by Cameron Worrell, Solutions Architect, AWS
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments. Level 200
Whether you’re just beginning to explore cloud computing or adopting it at enterprise-scale, it is important to build security into your architecture. But where do you begin? This requires a thorough understanding of your shared security responsibilities as well as familiarity with the tools available to address these issues.
This document discusses cloud-native DDoS attack mitigation and provides an overview of how AWS services can help. It describes the evolution from on-premise to cloud-routed to cloud-native DDoS mitigation strategies. It also outlines AWS Shield Standard and Advanced protections that provide automatic DDoS protection for AWS resources. The presentation aims to help users prepare resilient architectures, monitor applications for issues, and respond to DDoS events through demonstrations of AWS services like WAF, CloudFront, Route 53, and more.
This document discusses distributed denial of service (DDoS) attack mitigation strategies. It provides an overview of different types of DDoS attacks and threats. It then outlines the evolution of DDoS mitigation approaches, including on-premise mitigation, cloud-routed mitigation, and cloud-native mitigation. The document focuses on Amazon Web Services' (AWS) cloud-native approach using AWS Shield for DDoS protection. It describes AWS Shield Standard Protection and AWS Shield Advanced Protection, as well as how to build a DDoS-resilient architecture on AWS.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Speaker: Jesse Fuchs - Sr. Solutions Architect, AWS
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017Amazon Web Services
If left unmitigated, Distributed Denial of Service (DDoS) attacks have the potential to harm application availability or impair application performance. DDoS attacks can also act as a smoke screen for intrusion attempts or as a harbinger for attacks against non-cloud infrastructure. Accordingly, it's crucial that developers architect for DDoS resiliency and maintain robust operational capabilities that allow for rapid detection and engagement during high-severity events. In this session, you learn how to build a DDoS-resilient application and how to use services like AWS Shield and Amazon CloudWatch to defend against DDoS attacks and automate response to attacks in progress.
AWS Security Week: Intro To Threat Detection & RemediationAmazon Web Services
AWS Security Week at the San Francisco Loft: Introduction to Threat Detection and Remediation on AWS
Presenter: Jeff Levine, Sr. Security Solutions Architect, AWS
This document discusses various Amazon Web Services that can be used to implement application resiliency and security. It covers goals like controlling access, implementing fault tolerance, and reducing security risks. Specific AWS services discussed for network security include VPCs, security groups, and CloudFront. The document also discusses using multiple availability zones, separating services across subnets, obfuscating infrastructure details, and implementing layered access controls. Logging and monitoring services like CloudTrail, Config, and VPC flow logs are presented as ways to gain visibility and ensure compliance.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments. Level 200
Whether you’re just beginning to explore cloud computing or adopting it at enterprise-scale, it is important to build security into your architecture. But where do you begin? This requires a thorough understanding of your shared security responsibilities as well as familiarity with the tools available to address these issues.
This document discusses cloud-native DDoS attack mitigation and provides an overview of how AWS services can help. It describes the evolution from on-premise to cloud-routed to cloud-native DDoS mitigation strategies. It also outlines AWS Shield Standard and Advanced protections that provide automatic DDoS protection for AWS resources. The presentation aims to help users prepare resilient architectures, monitor applications for issues, and respond to DDoS events through demonstrations of AWS services like WAF, CloudFront, Route 53, and more.
This document discusses distributed denial of service (DDoS) attack mitigation strategies. It provides an overview of different types of DDoS attacks and threats. It then outlines the evolution of DDoS mitigation approaches, including on-premise mitigation, cloud-routed mitigation, and cloud-native mitigation. The document focuses on Amazon Web Services' (AWS) cloud-native approach using AWS Shield for DDoS protection. It describes AWS Shield Standard Protection and AWS Shield Advanced Protection, as well as how to build a DDoS-resilient architecture on AWS.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Speaker: Jesse Fuchs - Sr. Solutions Architect, AWS
Automating DDoS Response in the Cloud - SID324 - re:Invent 2017Amazon Web Services
If left unmitigated, Distributed Denial of Service (DDoS) attacks have the potential to harm application availability or impair application performance. DDoS attacks can also act as a smoke screen for intrusion attempts or as a harbinger for attacks against non-cloud infrastructure. Accordingly, it's crucial that developers architect for DDoS resiliency and maintain robust operational capabilities that allow for rapid detection and engagement during high-severity events. In this session, you learn how to build a DDoS-resilient application and how to use services like AWS Shield and Amazon CloudWatch to defend against DDoS attacks and automate response to attacks in progress.
