Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, Training and Certification
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Amazon Web Services
With Amazon EC2, Amazon EBS, Amazon S3, AWS KMS, and more, Intuit’s data platform was able meet the requirements of high availability and rapid infrastructure scaling for 100 percent of the tax year’s seasonal demands. In this session, Intuit answers questions such as: Which portions of a complex system can be forklifted directly? Which need to be reengineered? How can highly sensitive data be migrated and stored securely in AWS? Are operational best practices in AWS different than those on premises? Intuit shares its strategy for establishing sufficient confidence in your business partners and delivering 100 percent product uptime.
This document provides an overview of security aspects of AWS Lambda. It discusses how Lambda allows customers to run code without managing servers, scales continuously based on demand, meters usage at millisecond granularity, enables innovation by focusing on business logic over infrastructure, and integrates with a rich ecosystem of AWS services. It also covers Lambda's shared responsibility model, function isolation technologies, monitoring and auditing options, and best practices for architecting and operating Lambda functions securely and for compliance purposes.
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Module 1: AWS Cloud Concepts, VPC, and Security Groups - Virtual AWSome Day J...Amazon Web Services
Module 1: AWS Cloud Concepts / Infrastructure, VPC, and Security Groups
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
AWS Security, IAM, Databases, Elasticity, Management Tools - AWSome Day Phila...Amazon Web Services
Part 3 of 3.
This free, one-day training will provide a step-by-step introduction to the core AWS services for compute, storage, database, and networking.
AWS technical experts will explain key features and use cases, share best practices, walk through technical demos, and be available to answer your questions one-on-one.
Who should attend?
AWSome Day is ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing and how to get started on the AWS Cloud.
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018Boaz Ziniman
Understand the values your organization can get from the cloud is the first step in your cloud transformation journey.
We will share best practices for getting started with Cloud Computing and not only from the technical perspective (culture change and gains, building teams, business case, project selection and more). Join us for this session and Let's Start your Cloud journey.
Data protection is the highest priority for any organisation, so we answer common questions about GDPR, data residency, freedom of information, and privacy. We also address security-related compliance, risk management strategies, and best practices for securing data on AWS.
Module 2: Core AWS Compute and Storage Services - Virtual AWSome Day June 2018Amazon Web Services
Module 2: Core AWS Compute Services (EC2, ELBm, AutoScaling, and EBS) and Storage Services (S3, RDS, and DynamoDB)
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Amazon Web Services
With Amazon EC2, Amazon EBS, Amazon S3, AWS KMS, and more, Intuit’s data platform was able meet the requirements of high availability and rapid infrastructure scaling for 100 percent of the tax year’s seasonal demands. In this session, Intuit answers questions such as: Which portions of a complex system can be forklifted directly? Which need to be reengineered? How can highly sensitive data be migrated and stored securely in AWS? Are operational best practices in AWS different than those on premises? Intuit shares its strategy for establishing sufficient confidence in your business partners and delivering 100 percent product uptime.
This document provides an overview of security aspects of AWS Lambda. It discusses how Lambda allows customers to run code without managing servers, scales continuously based on demand, meters usage at millisecond granularity, enables innovation by focusing on business logic over infrastructure, and integrates with a rich ecosystem of AWS services. It also covers Lambda's shared responsibility model, function isolation technologies, monitoring and auditing options, and best practices for architecting and operating Lambda functions securely and for compliance purposes.
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Module 1: AWS Cloud Concepts, VPC, and Security Groups - Virtual AWSome Day J...Amazon Web Services
Module 1: AWS Cloud Concepts / Infrastructure, VPC, and Security Groups
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
AWS Security, IAM, Databases, Elasticity, Management Tools - AWSome Day Phila...Amazon Web Services
Part 3 of 3.
This free, one-day training will provide a step-by-step introduction to the core AWS services for compute, storage, database, and networking.
AWS technical experts will explain key features and use cases, share best practices, walk through technical demos, and be available to answer your questions one-on-one.
