On a trail with Amazon Detective | LCloud

•

0 likes•343 views

#amazondetective #aws #cloudcomputing Cybersecurity is one of the priorities in the age of the information society, where data is a value in itself. It is worth paying attention to properly designed security solutions. Amazon Detective is the latest security service from the AWS family. You can find more in our blog post: https://lcloud.pl/en/security-investigatior-amazon-detective/ Follow us on our social media channels: LCloud Blog https://lcloud.pl/en/blog/ Facebook https://bit.ly/2tCqBJS Twitter https://twitter.com/LCLOUD16 SlideShare https://www.slideshare.net/LCloud LinkedIn https://bit.ly/2syaQCr

Technology

On a trail with
Amazon Detective
On a trail with
Amazon Detective

Amazon Detective is the latest security service from the
AWS family. It uses machine learning, statistical
analysis and graph theory, in combination with AWS
resource log data to detect potentially dangerous
activities and security issues. It allows clients to view
summaries and analytical data related to events in AWS
CloudTrail as well as VPC Flow Logs. Amazon Detective
also processes the results obtained from Amazon
GuardDuty, when customer enabled the service.

How it works?
Source: https://aws.amazon.com/detective/

Select and run Amazon Detective from the AWS
console. Then configure the organization's accounts
for monitoring and the "master" account for data
collection.
Step 1

The Amazon Detective service immediately begins
the analysis of telemetry data, creating graphical
visualizations.
Step 2

Select from the console the resource type and ID of
interests you and check the detected irregularities on
the chart. You can also use the integration with
Amazon GuardDuty and AWS Security Hub.
Step 3

Amazon Detective provides interactive charts along
with detailed data and results context. In addition,
we get such accurate data as location or behavior
patterns on the main account.
Step 4

Triage security
findings
It allows to determine the incident
related IP addresses, resources and AWS
accounts as well as activities at the time
when the event took place and to
determine whether it is really malicious
activity or false alarm.

It allows conducting an investigation
process, in-depth analysis of malicious
activity detected by services such as
Amazon GuardDuty, along with
determining its impact and scope on
security.
Incident
investigation

This is a proactive analysis, providing
explanations based on time analysis,
which aims to locate hidden threats
based on hypotheses and tips.
Threat
hunting

Benefits from Amazon Detective implementation
▪ compliance with industry best practices and standards,
▪ accurate and comprehensive reports indicating threats, security gaps and the exact
location of their occurrence,
▪ automated security solution,
▪ the ability to integrate with security offered by other providers,
▪ simplifying the investigation process and improving the detection of potential threats,
▪ it is time saving.

Any questions?
We can help you!
Feel free to contact us
kontakt@lcloud.pl
www.lcloud.pl
Thank you for your time!
All source materials in the presentation have been appropriately marked.

The move to AWS enables new application and architectural patterns that are in a continual state of change. The only way that your infrastructure, security, and operations can keep pace with these changes is with automation. In this session, we discuss the various automation tools you can use to first deploy the AWS infrastructure (as code), add the VM-Series to protect against threats (security as code), and then automatically update the policy based on Amazon GuardDuty or AWS Security Hub finding (operations as code). A brief demonstration concludes the session. This presentation is brought to you by AWS partner, Palo Alto Networks.

Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...

Amazon Web Services LATAM

Mythical Mysfits: Build & collaborate on a modern web application on AWS - MA...

Amazon Web Services

In this workshop, learn how to deploy a fully functional web application on AWS. We show you how to use the AWS services that enable you to focus on writing code without needing to manage underlying infrastructure. We use service such as AWS Fargate, AWS Lambda, and Amazon DynamoDB to build and deploy a web application on AWS, connect the application to a backend database, and capture and analyze data on user behavior. To participate, you need a laptop (macOS or Windows), an AWS account with administrator-level access, and an active GitHub account.

Build sophisticated forecasting and recommendation models - AIM202 - New York...

