Amazon Web Services (AWS) delivers a scalable cloud computing platform with high availability and dependability, offering flexibility for customers to build a wide range of applications. Helping to protect the security of our customers content is of utmost importance to AWS, as is maintaining customer trust and confidence. Under the AWS shared responsibility model, AWS provides a secure global infrastructure, including compute, storage, networking and database services, as well as a range of high level services.
AWS provides a range of security services and features that AWS customers can use to secure their content and meet their own specific business requirements for security. This presentation focuses on how you can make use of AWS security features to meet your own organization's security and compliance objectives.
Topics covered include:
• The AWS approach to security and how responsibilities are shared between AWS and our customers
• How to build your own secure virtual private cloud and integrate it with your existing solutions
• How to use AWS Identity and Access Management to securely manage and operate your applications
• Best practices for securing your AWS account, your content and your applications
View a recording of this webinar here: http://youtu.be/Ihe_8o00-WI
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
This document provides an overview of AWS security architecture. It discusses securing the cloud fabric by implementing access controls, network segmentation, and security auditing/monitoring. It also covers securing assets in the cloud by mapping traditional security controls to the cloud environment. Specific topics include encryption, enterprise logging using Kafka, and an incident response use case.
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...😸 Richard Spindler
The document provides an overview of auditing AWS security using the CIS benchmarks and AWS CLI. It discusses setting up security best practices in areas like IAM, monitoring, encryption, and networking. Examples are given of AWS CLI commands that can be used to check and configure security settings for things like enabling MFA, managing credentials and policies, configuring password policies and logging. The goal is to introduce an approach for automating security audits using the AWS CLI to reduce work and human error.
AWS provides a range of security services and features that AWS customers can use to secure their content and applications and meet their own specific business requirements for security. This presentation focuses on how you can make use of AWS security features to meet your own organization's security and compliance objectives.
View a recording of the webinar based on this presentation on YouTube here: http://youtu.be/rXPyGDWKHIo
At our winter East Midlands Cyber Security Forum event, Dave Walker gave a presentation looking at Amazon’s security approach for their web services, outlining the key tools that are available to ensure a secure deployment.
http://qonex.com/east-midlands-cyber-security-forum/
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
Amazon Web Services (AWS) delivers a scalable cloud computing platform with high availability and dependability, offering flexibility for customers to build a wide range of applications. Helping to protect the security of our customers’ content is of utmost importance to AWS, as is maintaining customer trust and confidence. Under the AWS shared responsibility model, AWS provides a secure global infrastructure, including compute, storage, networking and database services, as well as a range of high level services. AWS provides a range of security services and features that AWS customers can use to secure their content and meet their own specific business requirements for security. This webinar focuses on how you can make use of AWS security features to meet your own organization's security and compliance objectives.
The document discusses security best practices for businesses using AWS cloud services. It emphasizes that security is a shared responsibility between AWS and customers. AWS is responsible for security of the cloud, including infrastructure security. Customers are responsible for security in the cloud, such as managing access controls for their accounts and encryption of sensitive data. The document outlines key AWS security services like CloudTrail for auditing API usage, Config for auditing resource configurations, and Key Management Service for encryption key management. It also discusses AWS's approach to security, which focuses on automation, decentralization, constant testing, and metrics-driven decision making.
AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
This document provides an overview of AWS security architecture. It discusses securing the cloud fabric by implementing access controls, network segmentation, and security auditing/monitoring. It also covers securing assets in the cloud by mapping traditional security controls to the cloud environment. Specific topics include encryption, enterprise logging using Kafka, and an incident response use case.
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...😸 Richard Spindler
The document provides an overview of auditing AWS security using the CIS benchmarks and AWS CLI. It discusses setting up security best practices in areas like IAM, monitoring, encryption, and networking. Examples are given of AWS CLI commands that can be used to check and configure security settings for things like enabling MFA, managing credentials and policies, configuring password policies and logging. The goal is to introduce an approach for automating security audits using the AWS CLI to reduce work and human error.
AWS provides a range of security services and features that AWS customers can use to secure their content and applications and meet their own specific business requirements for security. This presentation focuses on how you can make use of AWS security features to meet your own organization's security and compliance objectives.
View a recording of the webinar based on this presentation on YouTube here: http://youtu.be/rXPyGDWKHIo
At our winter East Midlands Cyber Security Forum event, Dave Walker gave a presentation looking at Amazon’s security approach for their web services, outlining the key tools that are available to ensure a secure deployment.
http://qonex.com/east-midlands-cyber-security-forum/
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
Amazon Web Services (AWS) delivers a scalable cloud computing platform with high availability and dependability, offering flexibility for customers to build a wide range of applications. Helping to protect the security of our customers’ content is of utmost importance to AWS, as is maintaining customer trust and confidence. Under the AWS shared responsibility model, AWS provides a secure global infrastructure, including compute, storage, networking and database services, as well as a range of high level services. AWS provides a range of security services and features that AWS customers can use to secure their content and meet their own specific business requirements for security. This webinar focuses on how you can make use of AWS security features to meet your own organization's security and compliance objectives.
The document discusses security best practices for businesses using AWS cloud services. It emphasizes that security is a shared responsibility between AWS and customers. AWS is responsible for security of the cloud, including infrastructure security. Customers are responsible for security in the cloud, such as managing access controls for their accounts and encryption of sensitive data. The document outlines key AWS security services like CloudTrail for auditing API usage, Config for auditing resource configurations, and Key Management Service for encryption key management. It also discusses AWS's approach to security, which focuses on automation, decentralization, constant testing, and metrics-driven decision making.
Amazon Web Services (AWS) approaches security using a shared responsibility model with our customers. We manage and control the components from the host operating system and virtualization layer down to the physical security of the facilities in which the services operate. As part of that model, our customers are responsible for building secure applications. We will provide a complete walkthrough from a blank canvas to a secure architecture from a development perspective. No matter the size of your team, you can implement your IT solutions using industry wide best security practices.
AWS Security: A Practitioner's PerspectiveJason Chan
This document summarizes a presentation given by Jason Chan on AWS security from a practitioner's perspective. The presentation covered AWS credentials and identifiers, AWS services, actions and resources, and controlling network traffic. It provided an overview of AWS security and some recommendations, but did not aim to be a comprehensive security guide or primer on general cloud security issues.
Vladimir Simek presented on security and compliance in AWS. He discussed that security is a shared responsibility between AWS and customers. AWS manages security of the cloud through facilities, physical security, network security, and other measures. Customers are responsible for security in the cloud by defining controls for their applications and data. AWS provides tools like CloudTrail for visibility into API usage, AWS Config for auditing resource configurations, and IAM for control over user permissions to help customers meet their security needs.
