we show you how to implement a massively scalable notification system across multiple platforms (including Apple, Google, and Kindle Fire devices). We cover common design patterns including the code you need, and we demonstrate live on stage just how fast and scalable SNS can be. Also hear from customers who have combined Amazon SNS with Amazon Redshift and Amazon DynamoDB to engage their own customers with precisely targeted messages.
AWS re:Invent 2016: AWS GovCloud (US) for Highly Regulated Workloads (WWPS301)Amazon Web Services
Learn how to architect for compliance in the AWS cloud and see how your organization can leverage the agility, cost savings, scalability, and flexibility of the cloud while meeting the most stringent regulatory and compliance requirements, including Federal Risk and Authorization Management Program (FedRAMP), ITAR, CJIS, HIPAA, and DoD Cloud Computing Security Requirements Guide (SRG) Levels 2 and 4. Hear best practices and practical use cases for using AWS GovCloud (US) to comply with a variety of regulatory regimes.
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
Amazon Web Services (AWS) delivers a scalable cloud computing platform with high availability and dependability, offering flexibility for customers to build a wide range of applications. Helping to protect the security of our customers content is of utmost importance to AWS, as is maintaining customer trust and confidence. Under the AWS shared responsibility model, AWS provides a secure global infrastructure, including compute, storage, networking and database services, as well as a range of high level services.
AWS provides a range of security services and features that AWS customers can use to secure their content and meet their own specific business requirements for security. This presentation focuses on how you can make use of AWS security features to meet your own organization's security and compliance objectives.
Topics covered include:
• The AWS approach to security and how responsibilities are shared between AWS and our customers
• How to build your own secure virtual private cloud and integrate it with your existing solutions
• How to use AWS Identity and Access Management to securely manage and operate your applications
• Best practices for securing your AWS account, your content and your applications
View a recording of this webinar here: http://youtu.be/Ihe_8o00-WI
AWS re:Invent 2016: Add User Sign-In, User Management, and Security to your M...Amazon Web Services
Secure user sign-up and sign-in is critical for many mobile and web applications. Amazon Cognito is the easiest way to secure your mobile and web applications by providing a comprehensive identity solution for end user management, registration, sign-in, and security. In this product deep dive, we will walk through Cognito’s feature set, which includes serverless flows for user management and sign-in, a fully managed user directory, integrations with existing corporate directories, and many other features. In addition, we will cover key use cases and discuss the associated benefits.
In this presentation I discuss variety of services provided by AWS. I choose services which are in my opinion most commonly used and which may benefit our Payment Platform project which is fully deployed on AWS. In the second part of presentation I show how AWS infrastructure is localized globally and what are differences between region, availability zone and edge location.
At our winter East Midlands Cyber Security Forum event, Dave Walker gave a presentation looking at Amazon’s security approach for their web services, outlining the key tools that are available to ensure a secure deployment.
http://qonex.com/east-midlands-cyber-security-forum/
This webinar will introduce the AWS Shared Security Model. We will examine how to use the inherent security of the AWS environment, coupled with the security tools and features AWS makes available, to create a resilient environment with the security you need.
Learning Objectives:
• Understand the security measures AWS puts in place to secure the environment where your data lives
• Understand the tools AWS offers to help you create a resilient environment with the security you need
• Consider actions when moving a sensitive workload to AWS • Security benefits you can expect by deploying in the AWS Cloud
Who Should Attend:
- Prospects and customers with a security background
- Who are interested in using AWS to manage security-sensitive workloads
Segurança é uma das principais características da nuvem da AWS. Nesta apresentação, analisamos o modelo de segurança compartilhada da AWS, e os serviços usados para implementar este modelo.
AWS Enterprise Day | Securing your Web Applications in the CloudAmazon Web Services
Security is a top priority to both AWS and its customers and many enterprises trust us with some of their most sensitive information, including financial, personal and health information. Learn about the key security features of AWS that these enterprise customers are using to build their own secure applications and secure and encrypt their content. We will also share how you can integrate AWS into your existing security policies and how partners like Trend Micro can help you extend this into the AWS Cloud.