Amazon Web Services

Accurate forecasting and personalization create many opportunities. Amazon Forecast uses machine learning to give you forecasts that are up to 50% more accurate than forecasts from traditional methods. Amazon Personalize can create individualized recommendations for each of your customers. You don’t need machine learning to get started; both services use sophisticated techniques to analyze your data, select the right algorithm, and automatically train a custom model that’s specific to your use case. We discuss how AWS customers use these services. You can also learn how to get started using them in your organization.

Deep dive on security in Amazon S3 - STG304 - Chicago AWS Summit

Amazon Web Services

Amazon S3 and Amazon S3 Glacier provide some of the most enhanced data-security features available in the cloud today. In this chalk talk, learn directly from the AWS engineering team that builds and maintains Amazon S3 security functionality, like encryption, public-access visibility, and much more. We will consider your feedback, address your questions, and mine your expertise to discuss innovative ways of ensuring your data is available only to the users and applications that need it.

Best practices for queue processing in serverless applications - MAD313 - Chi...

Amazon Web Services

In this session, we learn about best practices to help you integrate serverless applications using Amazon Simple Queue Service (Amazon SQS). We explore how to tune AWS Lambda and Amazon SQS to scale your existing applications without having to worry about provisioning capacity. We also discuss how to bridge high-scale serverless applications with limited server-full applications such as relational databases.

Unified monitoring of the container environment, containers, and applications...

Amazon Web Services

With Amazon EKS, AWS Fargate, and Amazon ECS, AWS makes it easy to run containerized applications. However, a perfectly running containerized environment does not ensure a perfect user experience for your customers. In this session, we explore the interdependencies between container environment and the health of containers and applications. We examine how container health can jeopardize application health and how to identify noisy neighbors that might slow down your application’s response time and impact the user’s experience. We show you how to get full insight into your container environment, containers, and applications without touching a single line of application code. This presentation is brought to you by AWS partner, Dynatrace.

AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhor...

Amazon Web Services LATAM

You can now use Amazon Elastic Container Service for Kubernetes (Amazon EKS) to run Windows Server workloads as part of a developer preview. In this chalk talk, we provide an overview of this new functionality, and you have the opportunity to ask technical questions about the latest Kubernetes functionality and how to validate performance and stability of containerized Windows applications managed by Amazon EKS.

Top Cloud Security Myths - Dispelled

Amazon Web Services

Core services

Richard Harvey

Top Cloud Security Myths – Dispelled!

AWS Summits

In this session, we cover the most common cloud security questions that we hear from customers. We provide detailed answers for each question, distilled from our practical experience working with organizations around the world. This session is for everyone who is curious about the cloud, cautious about the cloud, or excited about the cloud. Blake Chism, Head of Technical Business Development, Amazon Web Services

Top Four Ways to Leverage Machine Learning on a Mobile Device - MAD304 - Anah...

Amazon Web Services

Using chaos to bring resiliency to your applications

John Varghese

Chaos engineering takes the complexity of a distributed system and tests it holistically by simulating turbulent conditions and observing how the system responds and performs. The data collected helps you build more resilient applications. This talk will explain the basic principles of chaos engineering and how they can be applied to build applications that will let you sleep through the night. Arun Gupta

Serverless AI-Powered Identity Management - AWS Summit Sydney

Amazon Web Services

This session will explore how to use chatbots and AWS services to offload some of the most frequent calls to your service centre. Empower employees to manage their own accounts, passwords, and access. See how natural language interfaces combined with AWS serverless technologies enable your organisation to build cost effective self-service capabilities. You'll learn how to provide a personal experience for your users, right on their mobile phones.

Build scalable applications with a serverless relational database - ADB211 - ...

Amazon Web Services

Amazon Aurora Serverless is an on-demand, autoscaling configuration for Amazon Aurora that enables the database to automatically start, shut down, and scale up or down based on your application's needs. With it, you can run your database in the cloud without having to manage any database instances, making Amazon Aurora Serverless a simple, easy-to-manage, scalable, and cost-effective option for infrequent, intermittent, or unpredictable workloads. In this session, we explore use cases, examine the underlying mechanisms, and discuss the future of serverless databases.

Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit

Amazon Web Services

With changing business goals, new traffic patterns, and demands for cost optimization, businesses need to scale their databases up or down and in or out on the cloud. In this chalk talk, learn how to scale compute resources up or down, and understand how to scale up the storage size of your Amazon RDS for Oracle instances. Also learn how to scale out or scale in your Oracle Read Replicas to sustain changing read traffic. Come to this chalk talk to learn, ask questions, and share your experiences.

Mythical Mysfits: Monolith to Microservices with Docker and Fargate - MAD305 ...

Amazon Web Services

Traditional monolithic architectures are hard to scale. As an application's code base grows, it becomes too complex to update and maintain. Introducing new features, languages, frameworks, and technologies becomes hard, limiting innovation and new ideas. Within a microservices architecture, each application component runs as its own service and communicates with other services through a well-defined API. Microservices are built around business capabilities, and each service performs a single function. In this workshop, we show you how to run a simple monolithic application in a Docker container, deploy the same application as microservices, and switch traffic to the microservices without downtime.

SJAWS recap reinforce

Shogo Matsumoto

Getting Started with Serverless Architectures

AWS Summits

Serverless architectures let you build and deploy applications and services with infrastructure resources that require zero administration. In this session, you will learn about serverless architectures, their benefits, and the basics of the AWS’s serverless stack (e.g., AWS Lambda, Cognito, Amazon API Gateway, and AWS Step Functions). We will discuss how to use serverless architectures for a variety of use cases including data processing, website backends, serverless applications, and “operational glue.” You will also get practical tips and tricks, best practices, and architecture patterns that you can take back and implement immediately. Eduardo Patino, LATAM Solutions Architect, Amazon Web Services Mauricio Romero Escobar, IT Consultant, SAT Guatemala

Making application threat intelligence practical - DEM06 - AWS reInforce 2019

Amazon Web Services

The daily volume of cyberattacks that target applications and the frequency of associated breaches is overwhelming to even the most experienced security professionals. We cover important lessons learned from F5 Labs’ analysis of global attack data and breach root causes that are attributed to application threats. This helps you understand attackers’ top targets and motives and the changing application security landscape of systems used to launch application attacks. Addressing these threats requires practical controls that organizations can be successful with. We offer tips and tricks that you can work on immediately to address common application threats and appropriately prioritize your application security controls.

Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...

Amazon Web Services

We begin this session by taking a brief tour through the history of infrastructure and the evolution of our ability to scale. This includes what provisioning and scaling look like when working with physical servers. We then discuss the technologies that made automatic scaling possible. We also provide an overview of the most common scaling that is available today. Finally, we discuss how to monitor the things that matter. Using this framework, we can determine what metrics we should scale on for different types of applications and workloads.

Securing AWS Environments

Ashish Kaushik

Cybersecurity: A Drive Force Behind Cloud Adoption

Amazon Web Services

There are four common challenges that CISOs and their security teams struggle with even in the most secure and mature organizational datacenters - visibility, resilience, defense-in-depth, and automation. Learn how these challenges become benefits of using the AWS Cloud and why cybersecurity is becoming a driving force behind commercial cloud adoption. This is an executive level presentation that covers key technical concepts and capabilities to meet business security and compliance objectives. Intended audience includes CIOs, CISOs, technical managers, senior architects and engineers new to AWS, and technically-savvy business managers.

Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017

Amazon Web Services

Executives from the Intelligence community discuss cloud security best practices in a field where security is imperative to operations. Security Cloud Chief John Nicely and Deputy Chief of Cyber Integration Scott Kaplan share success stories of migrating mass data to the cloud from a security perspective. Hear how they migrated their IT portfolios while managing their organizations' unique blend of constraints, budget issues, politics, culture, and security pressures. Learn how these institutions overcame barriers to migration, and ask these panelists what actions you can take to better prepare yourself for the journey of mass migration to the cloud.