AWS Security Week: Intro To Threat Detection & RemediationAmazon Web Services
AWS Security Week at the San Francisco Loft: Introduction to Threat Detection and Remediation on AWS
Presenter: Jeff Levine, Sr. Security Solutions Architect, AWS
This document discusses various Amazon Web Services that can be used to implement application resiliency and security. It covers goals like controlling access, implementing fault tolerance, and reducing security risks. Specific AWS services discussed for network security include VPCs, security groups, and CloudFront. The document also discusses using multiple availability zones, separating services across subnets, obfuscating infrastructure details, and implementing layered access controls. Logging and monitoring services like CloudTrail, Config, and VPC flow logs are presented as ways to gain visibility and ensure compliance.
Distributed denial of service (DDoS) can have an impact on the availability, security and resources consumption for your web application. AWS Web Application Firewall and AWS Shield allow to protect web applications from these attacks.
Automating DDos and WAF responses - AWS Summit Cape Town 2018Amazon Web Services
Speaker: Andrew Kane, AWS
Level: 300/400
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as AWS Web Application Firewall, AWS Shield, AWS CloudWatch, and more. You will also learn how to use Lambda functions to automate event response and integrate with your security operations tools.
by Cameron Worrell, Sr. Solutions Architect, AWS
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...Amazon Web Services
Learning Objectives:
- Get an inside look into Managed Rules for AWS WAF
- Learn how to set up Managed Rules for AWS WAF and the best practices
- Learn about the security experts that offer Managed Rules for AWS WAF
(1) This document discusses maturing an organization's security practices from DevOps to DevSecOps. It outlines a DevSecOps maturity model with three stages: adopt, expand, and scale.
(2) Key learnings from recent cloud security breaches like Equifax and Gemalto are discussed, emphasizing the need for continuous monitoring, prioritizing vulnerable hosts, and securing configurations.
(3) The shared responsibility model is explained, with the organization responsible for security "in" the cloud through practices like monitoring network traffic, hosts, applications, user activities, and resource configurations.
This document discusses DevSecOps and security automation. It defines DevSecOps as integrating security practices into development workflows through automation. It discusses three flavors of DevSecOps: security of the CI/CD pipeline, security in the CI/CD pipeline through automated tests, and security automation for incident response. The document provides examples of using AWS services like CloudFormation, Config, and CloudWatch Events for infrastructure as code and automating security tasks like validation, remediation, and forensics.
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Amazon Web Services
What do you do when leadership embraces what was called "shadow IT" as the new path forward? How do you onboard new accounts while simultaneously pushing policy to secure all existing accounts? This session walks through Cisco’s journey consolidating over 700 existing accounts in the Cisco organization, while building and applying Cisco’s new cloud policies. Learn valuable tips and hear about mechanisms used to automate the process. Gain insight into how Cisco integrates AWS’s security and monitoring with Cisco’s enterprise tools, Cisco SSO integration and continuous security auditability on Cisco’s AWS account, and Cisco’s CI/CD pipelines with AWS to ensure secure development.
This document discusses preparing for and simulating incident response on AWS. It covers automating incident response using tools like AWS CloudTrail and Lambda to detect events and trigger automated responses. Examples are provided of detecting and responding to potentially malicious configuration changes. The document emphasizes building an automated "Lambda responder" system to detect events from CloudTrail and take response actions. It also provides guidance on when to engage AWS Support or Security for incident response simulations.
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Amazon Web Services
This document discusses options for protecting data with encryption in AWS. It covers transport security using TLS, data encryption at rest using server-side encryption with AWS KMS or customer-provided keys, client-side encryption, and the AWS Certificate Manager and AWS Key Management Service. It provides details on how various AWS services integrate with KMS for automatic encryption and key management. Alternatives like AWS CloudHSM and partner solutions are also mentioned.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
The document discusses applying lessons from historical epidemics like cholera to cloud security. It suggests that as scale increases in cloud computing, risks and responses must also change. It recommends avoiding poorly designed architectures, as threats evolve defenses must also evolve, and incidents can spread quickly requiring rapid response. The document outlines several AWS security services and best practices to implement things like access management, detection and response, infrastructure security, and data protection based on lessons from historical epidemics.