The document provides an agenda for a presentation on AWS security best practices. The presentation covers introduction to foundational AWS services like EC2, S3, VPC, and RDS. It then discusses AWS account security best practices including using IAM roles and MFA, and rotating passwords and keys. The presentation demonstrates setting up IAM, enabling MFA, creating roles and policies, and using security groups. It emphasizes that IAM should be set up first and that roles eliminate storing keys in code.
This session provides real guidance and practical answers to government users’ questions about security and compliance, helping agencies move away from the “worry-based fiction” of the cloud
Speaker: Stephen Squigg, Solutions Architect, Amazon Web Services, APAC
For more training on AWS, visit: https://www.qa.com/amazon
AWS Pop-up Loft | London - Introduction to AWS Security by Ian Massingham, Chief Evangelist EMEA, 19 April 2016
AWS provides a range of security services and features that AWS customers can use to secure their content and applications and meet their own specific business requirements for security. This presentation focuses on how you can make use of AWS security features to meet your own organisation's security and compliance objectives.
Presentation from AWS Worldwide Public Sector team's conference Building and Securing Applications in the Cloud (http://aws.amazon.com/campaigns/building-securing-applications-cloud/).
AWS provides security certifications like SAS70 Type II audits and maintains physical and network security controls. It utilizes multiple availability zones, data redundancy, encryption, firewalls, and access management to isolate and protect customer data and infrastructure. The document encourages feedback to further strengthen AWS's security posture and compliance offerings.
Migrating from the data center to the cloud requires us to rethink much of what we do to secure our applications. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, you need to adapt your security architecture to meet both compliance and security threats.
In the presentation we will cover topics including:
- Minimize attack vectors and surface area
- Perimeter assessments of your VPCs
- Internal vs. External threats
- Monitoring threats
- Re-evaluating Intrusion Detection, Activity Monitoring, and Vulnerability Assessment in AWS
AWS Security, Identity, & Compliance - An Overview: AWS Security Week at the San Francisco Loft
Presenter: William Reid, CISM, FIP
Head of Security and Compliance Solution Architecture, AWS
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
The document discusses security best practices for using AWS. It notes that security is a shared responsibility between AWS and customers, with AWS managing security of the cloud infrastructure and customers responsible for security in their use of AWS services. It outlines the AWS Cloud Adoption Framework security perspective, including identity and access management, detective controls, infrastructure security, data protection, and incident response. The document emphasizes that security principles for the cloud are similar to traditional IT but can be applied more efficiently and at larger scale through automation. It provides examples of AWS security services that customers can use to implement best practices.
The document discusses AWS's shared security model and how it provides security controls that customers don't need to worry about. It outlines AWS services for identity and access management, infrastructure security, data protection, incident response, and how customers can scale to over 1 million users. The document promotes how AWS security benefits include integrated security and compliance, global resilience and control, maintaining privacy and data ownership, security automation for agility, innovation at scale, and broad security partner solutions.
AWS Summit 2014 Melbourne - Breakout 3
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability and control. You have to know what you have and where it is before you can assess the environment against best practices and internal or compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says: "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish.
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
AWS provides comprehensive security capabilities to support workloads on its cloud platform. It emphasizes that security is a shared responsibility between AWS and customers, with AWS responsible for security of the cloud and customers responsible for security in the cloud. AWS offers more visibility into environments, auditability of actions, and control over identity and access than customers can achieve on their own through services like CloudTrail, IAM, and encryption options. Customers can choose the right level of security for their needs.
Security must be the number one priority for any cloud provider and that's no different for AWS. Stephen Schmidt, vice president and chief information officer for AWS, will share his insights into cloud security and how AWS meets the needs of today's IT security challenges. Stephen, with his background with the FBI and his work with AWS customers in the government and space exploration, research, and financial services organizations, shares an industry perspective that's unique and invaluable for today's IT decision makers. At the conclusion of this session, Stephen also provides a brief summary of the other sessions available to you in the security track.
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYCAmazon Web Services
AWS provides several layers of security and compliance certifications for its cloud services. It utilizes physical access controls, network security controls, and identity and access management. AWS shares responsibility for security with its customers, with AWS focusing on security of the cloud infrastructure and customers being responsible for security controls within their account, such as guest operating systems, firewalls, and network configurations. AWS offers multiple deployment models with varying levels of isolation, including commercial cloud services, VPC, and GovCloud to meet different regulatory and compliance needs.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in source repositories, discuss SSH access and necessary SDKs, and more.
This document provides an overview of best practices for security on AWS. It discusses the shared responsibility model between AWS and customers. It covers identity and access management with IAM, including creating users, permissions, groups, and conditions. It also discusses networking with Amazon VPC, security groups for EC2 instances, and secrets management. Additional topics include encryption, auditing with CloudTrail, passwords, credential rotation, MFA, roles, and reducing root access.
AWS is architected to be one of the most flexible and secure cloud computing environments available today. It provides an extremely scalable, highly reliable platform that enables customers to deploy applications and data quickly and securely. When using AWS, not only are infrastructure headaches removed, but so are many of the security issues that come with them.
Amazon Web Services (AWS) approaches security using a shared responsibility model with our customers. We manage and control the components from the host operating system and virtualization layer down to the physical security of the facilities in which the services operate. As part of that model, our customers are responsible for building secure applications. We will provide a complete walkthrough from a blank canvas to a secure architecture from a development perspective. No matter the size of your team, you can implement your IT solutions using industry wide best security practices.
AWS Security: A Practitioner's PerspectiveJason Chan
This document summarizes a presentation given by Jason Chan on AWS security from a practitioner's perspective. The presentation covered AWS credentials and identifiers, AWS services, actions and resources, and controlling network traffic. It provided an overview of AWS security and some recommendations, but did not aim to be a comprehensive security guide or primer on general cloud security issues.
Vladimir Simek presented on security and compliance in AWS. He discussed that security is a shared responsibility between AWS and customers. AWS manages security of the cloud through facilities, physical security, network security, and other measures. Customers are responsible for security in the cloud by defining controls for their applications and data. AWS provides tools like CloudTrail for visibility into API usage, AWS Config for auditing resource configurations, and IAM for control over user permissions to help customers meet their security needs.
The document provides an agenda for a presentation on AWS security best practices. The presentation covers introduction to foundational AWS services like EC2, S3, VPC, and RDS. It then discusses AWS account security best practices including using IAM roles and MFA, and rotating passwords and keys. The presentation demonstrates setting up IAM, enabling MFA, creating roles and policies, and using security groups. It emphasizes that IAM should be set up first and that roles eliminate storing keys in code.