Who should attend?
AWSome Day is ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing and how to get started on the AWS Cloud.
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018Boaz Ziniman
Understand the values your organization can get from the cloud is the first step in your cloud transformation journey.
We will share best practices for getting started with Cloud Computing and not only from the technical perspective (culture change and gains, building teams, business case, project selection and more). Join us for this session and Let's Start your Cloud journey.
Data protection is the highest priority for any organisation, so we answer common questions about GDPR, data residency, freedom of information, and privacy. We also address security-related compliance, risk management strategies, and best practices for securing data on AWS.
Module 2: Core AWS Compute and Storage Services - Virtual AWSome Day June 2018Amazon Web Services
Module 2: Core AWS Compute Services (EC2, ELBm, AutoScaling, and EBS) and Storage Services (S3, RDS, and DynamoDB)
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
Join us for this hands-on workshop where you will learn about a number of AWS services you can use to identify and respond to threats in your AWS environments. Learn about the capabilities of Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub as you walk through real-world threat scenarios. For each scenario, we will review methods to detect and respond to threats both manually and automated using services like Amazon CloudWatch Events and AWS Lambda.
This document discusses AWS tools for elasticity and management including Elastic Load Balancing, Auto Scaling, and CloudWatch. It describes how Elastic Load Balancing distributes traffic across EC2 instances and supports health checks. It explains how Auto Scaling automatically scales EC2 capacity based on demand or metrics and uses launch configurations and Auto Scaling groups. It also describes how CloudWatch monitors AWS resources and applications and sets alarms.
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Amazon Web Services
How can you ensure your environment is Secure? How can you implement an effective governance model in your organization? The AWS Cloud Adoption Framework (CAF) and its Security Perspective provide a structured approach to make risk based decisions, build security guardrails and meet your compliance goals as you migrate to AWS. The Security perspective of the CAF provides a set of 5 core themes designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. In this session you will learn what it takes to lead a Secure Cloud Journey for your organization and make key strategic decisions.
AWS Identity, Directory, and Access Services: An Overview Amazon Web Services
Every journey to the AWS Cloud is unique. Some customers are migrating existing applications, while others are building Approved applications using cloud-native services. Along each journey, identity and access management helps customers protect their applications and resources. Come to this session and learn how AWS identity services provide you with a secure, flexible, and easy solution for managing identities and access on the AWS Cloud. With AWS identity services, you do not have to adapt to AWS. Instead, you have a choice of services designed to meet you anywhere along your journey to the AWS Cloud.
The document outlines an agenda for a Getting Started on AWS event, including sessions on AWS history, infrastructure, security, databases, elasticity and management tools, with breaks for asking AWS experts questions, and thanking the sponsor of the event. The agenda runs from 8:00 am to 4:30 pm and covers topics like AWS services, architecture, and best practices through presentations and hands-on learning opportunities.
The document provides an overview of Amazon Elastic Compute Cloud (EC2) and describes key aspects of launching and managing EC2 instances on AWS. It discusses how to select an Amazon Machine Image (AMI) to launch an instance, the different types of EC2 instances available based on compute and memory needs, and how instances can be launched across Availability Zones for high availability. The document also briefly mentions the AWS Marketplace for deploying pre-configured software on EC2.
The Evolution of Identity and Access Management on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Understand the identity and access management evolution
- Learn best practices for managing AWS root user credentials and Users, Groups, and Roles, especially as the number of users and AWS accounts grow
- Better understand identity federation by viewing two demos
The Australian Cyber Security Centre (ACSC) has awarded PROTECTED certification to AWS for 42 cloud services.
From storing protected data to modernizing workflows, to new applications and security services, AWS Protected cloud services can enable you.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
The document discusses Amazon Elastic Compute Cloud (EC2). EC2 provides resizable compute capacity in the cloud and allows users to launch virtual server instances that have control over their computing resources. EC2 offers different instance types that are optimized for various workloads. Users can launch instances from templates called AMIs that contain operating systems and applications.