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...Amazon Web Services
In this session, Verizon and Stelligent demonstrate techniques and approaches on how to validate your security infrastructure during the development process through Continuous Security, and keep it that way through AWS Lambda auto-remediation. Verizon and Stelligent present a hands-on demo of these techniques, and a deep dive into the code that enables these technologies.
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
by Eric Rose, Sr. Security Consultant, AWS
After you have built and deployed a security infrastructure and automated key aspects of security operations, you should validate your work through an incident response simulation. In this session, you will learn about the best way to protect your logs; how and why to develop automated incident response capabilities via AWS tooling such as AWS Lambda; the importance of testing existing forensics tools to ensure efficacy in the cloud environment; and ways to test your plan early and often.
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...Amazon Web Services
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security Services
In this session you will learn how to build a self-defending border to protect your Internet-facing applications. We will show you how you can automatically respond to the dynamic threats facing online assets by using our managed threat detection services combined with information from applications.
Shane Baldacchino, Solutions Architect, Amazon Web Services
by Henrik Johansson, Principal Solutions Architect, AWS
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in-source repositories, and discuss SSH access and necessary SDKs.
How to Use Positive and Negative Security Models and Virtual Patching Techniq...Amazon Web Services
This document discusses Amazon Web Services Web Application Firewall (AWS WAF). It covers using AWS WAF to implement positive and negative security models. Specific examples shown include whitelisting good users by checking the referrer header, using virtual patching to prevent exploitation of known vulnerabilities, and rate limiting access to login pages to prevent brute force attacks. It also mentions that AWS recently launched a toolkit to help customers configure AWS WAF rules to address the OWASP Top 10 web application vulnerabilities.
The document discusses establishing full stack security when using AWS services. It covers turning security into a shared responsibility between AWS and customers by establishing platform, network, operating system, and data protection security. Some key points include setting up identity and access management (IAM) and enabling detective controls like CloudTrail and CloudWatch. It also discusses establishing network security using VPC, security groups, and flow logs and operating system security using EC2 Systems Manager tools. The goal is to provide security from the ground up and give customers fine-grained control over their infrastructure.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in source repositories, discuss SSH access and necessary SDKs, and more.
AWS Webinar CZSK 02 Bezpecnost v AWS clouduVladimir Simek
The document discusses security in the AWS cloud. It covers the shared responsibility model between AWS and customers, AWS global infrastructure and security features, identity and access management, encryption options, security best practices, and AWS security partners. It also provides an overview of a presentation about AWS security solutions and compliance.
Data protection is the highest priority for any organisation, so we answer common questions about GDPR, data residency, freedom of information, and privacy. We also address security-related compliance, risk management strategies, and best practices for securing data on AWS.
by Fritz Kunstler, Sr. Security Consultant, AWS
Put detective controls in place to have visibility into your deployments. In this session, you will learn about deployment visibility at the AWS platform, application, operating system, and network levels, as well as how to build monitoring solutions at scale to leverage AWS services that turn logging data into security insight.
The document provides an overview of threat detection and remediation services on AWS, including Amazon GuardDuty for threat detection, Amazon Macie for data security, AWS WAF for web application firewall, AWS Shield for DDoS protection, and how these services can work together for security. It describes the services' capabilities for detecting known threats using threat intelligence, detecting unknown threats using anomaly detection, and providing actionable findings to help remediate issues.
The document discusses various threat detection and remediation services on AWS, including AWS WAF, AWS Shield, Amazon GuardDuty, Amazon Macie, and others. It provides overviews and examples of how each service can help detect and protect against security threats. The document is presented by Cameron Worrell from AWS and includes an agenda covering an introduction to security on AWS and deep dives on specific threat detection and response services.
Distributed denial of service (DDoS) can have an impact on the availability, security and resources consumption for your web application. AWS Web Application Firewall and AWS Shield allow to protect web applications from these attacks.