This session provides real guidance and practical answers to government users’ questions about security and compliance, helping agencies move away from the “worry-based fiction” of the cloud
Speaker: Stephen Squigg, Solutions Architect, Amazon Web Services, APAC
For more training on AWS, visit: https://www.qa.com/amazon
AWS Pop-up Loft | London - Introduction to AWS Security by Ian Massingham, Chief Evangelist EMEA, 19 April 2016
AWS provides a range of security services and features that AWS customers can use to secure their content and applications and meet their own specific business requirements for security. This presentation focuses on how you can make use of AWS security features to meet your own organisation's security and compliance objectives.
Presentation from AWS Worldwide Public Sector team's conference Building and Securing Applications in the Cloud (http://aws.amazon.com/campaigns/building-securing-applications-cloud/).
AWS provides security certifications like SAS70 Type II audits and maintains physical and network security controls. It utilizes multiple availability zones, data redundancy, encryption, firewalls, and access management to isolate and protect customer data and infrastructure. The document encourages feedback to further strengthen AWS's security posture and compliance offerings.
Migrating from the data center to the cloud requires us to rethink much of what we do to secure our applications. The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, you need to adapt your security architecture to meet both compliance and security threats.
In the presentation we will cover topics including:
- Minimize attack vectors and surface area
- Perimeter assessments of your VPCs
- Internal vs. External threats
- Monitoring threats
- Re-evaluating Intrusion Detection, Activity Monitoring, and Vulnerability Assessment in AWS
AWS Security, Identity, & Compliance - An Overview: AWS Security Week at the San Francisco Loft
Presenter: William Reid, CISM, FIP
Head of Security and Compliance Solution Architecture, AWS
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
The document discusses security best practices for using AWS. It notes that security is a shared responsibility between AWS and customers, with AWS managing security of the cloud infrastructure and customers responsible for security in their use of AWS services. It outlines the AWS Cloud Adoption Framework security perspective, including identity and access management, detective controls, infrastructure security, data protection, and incident response. The document emphasizes that security principles for the cloud are similar to traditional IT but can be applied more efficiently and at larger scale through automation. It provides examples of AWS security services that customers can use to implement best practices.
The document discusses AWS's shared security model and how it provides security controls that customers don't need to worry about. It outlines AWS services for identity and access management, infrastructure security, data protection, incident response, and how customers can scale to over 1 million users. The document promotes how AWS security benefits include integrated security and compliance, global resilience and control, maintaining privacy and data ownership, security automation for agility, innovation at scale, and broad security partner solutions.
AWS Summit 2014 Melbourne - Breakout 3
The AWS Cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. In this session, we’ll provide a practical understanding of the assurance programs that AWS provides; such as HIPAA, FedRAMP(SM), PCI DSS Level 1, MPAA, and many others. We’ll also address the types of business solutions that these certifications enable you to deploy on the AWS Cloud, as well as the tools and services AWS makes available to customers to secure and manage their resources.
Presenter: Stephen Quigg, Solutions Architect, APAC, Amazon Web Services
The AWS cloud infrastructure has been architected to be one of the most flexible and secure cloud computing environments available today. Security for AWS is about three related elements: visibility, auditability and control. You have to know what you have and where it is before you can assess the environment against best practices and internal or compliance standards. Controls enable you to place precise, well-understood limits on the access to your information. Did you know, for example, that you can define a rule that says: "Tom is the only person who can access this data object that I store with Amazon, and he can only do so from his corporate desktop on the corporate network, from Monday-Friday 9-5 and when he uses MFA?" That's the level of granularity you can choose to implement if you wish.
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
AWS provides comprehensive security capabilities to support workloads on its cloud platform. It emphasizes that security is a shared responsibility between AWS and customers, with AWS responsible for security of the cloud and customers responsible for security in the cloud. AWS offers more visibility into environments, auditability of actions, and control over identity and access than customers can achieve on their own through services like CloudTrail, IAM, and encryption options. Customers can choose the right level of security for their needs.
Security must be the number one priority for any cloud provider and that's no different for AWS. Stephen Schmidt, vice president and chief information officer for AWS, will share his insights into cloud security and how AWS meets the needs of today's IT security challenges. Stephen, with his background with the FBI and his work with AWS customers in the government and space exploration, research, and financial services organizations, shares an industry perspective that's unique and invaluable for today's IT decision makers. At the conclusion of this session, Stephen also provides a brief summary of the other sessions available to you in the security track.
AWS Security Overview - AWS CISO Steve Schmidt - AWS Summit 2012 - NYCAmazon Web Services
AWS provides several layers of security and compliance certifications for its cloud services. It utilizes physical access controls, network security controls, and identity and access management. AWS shares responsibility for security with its customers, with AWS focusing on security of the cloud infrastructure and customers being responsible for security controls within their account, such as guest operating systems, firewalls, and network configurations. AWS offers multiple deployment models with varying levels of isolation, including commercial cloud services, VPC, and GovCloud to meet different regulatory and compliance needs.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in source repositories, discuss SSH access and necessary SDKs, and more.
This document provides an overview of best practices for security on AWS. It discusses the shared responsibility model between AWS and customers. It covers identity and access management with IAM, including creating users, permissions, groups, and conditions. It also discusses networking with Amazon VPC, security groups for EC2 instances, and secrets management. Additional topics include encryption, auditing with CloudTrail, passwords, credential rotation, MFA, roles, and reducing root access.
AWS is architected to be one of the most flexible and secure cloud computing environments available today. It provides an extremely scalable, highly reliable platform that enables customers to deploy applications and data quickly and securely. When using AWS, not only are infrastructure headaches removed, but so are many of the security issues that come with them.
This document discusses security best practices when using AWS. It covers the shared responsibility model between AWS and customers, leveraging AWS security features, understanding customer needs to form a security stance, and engaging security assessors early. It provides an overview of identity and access management tools like IAM, security groups, VPCs and direct connects. The document emphasizes applying a "security by design" approach when building on AWS.
This webinar based on this presenation discusses the use of the AWS Cloud as a disaster recovery (DR) environment. It will explore how the architectural approaches to DR in the AWS Cloud makes DR and BCP a great scenario for familiarising yourself with AWS before moving on to production application deployments in the cloud.
Watch a recording of the webinar based on this presentation on YouTube here: https://youtu.be/YFuOTcOI8Bw
You automated your deployment, elasticized your workloads, and dynamically provisioned your fleet. What do you do next?
Tackle automating your security needs using the latest capabilities in the cloud! There’s no single path to building an automated and continuous security architecture that works for every organization, but certain key principles and techniques are used by the early adopter cloud elite that give them distinct advantages. It's time to re-think your organization’s processes and behaviors to demonstrate the latest efficiencies in your security operations. In this webinar, learn how Intuit implements cloud security automation with Evident.io and other innovative cloud technologies.