Il cloud ibrido fa riferimento all'uso di risorse locali in aggiunta alle risorse pubbliche del cloud. Un cloud ibrido consente a un'organizzazione di migrare applicazioni e dati nel cloud, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, avvicinare le applicazioni ai clienti e creare una soluzione di backup e disaster recovery con una elevata disponibilità. In questa sessione verranno presentate le principali architetture ed i tool AWS per realizzarle.
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftAmazon Web Services
This document discusses identity and access management for serverless applications. It provides an overview of AWS Identity and Access Management (IAM) including IAM users, groups, roles, and policies. It also discusses Amazon Cognito for user management and the WildRydes serverless application workshop which involves restricting access to an S3 bucket and setting up user authentication with Cognito user pools.
Build a dashboard using serverless security analytics - SDD201 - AWS re:Infor...Amazon Web Services
In this session, we walk you through a demo of how a security team can build dashboards in minutes without having to gain deep knowledge on analytics. The AWS serverless services we use include AWS WAF logs, AWS Glue, Amazon Athena, and Amazon QuickSight.
AWS Foundations
Well Architected Framework and AWS Trusted Advisor
Global Infrastructure
Demo - Designing the network (VPC) for HA and FT
VPC Network security
Customers using AWS benefit from a multitude of security and compliance controls built into AWS solutions. In this session, you will learn how to take advantage of the advanced security features of AWS to gain the visibility, agility, and control that the cloud affords users over legacy environments. We will take a look at several reference architectures for common workloads and highlight the innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the Shared Responsibility Model and ways you can inherit security controls from the rich compliance and accreditation programs maintained by AWS.
Matt Johnson, Solutions Architect, AWS
Adding the Sec to Your DevOps Pipelines: AWS Security Week at the SF LoftAmazon Web Services
The document describes a workshop on adding security to DevOps pipelines. It discusses building a CI/CD pipeline using AWS services like CodeCommit, CodeBuild, and CodePipeline. It then covers implementing security checks like static code analysis, vulnerability scanning with Amazon Inspector, and threat detection with Amazon GuardDuty. The workshop takes participants through hands-on exercises to build the pipeline and integrate various security checks at different stages.
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
Slack stores lots of customer data, and it’s essential that it’s protected. Some customers need tight control over their keys, so Slack worked with AWS KMS to enable customers to revoke data access independently. With Slack’s Enterprise Key Management (EKM) capability, customers control master keys that unlock access to their data from KMS accounts. Using precise, granular KMS access controls, customers allow or deny access to individual channels, workspaces, or Slack channels and audit keys in AWS CloudTrail logs. This session covers KMS and how Slack used KMS to build the EKM capability. Learn how KMS can help you give your customers control over their data.
Accelerare l’utilizzo del Machine Learning con le soluzioni ML pronte per l’u...Amazon Web Services
This document discusses AWS Marketplace for Machine Learning, which allows customers to easily find, purchase, and deploy pre-trained machine learning models and algorithms. It provides over 200 curated models across 53 categories from 40+ partners. Customers can purchase models for real-time or batch inference, and algorithms to train custom models. The marketplace aims to accelerate machine learning adoption by reducing development time and ensuring security, compliance, and reproducibility of models. A demo is shown of classifying images using a model from the marketplace deployed with Amazon SageMaker and AWS Lambda.
AWSome Day Online 2020_Module 4: Secure your cloud applicationsAmazon Web Services
This document discusses securing applications in the AWS cloud. It covers authentication and authorization with IAM, managing access with roles, securing infrastructure from threats like DDoS attacks with AWS Shield, and AWS services for compliance and security assessments like Amazon Inspector. The AWS shared responsibility model is also explained, with AWS responsible for security of the cloud infrastructure and the customer responsible for security in the cloud.