Getting Started with Windows Workloads on Amazon EC2 - TorontoAmazon Web Services
Thinking through how you want to run Microsoft Windows Server and application workloads on AWS is straightforward, when you have a game plan. Understanding which service to leverage– like Amazon EC2, Amazon RDS, and Directory Services to name a few – will accelerate the process further. There are also a number of new enhancements to help make things even easier. In this session we will walk through how to think about mapping to the various AWS services available so you can get your deployment or migration project off to the right start. Think of this session as the decoder ring between your on-premises deployment and what you can expect from the AWS cloud for your Microsoft Windows Server and applications.
Shared Responsibility and Setting Up Secure Account StructuresAmazon Web Services
In addition to discussing the AWS Shared Responsibility Model in detail for Infrastructure, Container and Abstract Services, we present a reference architecture for a secure, multi-account enterprise structure, including Mandatory Access Control for logging and separation assurance for different groups and functions within an organisation.
IT teams in K12 wear many hats. From helping with technology in the classroom to managing district wide operations, it’s a balancing act every day. Join this webinar on Thursday, June 29 and learn how the cloud enables district IT teams be as agile and flexible as the students they serve, even during unexpected emergencies. The cloud offers numerous benefits including lower costs, faster experimentation, pay-as-you-go usage, and no physical infrastructure to manage. You’ll learn: • What is the cloud and why it matters to K12 • Best practices to ensure smooth system operations during peak registration, graduation, and testing periods • How to prepare for inevitable emergencies with long-term record storage in redundant cloud environments • How one district has saved up to 50% on IT costs over five years, helping them focus on teaching and learning • How to build redundancy into your school’s IT plan, allowing you to access records at any time
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Let's dive deeper into the world of ODC! Ricardo Alves (OutSystems) will join us to tell all about the new Data Fabric. After that, Sezen de Bruijn (OutSystems) will get into the details on how to best design a sturdy architecture within ODC.
6. Security ownership as part of DNA
• Promotes culture of “everyone is an owner” for security
• Makes security a stakeholder in business success
• Enables easier and smoother communication
Distributed Embedded
10. Intro to AWS
11 Regions
30 Availability Zones
53 Edge Locations
Over 1 Million Active Customers
Across 190 Countries
Everyday, AWS adds enough new server capacity to support Amazon.com
when it was a $7 billion global enterprise.
11. A European view of Cloud
• Regions:
– Dublin (EU-West) – 3 x Availability Zones
• Launched in 2007
– Frankfurt (EU-Central) – 2 x Availability Zones
• Launched in 2014
• Edge Locations:
– Amsterdam, The Netherlands (2), Dublin, Ireland, Frankfurt,
Germany (3), London, England (3), Madrid, Spain, Marseille,
France, Milan, Italy, Paris, France (2), Stockholm, Sweden, and
Warsaw, Poland
• Direct Connect POPs:
– Dublin, London, Frankfurt
12. Data Locality
Customer chooses where to place data
AWS regions are geographically isolated by design
Data is not replicated to other AWS regions and doesn’t
move unless you choose to move it
13. AWS Global Infrastructure
AWS Global Infrastructure
Your Applications
AWS Global Infrastructure
AWS Global Infrastructure
AWS Global Infrastructure
Regions Availability Zones Edge Locations
Foundation
Services
Application
Services
Deployment &
Management
Compute Storage Networking Databases
Content Delivery Applications Distributed Computing Libraries & SDK’s
EC2 S3 EBS Glacier Storage
Gateway
VPC Direct
Connect
ELB Route53 RDS ElastiCacheDynamo RedShift
CloudFront SES SNS SQS Elastic
Transcoder
CloudSearch SWF EMR
CloudWatch
Monitoring
BeanStalk OpsWorks Cloud
Formation
DataPipe
Deployment & Automation
IAM Federation
Identity & Access
Management
Console
Billing
Web Interface Human Interaction
Mechanical
Turk
AWS Global Infrastructure
Enterprise
Applications
Workspaces Zocalo
Virtual Desktop Document Collaboration
Overview of AWS Services
14. How does a customer interact with AWS
services?