Join us to learn:
• How security will be integrated into the overall processes of development and deployment.
• How to tie security acceptance tests, a subset of your key security controls, right into the end of your functional testing process to promote builds with confidence at greater speed.
• How to be successful with API-enabled, continuous security tools in the cloud.
• How to operationalize security alarms, enabling world-class incident response and remediation capabilities.
Selecting the Best VPC Network Architecture (CPN208) | AWS re:Invent 2013Amazon Web Services
Which is better: a single VPC with multiple subnets or multiple accounts with many VPCs? Should you simplify management with a single VPC or use multiple VPCs to lessen the blast radius of network changes? In this session, we hear from customers who've implemented each approach and discuss how they addressed management, security, and connectivity for their Amazon EC2 environments.
Introduction to Three AWS Security Services - November 2016 Webinar SeriesAmazon Web Services
You can help maintain control of your environment by choosing the right AWS security tools. In this webinar, we show how AWS Identity and Access Management (IAM), AWS Config Rules, and AWS Cloud Trail can help you maintain that control. In a live demo, we show you how to track changes, monitor compliance, and keep an audit record of API requests.
Learning Objectives:
• Learn what IAM is and how to leverage it appropriately.
• Gain familiarity with how to track changes and monitor for compliance.
• Keep an audit record of API requests for reporting purposes.
• Understand how these services complement each other.
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...Amazon Web Services
It is critical to maintain strong identity and access policy to prevent unexpected access to your resources for whatever applications you are running on AWS. It is equally important to track and alert on changes being made to your AWS resources.
In this webinar, you will learn about the different ways you can use AWS Identity and Access Management (IAM) to control access to your AWS services and integrate your existing authentication system with AWS IAM. We will cover how you can deploy and control your AWS infrastructure using code templates, including change management policies with AWS CloudFormation.
In addition, we will explore different options for managing both your AWS access logs and your Amazon Elastic Compute Cloud (EC2) system logs using Amazon CloudWatch Logs. We will also cover how to use these logs to implement an audit and compliance validation process using services such as AWS Config, AWS CloudTrail, and Amazon Inspector.
Learning Objectives:
• Understand the AWS Shared Responsibility Model.
• Understand AWS account and identity management options and configuration.
• Learn the concept of infrastructure as code and change management using CloudFormation.
• Learn how to audit and log your AWS service usage.
• Learn about AWS services to add automatic compliance checks to your AWS infrastructure.
Who Should Attend:
• IT administrators, architects, and security engineers, or anyone interested in controlling access to AWS resources, deploying infrastructure on AWS, or performing compliance checks on their infrastructure
Amazon Virtual Private Cloud (Amazon VPC) lets you provision a logically isolated section of the AWS cloud where you can launch AWS resources in a virtual network that you define. In this talk, we discuss advanced tasks in Amazon VPC, including the implementation of Amazon VPC peering, the creation of multiple network zones, the establishment of private connections, and the use of multiple routing tables. We also provide information for current Amazon EC2-Classic network customers and help you prepare to adopt Amazon VPC.
Speakers:
Steve Seymour, AWS Solutions Architect
Eamonn O'Neill, Director, Lemongrass Consulting
Jackie Wong, Head of Networks, Financial Times
Introduction to AWS VPC, Guidelines, and Best PracticesGary Silverman
I crafted this presentation for the AWS Chicago Meetup. This deck covers the rationale, building blocks, guidelines, and several best practices for Amazon Web Services Virtual Private Cloud. I classify it as a somewhere between a 101 and 201 level presentation.
If you like the presentation, I would appreciate you clicking the Like button.
The document summarizes a presentation given at the AWS Government, Education, and Nonprofit Symposium on June 25-26, 2015 in Washington DC. The presentation discusses AWS as a data platform, highlighting the growing size and complexity of data as well as the various AWS services that can be used to store, process, analyze and gain insights from data at different scales. These services include S3, Glacier, DynamoDB, Redshift, EMR, Kinesis and Machine Learning among others. The presentation emphasizes that AWS provides a flexible suite of tools that can be used together to effectively manage the full data lifecycle and derive value from data.
This document discusses AWS security best practices for enterprises. It recommends following AWS security policies and IAM best practices, automating security configurations through tools like CloudFormation, and architecting networks carefully with security groups and subnets. Automating security operations, compliance checks, and incident response is emphasized to manage risks and unknown threats. The document also warns against simply migrating on-premises systems to AWS without redesigning for the cloud.
The document discusses building mobile apps using AWS mobile services. It introduces Amazon Cognito for user authentication, authorization, and data synchronization across devices. Amazon Mobile Analytics is presented for analyzing user behavior and key metrics. Amazon S3 is highlighted for storing and sharing media files using its transfer manager. The document emphasizes how these services can be easily integrated using AWS Mobile SDKs for building full-featured mobile apps.
The document provides readiness checklists for children ages 4 and under (EC1) and ages 4 to 6 (EC2). The checklists assess skills in social/emotional development and play, physical development, and cognitive development. For social/emotional development, it evaluates skills like socializing with others, independence, self-control, and following rules. The physical development section addresses fine motor skills like cutting with scissors and gross motor skills like jumping and balancing. Cognitive development areas covered include language, literacy, math concepts, and scientific thinking. The checklists use ratings of mastered, developing, and beginning to indicate the child's progress in each skill area.
Learn about AWS services specifically designed to help mobile app developers with identity management & sync (Amazon Cognito), analytics (Amazon Mobile Analytics), and push notifications (Amazon SNS Mobile Push). We will also explain how you can easily include these services in your apps using the AWS Mobile SDK.
View a recording of this presentation as a webinar on YouTube here: http://youtu.be/5w8ntFp4_kc
It is clear that information security technology has advanced much faster than
the number of people who are knowledgeable to apply it. It is even clearer that with these advancements come more difficulties in keeping networks secure from intruders, viruses and other threats.
Webcast: AWS account setup tips for audit, governance, and securityApplatix
Whether it's your first day on AWS or your are far along the journey, this webcast discusses 10 'must know' best practices and tips to set your account structure up to maximize scalability, governance, audit and security.
Stephen Quigg discusses security at AWS. He notes that security is the top priority and that AWS provides comprehensive security capabilities to support any workload. Security is shared responsibility between AWS and customers, with AWS providing visibility, auditability and control through services like CloudTrail and IAM. Customers have control over their data through encryption options and can choose the right level of security for their needs and business.