This document provides an overview of security on AWS. It discusses AWS' shared responsibility model where AWS is responsible for security of the cloud, while customers are responsible for security in the cloud. It also describes AWS Identity and Access Management (IAM) which allows customers to control access to AWS services and resources. IAM enables creation of users and groups, assigning permissions with policies, and offers features like multi-factor authentication. The document recommends security best practices including deleting root credentials, activating MFA, and monitoring activity.
Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...Amazon Web Services
As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days. There will be code giveaways and more!
Join us for this hands-on workshop where you will learn about a number of AWS services you can use to identify and respond to threats in your AWS environments. Learn about the capabilities of Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub as you walk through real-world threat scenarios. For each scenario, we will review methods to detect and respond to threats both manually and automated using services like Amazon CloudWatch Events and AWS Lambda.
This document discusses AWS tools for elasticity and management including Elastic Load Balancing, Auto Scaling, and CloudWatch. It describes how Elastic Load Balancing distributes traffic across EC2 instances and supports health checks. It explains how Auto Scaling automatically scales EC2 capacity based on demand or metrics and uses launch configurations and Auto Scaling groups. It also describes how CloudWatch monitors AWS resources and applications and sets alarms.
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Amazon Web Services
How can you ensure your environment is Secure? How can you implement an effective governance model in your organization? The AWS Cloud Adoption Framework (CAF) and its Security Perspective provide a structured approach to make risk based decisions, build security guardrails and meet your compliance goals as you migrate to AWS. The Security perspective of the CAF provides a set of 5 core themes designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. In this session you will learn what it takes to lead a Secure Cloud Journey for your organization and make key strategic decisions.
AWS Identity, Directory, and Access Services: An Overview Amazon Web Services
Every journey to the AWS Cloud is unique. Some customers are migrating existing applications, while others are building Approved applications using cloud-native services. Along each journey, identity and access management helps customers protect their applications and resources. Come to this session and learn how AWS identity services provide you with a secure, flexible, and easy solution for managing identities and access on the AWS Cloud. With AWS identity services, you do not have to adapt to AWS. Instead, you have a choice of services designed to meet you anywhere along your journey to the AWS Cloud.
The document outlines an agenda for a Getting Started on AWS event, including sessions on AWS history, infrastructure, security, databases, elasticity and management tools, with breaks for asking AWS experts questions, and thanking the sponsor of the event. The agenda runs from 8:00 am to 4:30 pm and covers topics like AWS services, architecture, and best practices through presentations and hands-on learning opportunities.
The document provides an overview of Amazon Elastic Compute Cloud (EC2) and describes key aspects of launching and managing EC2 instances on AWS. It discusses how to select an Amazon Machine Image (AMI) to launch an instance, the different types of EC2 instances available based on compute and memory needs, and how instances can be launched across Availability Zones for high availability. The document also briefly mentions the AWS Marketplace for deploying pre-configured software on EC2.
The Evolution of Identity and Access Management on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Understand the identity and access management evolution
- Learn best practices for managing AWS root user credentials and Users, Groups, and Roles, especially as the number of users and AWS accounts grow
- Better understand identity federation by viewing two demos
The Australian Cyber Security Centre (ACSC) has awarded PROTECTED certification to AWS for 42 cloud services.
From storing protected data to modernizing workflows, to new applications and security services, AWS Protected cloud services can enable you.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
The document discusses Amazon Elastic Compute Cloud (EC2). EC2 provides resizable compute capacity in the cloud and allows users to launch virtual server instances that have control over their computing resources. EC2 offers different instance types that are optimized for various workloads. Users can launch instances from templates called AMIs that contain operating systems and applications.
Il cloud ibrido fa riferimento all'uso di risorse locali in aggiunta alle risorse pubbliche del cloud. Un cloud ibrido consente a un'organizzazione di migrare applicazioni e dati nel cloud, estendere la capacità del data center, utilizzare nuove funzionalità native del cloud, avvicinare le applicazioni ai clienti e creare una soluzione di backup e disaster recovery con una elevata disponibilità. In questa sessione verranno presentate le principali architetture ed i tool AWS per realizzarle.