Automating DDos and WAF responses - AWS Summit Cape Town 2018Amazon Web Services
Speaker: Andrew Kane, AWS
Level: 300/400
Security professionals and full-stack engineers will learn how to defend against distributed denial of service (DDoS) attacks and web application exploits by using automation to monitor activity, configure rate limiting, and deploy network filtering rules. You will become an expert in advanced techniques to help you protect and monitor your AWS networks and resources using services such as AWS Web Application Firewall, AWS Shield, AWS CloudWatch, and more. You will also learn how to use Lambda functions to automate event response and integrate with your security operations tools.
by Cameron Worrell, Sr. Solutions Architect, AWS
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Introducing Managed Rules for AWS WAF (with a Customer Story) - AWS Online Te...Amazon Web Services
Learning Objectives:
- Get an inside look into Managed Rules for AWS WAF
- Learn how to set up Managed Rules for AWS WAF and the best practices
- Learn about the security experts that offer Managed Rules for AWS WAF
(1) This document discusses maturing an organization's security practices from DevOps to DevSecOps. It outlines a DevSecOps maturity model with three stages: adopt, expand, and scale.
(2) Key learnings from recent cloud security breaches like Equifax and Gemalto are discussed, emphasizing the need for continuous monitoring, prioritizing vulnerable hosts, and securing configurations.
(3) The shared responsibility model is explained, with the organization responsible for security "in" the cloud through practices like monitoring network traffic, hosts, applications, user activities, and resource configurations.
This document discusses DevSecOps and security automation. It defines DevSecOps as integrating security practices into development workflows through automation. It discusses three flavors of DevSecOps: security of the CI/CD pipeline, security in the CI/CD pipeline through automated tests, and security automation for incident response. The document provides examples of using AWS services like CloudFormation, Config, and CloudWatch Events for infrastructure as code and automating security tasks like validation, remediation, and forensics.
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Amazon Web Services
What do you do when leadership embraces what was called "shadow IT" as the new path forward? How do you onboard new accounts while simultaneously pushing policy to secure all existing accounts? This session walks through Cisco’s journey consolidating over 700 existing accounts in the Cisco organization, while building and applying Cisco’s new cloud policies. Learn valuable tips and hear about mechanisms used to automate the process. Gain insight into how Cisco integrates AWS’s security and monitoring with Cisco’s enterprise tools, Cisco SSO integration and continuous security auditability on Cisco’s AWS account, and Cisco’s CI/CD pipelines with AWS to ensure secure development.
This document discusses preparing for and simulating incident response on AWS. It covers automating incident response using tools like AWS CloudTrail and Lambda to detect events and trigger automated responses. Examples are provided of detecting and responding to potentially malicious configuration changes. The document emphasizes building an automated "Lambda responder" system to detect events from CloudTrail and take response actions. It also provides guidance on when to engage AWS Support or Security for incident response simulations.
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Amazon Web Services
This document discusses options for protecting data with encryption in AWS. It covers transport security using TLS, data encryption at rest using server-side encryption with AWS KMS or customer-provided keys, client-side encryption, and the AWS Certificate Manager and AWS Key Management Service. It provides details on how various AWS services integrate with KMS for automatic encryption and key management. Alternatives like AWS CloudHSM and partner solutions are also mentioned.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
The document discusses applying lessons from historical epidemics like cholera to cloud security. It suggests that as scale increases in cloud computing, risks and responses must also change. It recommends avoiding poorly designed architectures, as threats evolve defenses must also evolve, and incidents can spread quickly requiring rapid response. The document outlines several AWS security services and best practices to implement things like access management, detection and response, infrastructure security, and data protection based on lessons from historical epidemics.
Security Validation through Continuous Delivery at Verizon - DEV403 - re:Inve...Amazon Web Services
In this session, Verizon and Stelligent demonstrate techniques and approaches on how to validate your security infrastructure during the development process through Continuous Security, and keep it that way through AWS Lambda auto-remediation. Verizon and Stelligent present a hands-on demo of these techniques, and a deep dive into the code that enables these technologies.