This document provides an overview of application security best practices on AWS. It discusses how security is a shared responsibility between AWS and the customer. AWS is responsible for security of the cloud infrastructure, while customers are responsible for security in their own systems like operating systems, applications, network configurations, and identity management. The document then provides recommendations for securing applications deployed on AWS, such as using security groups, encryption, monitoring tools, and log management strategies.
Introduction to the AWS Shared Security Responsibility Model and some of the technical features and security processes that you can take advantage of to ensure that you applications are more secure in the AWS Cloud.
This document provides an overview of security best practices when using AWS. It discusses AWS' shared security responsibility model and outlines key AWS security features such as IAM, encryption, firewalls, and monitoring tools. Recommendations are given for building secure infrastructure on AWS including account management, network segmentation, asset management, and monitoring. Case studies and additional resources are also referenced.
The document provides an overview of security best practices when using AWS. It discusses AWS' shared security responsibility model and outlines key AWS security features like role-based access control, encryption, and security groups. It also provides recommendations for building security into applications on AWS, including managing access, encrypting data, hardening operating systems, and using services like CloudTrail and CloudWatch Logs for monitoring.
The document provides an overview of security best practices when using AWS. It discusses AWS' shared security responsibility model and outlines key AWS security features like IAM, VPCs, encryption, and monitoring tools. Recommendations are given for establishing an ISMS on AWS, managing access and encryption, securing operating systems and applications, and monitoring with tools like CloudTrail and CloudWatch Logs.
The document provides an overview of security best practices for AWS. It discusses AWS' shared security responsibility model and outlines many of the built-in security features available, such as role-based access control, multi-factor authentication, encryption, and security groups. Recommendations are given for securing access, defining assets, designing an information security management system, managing accounts and roles, protecting data at rest and in transit, securing operating systems and applications, monitoring, and incident response. The presentation encourages leveraging AWS services like IAM, VPC, and CloudTrail to improve security posture in the cloud.
The document provides 9 security best practices for using AWS:
1. Understand the shared responsibility model between AWS and customers.
2. Design an information security management system (ISMS) to protect assets on AWS.
3. Manage AWS accounts, IAM users, groups, and roles using least privilege.
4. Secure infrastructure using AWS features like VPC and security zoning.
5. Secure data at rest and in transit using encryption and access controls.
6. Manage OS-level access to EC2 instances and harden operating systems.
7. Implement monitoring, alerting, auditing, and incident response in the cloud.
Prakash Palanisamy presented 9 security best practices for using AWS. He discussed understanding AWS's shared responsibility model where customers are responsible for security in the cloud. He recommended designing an information security management system (ISMS) to protect assets on AWS using features like IAM, VPCs, encryption, and monitoring tools. Prakash also covered securing infrastructure, data, operating systems, and implementing logging, auditing and incident response processes adapted for the cloud.
Tobias Borjeson presented 9 security best practices for using AWS. He discussed understanding AWS's shared responsibility model where customers are responsible for security in the cloud. He recommended designing an information security management system (ISMS) to protect assets on AWS using features like IAM, VPCs, encryption, and monitoring tools. Borjeson also covered securing infrastructure, data, operating systems and applications when using AWS services.
1) The document provides 9 security best practices for using AWS, including understanding AWS's shared responsibility model where customers manage security of the operating systems and applications while AWS manages security of the cloud infrastructure.
2) It recommends designing an information security management system (ISMS) to protect assets on AWS and managing AWS accounts, users, groups, and roles using least privilege.
3) The document also discusses securing infrastructure using AWS features like VPC, monitoring systems using CloudWatch Logs, and recording API calls using CloudTrail.
The document discusses best practices for implementing detective controls in AWS, including capturing and analyzing logs and integrating auditing controls with notification and workflow. It recommends customizing AWS CloudTrail delivery to capture API activity globally and centralizing logs for storage and analysis. Services like Amazon GuardDuty and AWS Config can help monitor for threats or detect configuration changes. Notifications and workflows should be integrated to help security teams automatically respond to potential security events.
AWS provides security for customers through a shared responsibility model. AWS manages security of the cloud by maintaining physical and logical security controls across its global infrastructure. This includes facilities security, network security, and encryption. Customers maintain security and compliance within their use of AWS by defining access controls and encryption of their data and assets. AWS provides services like IAM, security groups, and CloudTrail to provide visibility, auditability, and control for customers. Architecting for high availability on AWS ensures applications can withstand failures through redundancy across availability zones.
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Amazon Web Services
Jodi Scrofani
Global Financial Services Compliance Strategist for AWS takes us on a journey of Security and Compliance mechanisms, that are mandatory in the Financial Services Industry, and explains how they are addressed by customers today on the AWS Cloud. She explains the AWS Shared Security Model, gives a detailed overview of audit and certifications achieved by AWS, and shows best practices and steps that FSI customers should take to ensure compliance and security.
Top 10 AWS Security and Compliance best practicesAhmad Khan
Learn how to secure your AWS from Hacks, and Misconfigurations. These 10 controls will lock down for all compliance regulations like HIPAA, PCI, FISMA, NIST and so on.
The document discusses best practices for the security pillar of the AWS Well-Architected Framework. It covers five areas of security: identity and access management, detective controls, infrastructure protection, data protection, and incident response. For identity and access management, the document emphasizes protecting AWS credentials through practices like multi-factor authentication, fine-grained authorization using IAM roles and policies, and integrating external identity providers. It also stresses automating security practices and protecting data at rest and in transit through encryption and classification.
Cloud Security, Risk and Compliance on AWSKarim Hopper
This document discusses governance, risk, and compliance considerations for using AWS cloud services. It outlines AWS assurance programs that provide regular third-party security evaluations. It also describes the shared responsibility model where AWS is responsible for security of the cloud and customers are responsible for security in the cloud. The document provides examples of how AWS services like CloudTrail, Config, and Key Management Service provide visibility, auditability, and control to help customers meet their security and compliance needs.
This webinar will introduce the AWS Shared Security Model. We will examine how to use the inherent security of the AWS environment, coupled with the security tools and features AWS makes available, to create a resilient environment with the security you need.
Learning Objectives:
• Understand the security measures AWS puts in place to secure the environment where your data lives
• Understand the tools AWS offers to help you create a resilient environment with the security you need
• Consider actions when moving a sensitive workload to AWS • Security benefits you can expect by deploying in the AWS Cloud
Who Should Attend:
- Prospects and customers with a security background
- Who are interested in using AWS to manage security-sensitive workloads
Similar to Journey Through the Cloud - Security Best Practices on AWS (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
1) The document discusses building a minimum viable product (MVP) using Amazon Web Services (AWS).
2) It provides an example of an MVP for an omni-channel messenger platform that was built from 2017 to connect ecommerce stores to customers via web chat, Facebook Messenger, WhatsApp, and other channels.