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftAmazon Web Services
This document discusses identity and access management for serverless applications. It provides an overview of AWS Identity and Access Management (IAM) including IAM users, groups, roles, and policies. It also discusses Amazon Cognito for user management and the WildRydes serverless application workshop which involves restricting access to an S3 bucket and setting up user authentication with Cognito user pools.
Build a dashboard using serverless security analytics - SDD201 - AWS re:Infor...Amazon Web Services
In this session, we walk you through a demo of how a security team can build dashboards in minutes without having to gain deep knowledge on analytics. The AWS serverless services we use include AWS WAF logs, AWS Glue, Amazon Athena, and Amazon QuickSight.
AWS Foundations
Well Architected Framework and AWS Trusted Advisor
Global Infrastructure
Demo - Designing the network (VPC) for HA and FT
VPC Network security
Customers using AWS benefit from a multitude of security and compliance controls built into AWS solutions. In this session, you will learn how to take advantage of the advanced security features of AWS to gain the visibility, agility, and control that the cloud affords users over legacy environments. We will take a look at several reference architectures for common workloads and highlight the innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the Shared Responsibility Model and ways you can inherit security controls from the rich compliance and accreditation programs maintained by AWS.
Matt Johnson, Solutions Architect, AWS
Adding the Sec to Your DevOps Pipelines: AWS Security Week at the SF LoftAmazon Web Services
The document describes a workshop on adding security to DevOps pipelines. It discusses building a CI/CD pipeline using AWS services like CodeCommit, CodeBuild, and CodePipeline. It then covers implementing security checks like static code analysis, vulnerability scanning with Amazon Inspector, and threat detection with Amazon GuardDuty. The workshop takes participants through hands-on exercises to build the pipeline and integrate various security checks at different stages.
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
Slack stores lots of customer data, and it’s essential that it’s protected. Some customers need tight control over their keys, so Slack worked with AWS KMS to enable customers to revoke data access independently. With Slack’s Enterprise Key Management (EKM) capability, customers control master keys that unlock access to their data from KMS accounts. Using precise, granular KMS access controls, customers allow or deny access to individual channels, workspaces, or Slack channels and audit keys in AWS CloudTrail logs. This session covers KMS and how Slack used KMS to build the EKM capability. Learn how KMS can help you give your customers control over their data.
Accelerare l’utilizzo del Machine Learning con le soluzioni ML pronte per l’u...Amazon Web Services
This document discusses AWS Marketplace for Machine Learning, which allows customers to easily find, purchase, and deploy pre-trained machine learning models and algorithms. It provides over 200 curated models across 53 categories from 40+ partners. Customers can purchase models for real-time or batch inference, and algorithms to train custom models. The marketplace aims to accelerate machine learning adoption by reducing development time and ensuring security, compliance, and reproducibility of models. A demo is shown of classifying images using a model from the marketplace deployed with Amazon SageMaker and AWS Lambda.
AWSome Day Online 2020_Module 4: Secure your cloud applicationsAmazon Web Services
This document discusses securing applications in the AWS cloud. It covers authentication and authorization with IAM, managing access with roles, securing infrastructure from threats like DDoS attacks with AWS Shield, and AWS services for compliance and security assessments like Amazon Inspector. The AWS shared responsibility model is also explained, with AWS responsible for security of the cloud infrastructure and the customer responsible for security in the cloud.
This document provides an overview of security on AWS. It discusses AWS' shared responsibility model where AWS is responsible for security of the cloud, while customers are responsible for security in the cloud. It also describes AWS Identity and Access Management (IAM) which allows customers to control access to AWS services and resources. IAM enables creation of users and groups, assigning permissions with policies, and offers features like multi-factor authentication. The document recommends security best practices including deleting root credentials, activating MFA, and monitoring activity.
Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...Amazon Web Services
As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days. There will be code giveaways and more!