Incident Response: Preparing and Simulating Threat ResponseAmazon Web Services
by Eric Rose, Sr. Security Consultant, AWS
After you have built and deployed a security infrastructure and automated key aspects of security operations, you should validate your work through an incident response simulation. In this session, you will learn about the best way to protect your logs; how and why to develop automated incident response capabilities via AWS tooling such as AWS Lambda; the importance of testing existing forensics tools to ensure efficacy in the cloud environment; and ways to test your plan early and often.
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...Amazon Web Services
A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security Services
In this session you will learn how to build a self-defending border to protect your Internet-facing applications. We will show you how you can automatically respond to the dynamic threats facing online assets by using our managed threat detection services combined with information from applications.
Shane Baldacchino, Solutions Architect, Amazon Web Services
by Henrik Johansson, Principal Solutions Architect, AWS
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in-source repositories, and discuss SSH access and necessary SDKs.
How to Use Positive and Negative Security Models and Virtual Patching Techniq...Amazon Web Services
This document discusses Amazon Web Services Web Application Firewall (AWS WAF). It covers using AWS WAF to implement positive and negative security models. Specific examples shown include whitelisting good users by checking the referrer header, using virtual patching to prevent exploitation of known vulnerabilities, and rate limiting access to login pages to prevent brute force attacks. It also mentions that AWS recently launched a toolkit to help customers configure AWS WAF rules to address the OWASP Top 10 web application vulnerabilities.
The document discusses establishing full stack security when using AWS services. It covers turning security into a shared responsibility between AWS and customers by establishing platform, network, operating system, and data protection security. Some key points include setting up identity and access management (IAM) and enabling detective controls like CloudTrail and CloudWatch. It also discusses establishing network security using VPC, security groups, and flow logs and operating system security using EC2 Systems Manager tools. The goal is to provide security from the ground up and give customers fine-grained control over their infrastructure.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in source repositories, discuss SSH access and necessary SDKs, and more.
AWS Webinar CZSK 02 Bezpecnost v AWS clouduVladimir Simek
The document discusses security in the AWS cloud. It covers the shared responsibility model between AWS and customers, AWS global infrastructure and security features, identity and access management, encryption options, security best practices, and AWS security partners. It also provides an overview of a presentation about AWS security solutions and compliance.
Data protection is the highest priority for any organisation, so we answer common questions about GDPR, data residency, freedom of information, and privacy. We also address security-related compliance, risk management strategies, and best practices for securing data on AWS.
by Fritz Kunstler, Sr. Security Consultant, AWS
Put detective controls in place to have visibility into your deployments. In this session, you will learn about deployment visibility at the AWS platform, application, operating system, and network levels, as well as how to build monitoring solutions at scale to leverage AWS services that turn logging data into security insight.
The document provides an overview of threat detection and remediation services on AWS, including Amazon GuardDuty for threat detection, Amazon Macie for data security, AWS WAF for web application firewall, AWS Shield for DDoS protection, and how these services can work together for security. It describes the services' capabilities for detecting known threats using threat intelligence, detecting unknown threats using anomaly detection, and providing actionable findings to help remediate issues.
The document discusses various threat detection and remediation services on AWS, including AWS WAF, AWS Shield, Amazon GuardDuty, Amazon Macie, and others. It provides overviews and examples of how each service can help detect and protect against security threats. The document is presented by Cameron Worrell from AWS and includes an agenda covering an introduction to security on AWS and deep dives on specific threat detection and response services.
The document discusses automated response to distributed denial-of-service (DDoS) and web application firewall (WAF) attacks in AWS. It describes AWS Shield for automatic protection against common network and transport layer DDoS attacks, AWS WAF for filtering web traffic and blocking malicious requests, and AWS Firewall Manager for centrally managing WAF rules across multiple accounts at scale. Demos show setting up Shield Advanced monitoring and mitigating a UDP flood attack, using WAF to quickly deploy a patch for a vulnerability, and Firewall Manager automating compliance of new accounts.
The document discusses security at scale on AWS. It covers several topics:
- AWS security controls including over 70 services, 7,710 audit artifacts and 3,030 audit requirements.
- How AWS handles security at scale through automation, ubiquitous logging and encryption, and rapid detection and response times of under 10 minutes on average.