Automating Event Driven Security in AWS,

Amazon Web Services

Creating resiliency through destruction

Amazon Web Services

With the wide adoption of micro-services and large-scale distributed systems, architectures have grown increasingly complex and hard to understand. Worse, the software systems running them have become extremely difficult to debug and test, increasing the risk of outages. With these new challenges, new tools are required and since failures have become more and more chaotic in nature, we must turn to chaos engineering in order to reveal failures before they become outages. In this talk, we will make an introduction to chaos engineering, a discipline that promotes breaking things on purpose in order to learn how to build more robust systems and we will deep dive into designing large-scale resilient architectures.

Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit

Amazon Web Services

Cloud Forensics and Incident Response Training.pdf

Christopher Doman

Beginners guide to aws security monitoring

rahuldesh

What's hot

Support for Amazon EKS and Windows container workloads - MAD304 - New York AW...

Amazon Web Services

Top Cloud Security Myths - Dispelled

Amazon Web Services

Core services

Richard Harvey

Top Cloud Security Myths – Dispelled!

AWS Summits

Top Four Ways to Leverage Machine Learning on a Mobile Device - MAD304 - Anah...

Amazon Web Services

Using chaos to bring resiliency to your applications

John Varghese

Serverless AI-Powered Identity Management - AWS Summit Sydney

Amazon Web Services

Build scalable applications with a serverless relational database - ADB211 - ...

Amazon Web Services

Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit

Amazon Web Services

Mythical Mysfits: Monolith to Microservices with Docker and Fargate - MAD305 ...

Amazon Web Services

SJAWS recap reinforce

Shogo Matsumoto

Getting Started with Serverless Architectures

AWS Summits

Making application threat intelligence practical - DEM06 - AWS reInforce 2019

Amazon Web Services

Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...

Amazon Web Services

Securing AWS Environments

Ashish Kaushik

Cybersecurity: A Drive Force Behind Cloud Adoption

Amazon Web Services

Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017

Amazon Web Services

Automating Event Driven Security in AWS,

Amazon Web Services

Creating resiliency through destruction

Amazon Web Services

Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit

Amazon Web Services

What's hot (20)

Support for Amazon EKS and Windows container workloads - MAD304 - New York AW...

Top Cloud Security Myths - Dispelled

Core services

Top Cloud Security Myths – Dispelled!

Top Four Ways to Leverage Machine Learning on a Mobile Device - MAD304 - Anah...

Using chaos to bring resiliency to your applications

Serverless AI-Powered Identity Management - AWS Summit Sydney

Build scalable applications with a serverless relational database - ADB211 - ...

Scaling a database with Amazon RDS for Oracle - ADB208 - Chicago AWS Summit

Mythical Mysfits: Monolith to Microservices with Docker and Fargate - MAD305 ...

SJAWS recap reinforce

Getting Started with Serverless Architectures

Making application threat intelligence practical - DEM06 - AWS reInforce 2019

Automatically scaling your Kubernetes workloads - SVC210-S - Santa Clara AWS ...

Securing AWS Environments

Cybersecurity: A Drive Force Behind Cloud Adoption

Best Security Practices in the Intelligence Community - SID214 - re:Invent 2017

Automating Event Driven Security in AWS,

Creating resiliency through destruction

Plan Advanced AWS Networking Architectures - SRV323 - Chicago AWS Summit

Similar to On a trail with Amazon Detective | LCloud

Cloud Forensics and Incident Response Training.pdf

Christopher Doman

Beginners guide to aws security monitoring

rahuldesh

A Case Study on Insider Threat Detection

Amazon Web Services

Sumo Logic Cert Jam - Security Analytics

Sumo Logic

AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...