Module 3: Security, Identity and Access Management
This module will cover:
Data Center Security
AWS Identity and Access Management (IAM) concepts including users, groups, roles and policies
Security Framework Shakedown: Chart Your Journey with AWS Best PracticesAmazon Web Services
As with everything in life there is an easy way and a hard way when it comes to adopting security framework recommendations. Featuring the AWS Well-Architected and Cloud Adoption Frameworks, we will walk you through a complete security journey. We'll start with identification of requirements, then move through a series of how-tos from classifying your data, automating controls, to running fun incident response game days.
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Amazon Web Services
by Jeff Levine, Security Specialist, Solutions Architect, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop.
Landing Zones Creating a Foundation - AWS Summit Sydney 2018Amazon Web Services
Landing Zones: Creating a Foundation for Your AWS Migrations
When migrating lots of applications to the cloud, it's important to architect cloud environments that are efficient, secure and compliant. AWS Landing Zones are a prescriptive set of instructions for deploying an AWS-recommended foundation of interrelated AWS accounts, networks, and core services for your initial AWS application environments. This session will review the benefits and best practices.
Ali Juzer, Cloud Architect, Professional Services, Amazon Web Services
The document discusses National Australia Bank's cloud security strategy and journey in adopting AWS security best practices. It outlines NAB's objectives to extend existing security services to the cloud and implement integrated and secure-by-default solutions with continuous security governance. The document also discusses AWS security frameworks like the Cloud Adoption Framework and Well-Architected Framework to help organizations define security strategies and implement best practices for identity and access management, infrastructure security, data protection, and incident response.
AWS Security Best Practices in a Zero Trust Security Model - DEM08 - Toronto ...Amazon Web Services
Zero trust security is quickly rising as a preferred alternative to traditional security approaches. The key enabling technology underlying the zero trust security approach is next-gen access which combines the critical capabilities of such technologies as identity as a service (IDaaS), enterprise mobility management (EMM), and privileged access management (PAM). In this session, we highlight AWS security best practices in a zero trust security model. Specifically, we explore securing the AWS root account, controlling access to the AWS Management Console, and the AWS Command Line Interface, and managing developer access to Amazon EC2 instances and containerized applications that run on them.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Level: 100
Speaker: Don Edwards - Sr. Technical Delivery Manager, AWS
Iolaire Mckinnon, Senior Consultant, Security, Risk & Compliance, AWS
A Deep Dive into the best practice guidelines for securing your workloads in AWS cloud.
Security by design examines a wide range of issues, such as: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. This standardized, automated, prescriptive and repeatable design can be deployed for common use cases, security standards and audit requirements across multiple industries and workloads.
Landing zones: Creating a Foundation for Your AWS MigrationsAli Asgar Juzer
When migrating lots of applications to the cloud, it's important to architect cloud environments that are efficient, secure and compliant. AWS Landing Zones are a prescriptive set of instructions for deploying an AWS-recommended foundation of interrelated AWS accounts, networks, and core services for your initial AWS application environments. This session will review the benefits and best practices.
Products & Services: Amazon CloudWatch, AWS CloudTrail, AWS Config, AWS CloudFormation, AWS IAM and AWS Direct Connect
How to Implement a Well-Architected Security Solution.pdfAmazon Web Services
Securing your workload in alignment with best practices is necessary to protect information, systems and assets while delivering business value through risk assessments and mitigation strategies. In this tech talk, we’ll walk you through how to secure your workload using AWS Identity & Access Management, AWS CloudTrail, Amazon GuardDuty and AWS Config services.
Introduction to AWS Security: Security Week at the SF LoftAmazon Web Services
The document discusses security at AWS. It provides an overview of AWS security services and tools including identity and access management, detective controls, infrastructure security, data protection, and incident response services. It also discusses the shared responsibility model where AWS is responsible for security of the cloud, while customers are responsible for security in the cloud. Real-world customer examples are provided that discuss how organizations have improved security by moving to AWS.