3) The founder discusses how they started with an MVP in 2017 with 200 ecommerce stores in Hong Kong and Taiwan, and have since expanded to over 5000 clients across Southeast Asia using AWS for scaling.
This document discusses pitch decks and fundraising materials. It explains that venture capitalists will typically spend only 3 minutes and 44 seconds reviewing a pitch deck. Therefore, the deck needs to tell a compelling story to grab their attention. It also provides tips on tailoring different types of decks for different purposes, such as creating a concise 1-2 page teaser, a presentation deck for pitching in-person, and a more detailed read-only or fundraising deck. The document stresses the importance of including key information like the problem, solution, product, traction, market size, plans, team, and ask.
This document discusses building serverless web applications using AWS services like API Gateway, Lambda, DynamoDB, S3 and Amplify. It provides an overview of each service and how they can work together to create a scalable, secure and cost-effective serverless application stack without having to manage servers or infrastructure. Key services covered include API Gateway for hosting APIs, Lambda for backend logic, DynamoDB for database needs, S3 for static content, and Amplify for frontend hosting and continuous deployment.
This document provides tips for fundraising from startup founders Roland Yau and Sze Lok Chan. It discusses generating competition to create urgency for investors, fundraising in parallel rather than sequentially, having a clear fundraising narrative focused on what you do and why it's compelling, and prioritizing relationships with people over firms. It also notes how the pandemic has changed fundraising, with examples of deals done virtually during this time. The tips emphasize being fully prepared before fundraising and cultivating connections with investors in advance.
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
This document discusses Amazon's machine learning services for building conversational interfaces and extracting insights from unstructured text and audio. It describes Amazon Lex for creating chatbots, Amazon Comprehend for natural language processing tasks like entity extraction and sentiment analysis, and how they can be used together for applications like intelligent call centers and content analysis. Pre-trained APIs simplify adding machine learning to apps without requiring ML expertise.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
Building Production Ready Search Pipelines with Spark and MilvusZilliz
Spark is the widely used ETL tool for processing, indexing and ingesting data to serving stack for search. Milvus is the production-ready open-source vector database. In this talk we will show how to use Spark to process unstructured data to extract vector representations, and push the vectors to Milvus vector database for search serving.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
HCL Notes and Domino License Cost Reduction in the World of DLAUpanagenda
Webinar Recording: https://www.panagenda.com/webinars/hcl-notes-and-domino-license-cost-reduction-in-the-world-of-dlau/
The introduction of DLAU and the CCB & CCX licensing model caused quite a stir in the HCL community. As a Notes and Domino customer, you may have faced challenges with unexpected user counts and license costs. You probably have questions on how this new licensing approach works and how to benefit from it. Most importantly, you likely have budget constraints and want to save money where possible. Don’t worry, we can help with all of this!
We’ll show you how to fix common misconfigurations that cause higher-than-expected user counts, and how to identify accounts which you can deactivate to save money. There are also frequent patterns that can cause unnecessary cost, like using a person document instead of a mail-in for shared mailboxes. We’ll provide examples and solutions for those as well. And naturally we’ll explain the new licensing model.
Join HCL Ambassador Marc Thomas in this webinar with a special guest appearance from Franz Walder. It will give you the tools and know-how to stay on top of what is going on with Domino licensing. You will be able lower your cost through an optimized configuration and keep it low going forward.
These topics will be covered
- Reducing license cost by finding and fixing misconfigurations and superfluous accounts
- How do CCB and CCX licenses really work?
- Understanding the DLAU tool and how to best utilize it
- Tips for common problem areas, like team mailboxes, functional/test users, etc
- Practical examples and best practices to implement right away
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
Best 20 SEO Techniques To Improve Website Visibility In SERPPixlogix Infotech
Boost your website's visibility with proven SEO techniques! Our latest blog dives into essential strategies to enhance your online presence, increase traffic, and rank higher on search engines. From keyword optimization to quality content creation, learn how to make your site stand out in the crowded digital landscape. Discover actionable tips and expert insights to elevate your SEO game.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Journey Through the Cloud - Security Best Practices on AWS
1. Journey through the Cloud:
Security Best Practices on AWS
Ian Massingham – Technical Evangelist
@IanMmmm
2. Journey through the cloud
Common use cases & stepping stones into the AWS cloud
Learning from customer journeys
Best practices to bootstrap your projects
3. Security Best Practices on AWS
Architected to be one of the most flexible and secure cloud environments
Removes many of the security headaches that come with infrastructure
Ensures complete customer privacy and segregation
Built in Security Features
4. Agenda
Sharing the Security Responsibility
Overview of AWS Security Features
Best Practices
Verifying our Security
Useful Resources
5. Security is Our No.1 Priority
Comprehensive Security Capabilities to Support Virtually Any Workload
Validated by security experts
Collaboration on Enhancements
Every Customer Benefits
People &
Procedures Platform
Security Network
Security Physical
Security
24. 1️⃣
Know the AWS Shared Responsibility Model!
Build your systems using AWS as the foundation & architect an !
ISMS that takes advantage of AWS features !
Customer Data
Shared responsibility
Platform, Applications, Identity & Access Management
Operating System, Network & Firewall Configuration
Client-side Data Encryption & Data
Integrity Authentication
Foundation Services
Server-side Encryption
(File System and/or Data)
Network Traffic Protection
(Encryption/Integrity/Identity)
Compute Storage Database Networking
You
Amazon
AWS Global Infrastructure
Availability Zones
Regions
Edge Locations
25. 2️⃣
Understand the AWS Secure Global Infrastructure!
Regions, Availability Zones and Endpoints!
Regions
An independent collection of AWS resources in a defined geography
A solid foundation for meeting location-dependent privacy and compliance
requirements
Availability Zones
Designed as independent failure zones
Physically separated within a typical metropolitan region
26. 2️⃣
Understand the AWS Secure Global Infrastructure!
Using the IAM service!
AWS Identity and Access Management (IAM) enables you to
securely control access to AWS services and resources for your
users.
Using IAM, you can create and manage AWS users and groups
and use permissions to allow and deny their access to AWS
resources via credentials such as access keys, passwords and
multi-factor authentication devices.
http://docs.aws.amazon.com/IAM/latest/UserGuide/IAMBestPractices.html
27. 3️⃣
Define and Categorize Assets on AWS!
Identify all the information assets that you need to protect !
28. ️4️⃣
Design Your ISMS to Protect Your Assets on AWS!
Establish a standard for implementing, operating, monitoring, reviewing,
maintaining & improving your information security management system!