- AWS services that can help with security including IAM, CloudTrail, GuardDuty, and AWS Config rules.
- Reference architectures that show how to scale infrastructure securely including using multiple availability zones and services like Route 53, S3, CloudFront, and Lambda.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in source repositories, discuss SSH access and necessary SDKs, and more.
In this session, we will explore common use cases for (server based or generally load balanced) workloads in AWS and how they compare with the on-prem deployment patterns. you will learn the architectural patterns and line of thinking for deploying security perimeters and segmentation across a multiple account/vpc strategy, Edge security. also, you how you can make sure the pattern you develop will be applied uniformly across your current and future environments.
Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...Amazon Web Services
Your application is exposed to a variety of threats from common distributed attacks to sophisticated zero-day vectors. Learn how to architect beyond the region and take advantage of the AWS Edge Network and upgrade your security posture with easy to deploy solutions that scale. At this session you will learn how to I ensure your application will withstand malicious threats and DDoS attacks, what role does architecture play in your security posture, and how professional services and partners like Flux7 can help.
Amazon GuardDuty: Intelligent Threat Detection and Continuous Monitoring to P...Amazon Web Services
Amazon GuardDuty is a threat detection service that monitors AWS accounts and the applications within them for malicious or unauthorized behavior. It uses machine learning, threat intelligence feeds, and other techniques to detect both known and unknown threats. GuardDuty analyzes AWS CloudTrail logs, VPC flow logs, and DNS logs to generate detailed findings on issues like reconnaissance, unauthorized access, and crypto-currency mining. It also integrates with other AWS services like Lambda and CloudWatch Events.
Learning Objectives:
- Learn how to use AWS Shield to build scalable DDoS defense into your applications
- Learn how to monitor your applications on the AWS Cloud and detect DDoS attempts
- Learn how to respond to in-progress DDoS attempts
Introduction to Serverless Computing and AWS Lambda - AWS IL MeetupBoaz Ziniman
Serverless computing allows you to build and run applications without the need for provisioning or managing servers. With serverless computing, you can build web, mobile, and IoT backends; run stream processing or big data workloads; run chatbots, and more.
The document discusses security best practices for AWS, including implementing a segregated account environment, strong identity and access management, enabling traceability through logging and monitoring, and applying security controls at multiple layers. It provides examples of setting up identity and access management with AWS IAM, implementing detective controls with AWS CloudTrail and GuardDuty, and using network and host-level security features like VPCs, security groups, and AWS WAF.
The document discusses cloud-native DDoS attack mitigation strategies on AWS. It outlines three pillars of protection: built-in protection for all AWS customers against common network and transport layer attacks, optional advanced DDoS protection with AWS Shield Advanced, and tools like AWS WAF and VPC for customized application-layer protections. True stories are presented showing how AWS services like CloudFront and Shield helped customers migrate mitigation from on-premises to the cloud and defend against large sophisticated attacks.
AWS CZSK Webinář 2019.05: Jak chránit vaše webové aplikace před DDoS útokyVladimir Simek
This document discusses how to protect web applications from DDoS attacks on AWS. It covers the types and trends of DDoS threats, best practices for web architecture, and AWS security services like AWS Shield, AWS WAF, and Firewall Manager that provide built-in and customizable DDoS mitigation. It also includes a demo and discusses pricing models for AWS DDoS protection services.
AWS offers extensive logging capabilities with services including Amazon Simple Storage Service (S3), Amazon Elastic Load Balancing (ELB), and Amazon CloudTrail. Yet when meeting compliance standards such as the Payment Card Industry Data Security Standard (PCI DSS), it can be challenging to process a large amount of log data in a short amount of time to produce audit-ready reports.
USM Anywhere from AlienVault provides a comprehensive threat detection and compliance solution for monitoring cloud and on-premises environments. Join our webinar to hear from security experts from AWS and AlienVault, along with AlienVault customer CeloPay, who will discuss the essential compliance capabilities provided by the AlienVault solution.