[NEW LAUNCH!] Introduction to AWS Security Hub (SEC397) - AWS re:Invent 2018Amazon Web Services
AWS Security Hub is a new AWS service that provides a single place to manage security and compliance across AWS accounts. It integrates with other security tools and allows users to view findings from multiple accounts. Security Hub is available now for free in preview and aims to provide a centralized view of security posture and issues across an organization on AWS.
Using AMS to get FSI Regulated Workloads on the Cloud, Fast - AWS Summit Sydn...Amazon Web Services
Using AMS to get FSI Regulated Workloads on the Cloud, Fast
Discover the different approaches to building effective Operating Models at Cloud Strategy stage using DIY, APN Partner or AWS Services. Then hear how AWS Managed Services (AMS) can help Australia's banks get regulated workloads stood up on cloud and achieve business outcomes faster due to high scale automation.
George Watts, Global Operations Integration Practice Manager, Amazon Web Services
Do you work with too many tools? In this session, learn how AWS Systems Manager can help you manage your servers at scale with the agility and security you need in today's dynamic cloud-enabled world.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Mastering Identity at Every Layer of the Cake (SEC401-R1) - AWS re:Invent 2018Amazon Web Services
Most workloads on AWS resemble a finely crafted cake, with delight at every layer. In this session, we help you master identity at each layer of deliciousness: from platform, to infrastructure, to applications, using services like AWS Identity and Access Management (IAM), AWS Directory Service, Amazon Cognito, and many more. Leave with a firm mental model for how identity works both harmoniously and independently throughout these layers, and with ready-to-use reference architectures and sample code. We keep things fun and lively along the way with lots of demos, which will hopefully make up for our decided lack of anything resembling the sweet confections we'll be talking so much about!
Similar to Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, Training and Certification – Virtual AWSome Day June 2018 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
1) The document discusses building a minimum viable product (MVP) using Amazon Web Services (AWS).
2) It provides an example of an MVP for an omni-channel messenger platform that was built from 2017 to connect ecommerce stores to customers via web chat, Facebook Messenger, WhatsApp, and other channels.
3) The founder discusses how they started with an MVP in 2017 with 200 ecommerce stores in Hong Kong and Taiwan, and have since expanded to over 5000 clients across Southeast Asia using AWS for scaling.
This document discusses pitch decks and fundraising materials. It explains that venture capitalists will typically spend only 3 minutes and 44 seconds reviewing a pitch deck. Therefore, the deck needs to tell a compelling story to grab their attention. It also provides tips on tailoring different types of decks for different purposes, such as creating a concise 1-2 page teaser, a presentation deck for pitching in-person, and a more detailed read-only or fundraising deck. The document stresses the importance of including key information like the problem, solution, product, traction, market size, plans, team, and ask.
This document discusses building serverless web applications using AWS services like API Gateway, Lambda, DynamoDB, S3 and Amplify. It provides an overview of each service and how they can work together to create a scalable, secure and cost-effective serverless application stack without having to manage servers or infrastructure. Key services covered include API Gateway for hosting APIs, Lambda for backend logic, DynamoDB for database needs, S3 for static content, and Amplify for frontend hosting and continuous deployment.
This document provides tips for fundraising from startup founders Roland Yau and Sze Lok Chan. It discusses generating competition to create urgency for investors, fundraising in parallel rather than sequentially, having a clear fundraising narrative focused on what you do and why it's compelling, and prioritizing relationships with people over firms. It also notes how the pandemic has changed fundraising, with examples of deals done virtually during this time. The tips emphasize being fully prepared before fundraising and cultivating connections with investors in advance.
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
This document discusses Amazon's machine learning services for building conversational interfaces and extracting insights from unstructured text and audio. It describes Amazon Lex for creating chatbots, Amazon Comprehend for natural language processing tasks like entity extraction and sentiment analysis, and how they can be used together for applications like intelligent call centers and content analysis. Pre-trained APIs simplify adding machine learning to apps without requiring ML expertise.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.