Common Protocols
• SSH, RDP, HTTP, SSL, SQL etc
API Calls
(Management Console, SDKs, Unified CLI)
• S3, EC2, RDS
15. API Calls
• Authentication is provided by IAM (Identity Access Management)
• API calls are secured within an TLS connection
• API Calls are made to AWS Service endpoints deployed globally
• A full list of endpoints available here:
– http://docs.aws.amazon.com/general/latest/gr/rande.html
• AWS Unified CLI
– aws ec2 start-instances
– aws ec2 stop-instances
– aws s3 ls
– aws s3 cp <source> <destionation>
16. Lets look at how customers traditionally manage IT
17. Core Services
Server Storage Networking
Platform & Applications Management
Customer Data
Customer view
Customer Responsibility:
- Data & Network
Protection
- High Availability
- Disaster Recovery
- Backup
- Scalability
- Audit
Operating System
Data Centre
HVAC UPS Security
Data Encryption
Data
Integrity/Backup
Network Protection
Management,Monitoring&Logging
18. AWS Shared Responsibility Model
Lets talk about Security within the Cloud and who is responsible for which parts?
Security OF the Cloud
vs
Security IN the Cloud
19. AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge Locations
Optional – Opaque data: 1’s and 0’s (in transit/at rest)
Platform & Applications Management
Customer content
Customers
AWS Shared Responsibility Model:
for Infrastructure Services
Managed by
Managed by
Client-Side Data encryption
& Data Integrity Authentication
Network Traffic Protection
Encryption / Integrity / Identity
AWSIAM
CustomerIAM
Operating System, Network & Firewall Configuration
Server-Side Encryption
File System and/or Data
APIEndpoint
20. Infrastructure Service
Example – EC2
• AWS Responsibility:
• Foundational Services – Networking, Compute, Storage
• AWS Global Infrastructure
• AWS IAM
• AWS API Endpoints
•Customer Responsibility:
• Customer Data
• Customer Application/Platform
• Operating System
• Network & Firewall
• Customer IAM
• High Availability, Scaling
• Instance Management,
• Data Protection (Transit, Rest, Backup)
21. AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge Locations
Optional – Opaque data: 1’s and 0’s (in transit/at rest)
Firewall
Configuration
Platform & Applications Management
Operating System, Network Configuration
Customer content
Customers
AWS Shared Responsibility Model:
for Container Services
Managed by
Managed by
Client-Side Data encryption
& Data Integrity Authentication
Network Traffic Protection
Encryption / Integrity / Identity
APIEndpointCustomerIAM
AWSIAM
22. Infrastructure Service
Example – RDS
• AWS Responsibility:
• Foundational Services – Networking, Compute, Storage
• AWS Global Infrastructure
• AWS IAM
• AWS API Endpoints
• Operating System
• Platform / Application
•Customer Responsibility:
• Customer Data
• Firewall (VPC)
• Customer IAM (DB Users, Table Permissions)
• High Availability
• Data Protection (Transit, Rest, Backup)
• Scaling
23. AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge Locations
Platform & Applications Management
Operating System, Network & Firewall Configuration
Customer content
Customers
AWS Shared Responsibility Model:
for Abstract Services
Managed by
Managed by
Optional – Opaque Data: 1’s and
0’s
(in flight / at rest)
Data Protection by the Platform
Protection of Data at Rest
Network Traffic Protection by the Platform
Protection of Data at in Transit
Client-Side Data Encryption
& Data Integrity Authentication
APIEndpoint
AWSIAM
24. Infrastructure Service
Example – S3
• AWS Responsibility:
• Foundational Services – Networking, Compute, Storage
• AWS Global Infrastructure
• AWS IAM
• AWS API Endpoints
• Operating System
• Platform / Application
• Data Protection (Rest - SSE, Transit)
• High Availability / Scaling
•Customer Responsibility:
• Customer Data
• Data Protection
25. Shared Responsibility
Summary of Security IN the Cloud (Customer Responsibility
Infrastructure Services
Applications
Operating System
Container Services Abstract Services
Networking/Firewall
Data
Customer IAM
AWS IAM
Networking/Firewall
Data
AWS IAM
Data
Customer IAM
AWS IAM
27. Security Shared Responsibility Model
AWS Foundation Services
Compute Storage Database Network
AWS Global
Infrastructure
Regions
AWS is responsible
for the security OF
the cloud
AWS
Availability Zones Edge Locations
28. on AWS
•Start on base of accredited services
•Functionally necessary – high watermark of
requirements
•Audits done by third party experts
•Accountable to everyone
•Continuous monitoring
•Compliance approach based on all workload
scenarios
•Security innovation drives broad compliance
on-Prem
• Start with bare concrete
• Functionally optional
– (you can build a secure system without it)
• Audits done by an in-house team
• Accountable to yourself
• Typically check once a year
• Workload-specific compliance checks
• Must keep pace and invest in security innovation
Auditing - Comparison
on-Prem vs on AWS
29. What this means
• You benefit from an environment built for the most security sensitive
organizations
• AWS manages 1,800+ security controls so you don’t have to
• You get to define the right security controls for your workload
sensitivity
• You always have full ownership and control of your data
30. AWS Assurance Program Updates
SOC:
New services in scope after successful assessment
KMS, Workspace, SES
PCI:
New services in scope after achieving PCI DSS 3.1 certification
KMS, Cloudtrail, Cloudfront
ISO 27017:
International code of practice focusing on Cloud providers
ISO 27018:
International code of practice that focuses on protection of PII in the cloud.