For customers with hundreds or thousands of secrets, like database credentials and API keys, manually rotating and managing access to those secrets can be complex and cause application disruptions. AWS Secrets Manager protects access to your IT resources by enabling you to easily and centrally rotate and manage access to secrets. In this session, we explore the benefits and key features of Secrets Manager. We demonstrate how to safely rotate secrets, manage access to secrets with fine-grained access policies, and centrally secure and audit your secrets.
NET203_Using Amazon VPC Flow Logs to Do Predictive Security AnalyticsAmazon Web Services
This session provides an overview of IPv6 and covers key aspects of AWS support for the protocol. We discuss Amazon S3 and S3 Transfer Acceleration, Amazon CloudFront and AWS WAF, Amazon Route 53, AWS IoT, Elastic Load Balancing, and the virtual private cloud (VPC) environment of Amazon EC2. The presentation assumes solid knowledge of IPv4 and these AWS services.
NET203_Using Amazon VPC Flow Logs to Do Predictive Security AnalyticsAmazon Web Services
1) The document describes a workshop on using Amazon VPC flow logs and machine learning to perform predictive security analytics.
2) It outlines collecting network flow logs from Amazon VPC, analyzing them using services like Amazon Kinesis and Elasticsearch, and using Amazon Machine Learning to detect anomalies and threats.
3) The expected outcome is an automated system that can analyze network traffic in real-time, predict and detect threats, alert on anomalies, and protect workloads using AWS WAF based on the machine learning predictions and security rules.
Managed Rules for AWS WAF is a new feature that allows you to purchase Managed Rules from security sellers in the AWS Marketplace. Managed Rules are proactively updated by security sellers as new threats emerge and enable you to easily protect your web applications and APIs from a wide range of Internet threats.
After IAM and Detective Controls you’ll turn to Infrastructure Security, which means tuning AWS Service configurations, AMI composition, and hardening other digital assets that will be deployed. We will cover how to define networking architecture (e.g. VPC, subnets, security groups); how to develop hardened AMIs based on your requirements; the importance of defining Internet ingress and egress flows, and how to determine Vulnerability Management and operational maintenance cadence.
Similar to Introduction to Threat Detection and Remediation (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
1) The document discusses building a minimum viable product (MVP) using Amazon Web Services (AWS).
2) It provides an example of an MVP for an omni-channel messenger platform that was built from 2017 to connect ecommerce stores to customers via web chat, Facebook Messenger, WhatsApp, and other channels.
3) The founder discusses how they started with an MVP in 2017 with 200 ecommerce stores in Hong Kong and Taiwan, and have since expanded to over 5000 clients across Southeast Asia using AWS for scaling.
This document discusses pitch decks and fundraising materials. It explains that venture capitalists will typically spend only 3 minutes and 44 seconds reviewing a pitch deck. Therefore, the deck needs to tell a compelling story to grab their attention. It also provides tips on tailoring different types of decks for different purposes, such as creating a concise 1-2 page teaser, a presentation deck for pitching in-person, and a more detailed read-only or fundraising deck. The document stresses the importance of including key information like the problem, solution, product, traction, market size, plans, team, and ask.
This document discusses building serverless web applications using AWS services like API Gateway, Lambda, DynamoDB, S3 and Amplify. It provides an overview of each service and how they can work together to create a scalable, secure and cost-effective serverless application stack without having to manage servers or infrastructure. Key services covered include API Gateway for hosting APIs, Lambda for backend logic, DynamoDB for database needs, S3 for static content, and Amplify for frontend hosting and continuous deployment.
This document provides tips for fundraising from startup founders Roland Yau and Sze Lok Chan. It discusses generating competition to create urgency for investors, fundraising in parallel rather than sequentially, having a clear fundraising narrative focused on what you do and why it's compelling, and prioritizing relationships with people over firms. It also notes how the pandemic has changed fundraising, with examples of deals done virtually during this time. The tips emphasize being fully prepared before fundraising and cultivating connections with investors in advance.
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
This document discusses Amazon's machine learning services for building conversational interfaces and extracting insights from unstructured text and audio. It describes Amazon Lex for creating chatbots, Amazon Comprehend for natural language processing tasks like entity extraction and sentiment analysis, and how they can be used together for applications like intelligent call centers and content analysis. Pre-trained APIs simplify adding machine learning to apps without requiring ML expertise.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.