November 2013
Best Practices Security Services – AWS Amazon Web Assets on AWS
Your Your ISMS to Protect Design After you have determined assets, categories, and costs, establish a standard for implementing, operating, monitoring,
reviewing, maintaining, and improving your information security management system (ISMS) on AWS. Security
requirements differ in every organization, depending on the following factors:
x Business needs and objectives
x Processes employed
x Size and structure of the organization
All these factors can change over time, so it is a good practice to build a cyclical process for managing all of this
information.
Table 2 suggests a phased approach to designing and building an ISMS in AWS. You might also find standard frameworks,
such as ISO 27001, helpful with ISMS design and implementation.
Phase Title Description
1 Define scope and
boundaries.
Define which regions, Availability Zones, instances and AWS resources are “in
scope.” If you exclude any component (for example, AWS manages facilities, so you
can leave it out of your own management system), state what you have excluded
and why explicitly.
x Objectives that set the direction and principles for action regarding
information security
x Legal, contractual, and regulatory requirements
x Risk management objectives for your organization
x How you will measure risk
2 Define an ISMS policy. Include the following:
management approves the plan
from groups in your
input Web Services – AWS Security Best Practices November 2013
Amazon Phase much as possible. AWS risk automation can narrow down the scope of resources
required for risk management.
There are several risk assessment methodologies, including OCTAVE (Operationally
Critical Threat, Asset, and Vulnerability Evaluation), ISO 31000:2009 Risk
Management, ENISA (European Network and Information Security Agency, IRAM
(Information Risk Analysis Methodology), and NIST (National Institute of Standards
Title Description
& Technology) Special Publication (SP) 800-30 rev.1 Risk Management Guide.
4 Identify risks We recommend that you create a risk register by mapping all your assets to threats,
and then, based on the vulnerability assessment and impact analysis results,
creating a new risk matrix for each AWS environment.
Here’s an example risk register:
x Assets
x Threats to those assets
x Vulnerabilities that could be exploited by those threats
x Consequences if those vulnerabilities are exploited
5 Analyze and evaluate
risks
Analyze and evaluate the risk by calculating business impact, likelihood and
probability, and risk levels.
security controls,
include applying addressing risks. Options transferring risks.
for Select options risk, or risks accepting risks, avoiding Address 6 7 Choose a security
control framework
When you choose your security controls, use a framework, such as ISO 27002, NIST
SP 800-53, COBIT (Control Objectives for Information and related Technology) and
CSA-CCM (Cloud Security Alliance-Cloud Control Matrix. These frameworks comprise
a set of reusable best practices and will help you to choose relevant controls.
8 Get management
approval
Even after you have implemented all controls, there will be residual risk. We
recommend that you get approval from your business management that
acknowledges all residual risks, and approvals for implementing and operating the
ISMS.
9 Statement of
applicability
Create a statement of applicability that includes the following information:
x Which controls you chose and why
x Which controls are in place
you plan to put in place
29. 5️⃣
Manage AWS Accounts, IAM Users, Groups & Roles!
Operate a under the principle of least privilege!
AWS Account
Your AWS account represents a business relationship between you and
AWS. AWS accounts have root permissions to all AWS resources and
services, so they are very powerful.
IAM Users
With IAM you can create multiple users, each with individual security
credentials, all controlled under a single AWS account.
IAM users can be a person, service, or application that needs access to your
AWS resources through the management console, CLI, or directly via APIs.
30. 5️⃣
Manage AWS Accounts, IAM Users, Groups & Roles!
Strategies for using multiple AWS accounts!
Business
Requirement
Proposed
Design
Comments
Centralized
security
management
Single
AWS
Account
Centralize
informa7on
security
management
and
minimize
overhead.
Separa7on
of
produc7on,
development
&
tes7ng
accounts
Three
AWS
Accounts
Create
one
AWS
account
for
produc7on
services,
one
for
development
and
one
for
tes7ng
Mul7ple
autonomous
departments
Mul7ple
AWS
Accounts
Create
separate
AWS
accounts
for
each
autonomous
part
of
the
organiza7on.
You
can
assign
permissions
and
policies
under
each
account
Centralized
security
management
with
mul7ple
autonomous
independent
projects
Mul7ple
AWS
Accounts
Create
a
single
AWS
account
for
common
project
resources
(such
as
DNS
services,
Ac7ve
Directory,
CMS
etc.).
Then
create
separate
AWS
accounts
per
project.
You
can
assign
permissions
and
policies
under
each
project
account
and
grant
access
to
resources
across
accounts.
31. 5️⃣
Manage AWS Accounts, IAM Users, Groups & Roles!
Delegation using IAM Roles and Temporary Security Credentials!
Applications on Amazon EC2 that need to access AWS resources
Cross Account Access
Identify Federation
32. 6️⃣
Manage OS-level Access to Amazon EC2 Instances!
You own the credentials, but AWS helps you bootstrap initial access to the OS!
Amazon EC2 Key Pairs
Used to authenticate SSH access to Linux instances and to generate the
initial administrator password on Windows instances.
If you have higher security requirements, you are free to implement
alternative authentication mechanisms and disable Amazon EC2 Key Pair
Authentication
33. 7️⃣
Secure Your Data!
At rest & in transit!
Resource Access Authorisation
Users or IAM Roles can only access resources after authentication
Fine grained resources policies can restrict users or permit users to access
only the resources that you specify
{!
!"Effect": "Allow”,!
!"Action": ["s3:GetObject”,"s3:PutObject”],!
!"Resource": ["arn:aws:s3:::myBucket/amazon/snakegame/${cognito-identity.amazonaws.com:sub}"]!
}!
34. 7️⃣
Secure Your Data!
At rest & in transit!
Storing and Managing Encryption Keys
We recommend you store your keys in tamper-proof storage, such as
Hardware Security Modules. AWS CloudHSM is one option available to help
you do this.
As an alternative, you can store keys on your premise and access these over
secure links, such as AWS Direct Connect with IPsec or IPsec VPNs
http://aws.amazon.com/cloudhsm/
35. 7️⃣
Secure Your Data!
At rest & in transit!
Protecting Data at Rest
Options differ by AWS Service.
Amazon S3 – Server side encryption with Amazon S3 managed keys or your
own encryption keys with Customer-Provided Keys (SSE-C)
Amazon EBS – use volume encryption provided by your operating system.
For example, Windows EFS or Microsoft Windows Bitlocker, Linux dm-crypt,
TrueCrypt, SafeNet ProtectV
Amazon RDS – use database specific cryptographic functions
EMR/DynamoDB – see Security Best Practices Whitepaper for options
36. 8️⃣
Secure Your Operating Systems & Applications!
With the shared responsibility model you manage !
operating systems & application security!