31. AWS Foundation Services
Compute Storage Database Networking
AWS Global
Infrastructure Regions
Availability Zones
Edge Locations
Your own
accreditation
Meet your own security objectives
Your own
certifications
Your own
external audits Customer scope and
effort is reduced
Better results
through focused
efforts
Built on AWS
consistent baseline
controls
Customers
32. Why AWS?
How AWS Security features and services
can help our Customers
34. Why Amazon Inspector?
Applications testing key to moving fast but staying safe
Security assessment highly manual, resulting in delays or
missed security checks
Valuable security subject matter experts spending too
much time on routine security assessment
37. Amazon Inspector rulesets
CVE
Network Security Best Practices
Authentication Best Practices
Operating System Best Practices
Application Security Best Practices
PCI DCSS 3.0 Readiness
47. Fully managed service which provides:
• An Inventory of your AWS resources
• Lets you audit the resource configuration
history
• Notifies you of resource configuration
changes
• Logs are placed in customer defined S3
bucket
AWS Config
48. AWS Config Rules features
Flexible rules evaluated continuously and
retroactively
Dashboard and reports for common goals
Customizable remediation
API automation
49. AWS Config Rules – example rules
Is Cloudtrail Enabled?
Are in-use volumes encrypted?
Are resources appropriately tagged?
Is incoming SSH disabled?
Are instanced running in the correct VPC?
Are Elastic IPs attached to the correct EC2 instances?
51. AWS Config Rules benefits
Continuous monitoring for
unexpected changes
Shared compliance
across your organization
Simplified management of
configuration changes
54. Evolution of security & compliance at AWS
AWS
certifications
Customer
enabler docs
Customer
case studies
Security by
Design
(SbD)
AWS
CloudTrailAWS
CloudHSM
AWS IAM
AWS KMS
AWS
Config
55. Security by Design - SbD
Security by Design (SbD) is a modern, security
assurance approach that formalizes AWS
account design, automates security controls, and
streamlines auditing.
It is a systematic approach to ensure security;
instead of relying on after-the-fact auditing, SbD
provides control insights throughout the IT
management process.
AWS
CloudTrail
AWS
CloudHSM
AWS IAM
AWS KMS
AWS
Config
56. Putting it all together (SbD)
Build your AWS
applications
using Security by
Design
Continuous
Compliance
through Config
Rules
Continuous
Compliance
through
Inspector
Customer
Workload
58. New security training
Training
Security Fundamentals on AWS
– Free online course for Security
Auditors, Analysts and Management
– 5 modules over 3 hours
Progress is saved
Details at aws.amazon.com/training
59. New security training
Training
Security Operations on AWS
– 3 day class for:
Security Engineers/Architects
Security Analysts and Auditors
– 11 modules with X Labs
Details at aws.amazon.com/training
64. Getting help - Trusted Advisor
Performs a series of security
configuration checks of your AWS
environment:
----------------
• Open ports
• Unrestricted access
• IAM use
• CloudTrail Logging
• S3 Bucket Permissions
• Multi-factor authentication
• Password Policy
• DB Access Risk
• DNS Records
• Load Balancer configuration