OS Hardening and Updates
Use of Amazon Machine Images (AMIs) makes it easy to deploy
standardized operating system and application builds
Amazon provides and maintains a preconfigured set of AMIs, but you are
also free to create your own and use these as the basis for EC2 instances
that you deploy
Standard OS hardening principles can and should be applied to the
operating systems that you chose to run on EC2 instances
There are lots more details best practices for securing your OS environment
in the AWS Security Best Practices Whitepaper
37. 9️⃣
Secure Your Infrastructure!
Using AWS platform features!
Amazon Virtual Private Cloud (VPC)
Create private clouds within the AWS Cloud
Use your own IP address space, allocated by you. Use RFC1918 private
address space for non-internet-routable networks
Connect to your VPC via the Internet, IPsec over the Internet, AWS Direct
Connect, AWS Direct Connect with IPsec or a combination of these.
Define your own subnet topology, routing table and create custom service
instances such as DNS or time servers
38. 9️⃣
Secure Your Infrastructure!
Using AWS platform features!
Security Zoning and Network Segmentation
Network segmentation simply isolates one network from another
Security zones are groups of system components with similar security levels
that have common controls applied to them
Combine AWS platform security features with your own overlay infrastructure
components such as repositories, DNS & time servers to segment networks
and create security zones
The AWS elastic cloud infrastructure & automated deployment tools mean
that you can apply the same security controls across all AWS regions
Repeatable and uniform deployments improve your overall security posture
39. 1️⃣ 0️⃣
Monitoring, Alerting, Audit Trail & Incident Response!
Area
Considera6on
Log
collec7on
Adapt existing processes, tools & methodologies for use in the cloud!
Note
how
log
files
are
collected.
OJen
opera7ng
system,
applica7on,
or
third-‐
party/middleware
agents
collect
log
file
informa7on
Log
transport
Implement OS & Higher Level Monitoring
Logs may be generated by a variety of network components as well as operating
systems, platforms and applications
We recommend logging and analysis of the following event types:
• Actions taken by any individual with root or administrative privileges
• Access to all audit trails
• Invalid logical access attempts
• Use of identification and authentication mechanisms
• Initialization of audit logs
• Creation and deletion of system level objects
When
log
files
are
centralized,
transfer
them
to
the
central
loca7on
in
a
secure,
reliable,
and
7mely
fashion
Log
storage
Centralize
log
files
from
mul7ple
instances
to
facilitate
reten7on
policies,
as
well
as
analysis
and
correla7on
Log
taxonomy
Present
different
categories
of
log
files
in
a
format
suitable
for
analysis
Log
analysis/
correla7on
Log
files
provide
security
intelligence
aJer
you
analyze
them
and
correlate
events
in
them.
You
can
analyze
logs
in
real
7me,
or
at
scheduled
intervals.
Log
protec7on/
security
Log
files
are
sensi7ve.
Protect
them
through
network
control,
iden7ty
and
access
management,
protec7on/
encryp7on,
data
integrity
authen7ca7on,
and
tamper-‐proof
7me-‐stamping
40. 1️⃣ 0️⃣
Monitoring, Alerting, Audit Trail & Incident Response!
Area
Considera6on
Log
collec7on
Adapt existing processes, tools &methodologies for use in the cloud!
Note
how
log
files
are
collected.
OJen
opera7ng
system,
applica7on,
or
third-‐
party/middleware
agents
collect
log
file
informa7on
Log
transport
Use CloudWatch Logs to Centralise Your Logs
CloudWatch Logs enables you to monitor and troubleshoot your systems and
applications using your existing system, application, and custom log files.
When
log
files
are
centralized,
transfer
them
to
the
central
loca7on
in
a
secure,
reliable,
and
7mely
fashion
Log
storage
Centralize
log
files
from
mul7ple
instances
to
facilitate
reten7on
policies,
as
well
as
analysis
and
correla7on
Log
taxonomy
Send your existing system, application, and custom log files to CloudWatch Logs
and monitor these logs in near real-time.
Present
different
categories
of
log
files
in
a
format
suitable
for
analysis
Log
analysis/
correla7on
Log
files
provide
security
intelligence
aJer
you
analyze
them
and
correlate
events
in
them.
You
can
analyze
logs
in
real
7me,
or
at
scheduled
intervals.
Log
protec7on/
security
This can help you better understand and operate your systems and applications,
and you can store your logs using highly durable, low-cost storage for later
access
Log
files
are
sensi7ve.
Protect
them
through
network
control,
iden7ty
and
access
management,
protec7on/
encryp7on,
data
integrity
authen7ca7on,
and
tamper-‐proof
7me-‐stamping
41. 1️⃣ 0️⃣
Monitoring, Alerting, Audit Trail & Incident Response!
Adapt existing processes, tools &methodologies for use in the cloud!
Use CloudTrail to Record AWS API Calls
AWS CloudTrail is a web service that records AWS API calls for your account and
delivers log files to you.
The recorded information includes the identity of the API caller, the time of the
API call, the source IP address of the API caller, the request parameters, and the
response elements returned by the AWS service.
With CloudTrail, you can get a history of AWS API calls for your account. The
AWS API call history produced by CloudTrail enables security analysis, resource
change tracking, and compliance auditing.
43. Compliance at AWS
AWS is Level 1 compliant under the Payment Card Industry (PCI)
Data Security Standard (DSS). Customers can run applications on
our PCI-compliant technology infrastructure for storing, processing,
and transmitting credit card information in the cloud.
AWS is ISO 27001 certified under the International Organization for
Standardization (ISO) 27001 standard. ISO 27001 is a widely-adopted
global security standard that outlines the requirements for
information security management systems.
Many other government and industry compliance requirements are
also met by AWS. Find more at:
aws.amazon.com/compliance
47. White Papers Amazon Web Services – AWS Security Best Practices November 2013
Page 1 of 56
AWS Security Best Practices
Dob Todorov
Yinal Ozkan
November 2013
(Please consult http://aws.amazon.com/security for the latest version of this paper)
AWS Security Whitepaper
http://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf
AWS Security Best Practices Whitepaper
http://media.amazonwebservices.com/AWS_Security_Best_Practices.pdf
AWS Risk and Compliance Whitepaper
http://d0.awsstatic.com/whitepapers/compliance/AWS_Risk_and_Compliance_Whitepaper.pdf
48. AWS Training & Certification
Certification
Demonstrate your skills,
knowledge, and expertise
with the AWS platform
aws.amazon.com/certification
Self-Paced Labs
Try products, gain new
skills, and get hands-on
practice working with
AWS technologies
aws.amazon.com/training/
self-paced-labs
Training
Skill up and gain
confidence to design,
develop, deploy and
manage your applications
on AWS
aws.amazon.com/training