Amazon Web Services

In a rapidly changing IT environment, detecting and responding to new threats is more important than ever. This session shows you how to build a predictive analytics stack on AWS, which harnesses the power of Amazon Machine Learning in conjunction with Amazon Elasticsearch Service, AWS CloudTrail, and VPC Flow Logs to perform tasks such as anomaly detection and log analysis. We also demonstrate how you can use AWS Lambda to act on this information in an automated fashion, such as performing updates to AWS WAF and security groups, leading to an improved security posture and alleviating operational burden on your security teams.

A Case Study on Insider Threat Detection

Amazon Web Services

DIY guide to runbooks, incident reports, and incident response

Nathan Case

In this session, we explore the cost of incidents and consider creative ways to look at future threats. We walk you through the threat landscape, looking at what has happened over the last year. Learn about the best open-source tools to have in your security arsenal now and in the future to help you detect and deal with the threats of today and tomorrow. Finally, learn how to identify where these threats are coming from and how to detect them more easily. The information in this session is provided by various teams and sources

An Active Case Study on Insider Threat Detection in your Applications

Amazon Web Services

Using ML with Amazon SageMaker & GuardDuty to identify anomalous traffic - SE...

Amazon Web Services

This workshop provides a hands-on opportunity for you to learn to use machine learning (ML) via Amazon SageMaker in your security pipeline. You are guided through the process of feeding data from AWS CloudTrail and Amazon GuardDuty into Amazon SageMaker in order to augment GuardDuty findings. You’ll receive an introduction to Amazon SageMaker and leverage the IP Insights algorithm to train a model based on IP addresses in the CloudTrail logs. This model is used to score IP addresses from GuardDuty findings to gain additional threat information about alerts, enabling security operators to better prioritize alerts for further action.

Security Certification: Security Analytics using Sumo Logic - Oct 2018

Sumo Logic

Get Certified as a Sumo Security Power User! With security threats on the rise, come join our Security and Compliance experts to learn how Sumo Logic’s Threat Intelligence can help you stay on top of your environment by matching IOCs like IP address, domain names, URL, email addresses, MD5 hashes and more, to increase velocity and accuracy of threat detection. Hands on labs help cement the knowledge learned.

Secure and Automate AWS Deployments with Next Generation SecurityAmazon Web Services

test-sgsgsgs.pptx

shramangupta2

Continuous security monitoring and threat detection with AWS services - SEC20...

Amazon Web Services

Join us for this chalk talk, where we discuss several AWS services involved with threat detection and remediation, including Amazon GuardDuty, Amazon Macie, and AWS Config. We walk you through real-world threat scenarios and answer your questions about how to approach threat detection on AWS. For each scenario, we review methods to remediate the threat using GuardDuty, Macie, and AWS Config, and other services, including AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, DNS logs, AWS Lambda, and Amazon Inspector.

AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...

Brian Andrzejewski

AWS CloudTrail helps you discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. In this session, you learn about the AWS CloudTrail service and its value for security operations. The session dives deep into sources of data enrichment and reviews how to leverage AWS CloudTrail as part of your security operations and incident response procedures. YouTube: https://www.youtube.com/watch?v=Tr78kq-Oa70

Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...

Amazon Web Services

Amazon GuardDuty is a threat detection system that is reimagined and purpose-built for the cloud. Once enabled, GuardDuty immediately starts analyzing continuous streams of account and network activity in near real-time and at scale. You do not have to deploy or manage any additional security software, sensors, or network appliances. Threat intelligence is pre-integrated into the service and is continuously updated and maintained. This session introduces you to GuardDuty, walks you through the detection of an event, and discusses the various ways you can react and remediate.

Amazon S3 console now reports security warnings, errors, and suggestions from...

Dhaval Soni

The Amazon Simple Storage Service (S3) console now reports security warnings, errors, and suggestions from Identity and Access Management (IAM) Access Analyzer as you author your S3 policies. The console automatically runs more than 100 policy checks to validate your policies. These checks save you time, guide you to resolve errors, and help you apply security best practices. By resolving errors and security warnings reported by the S3 console, you can validate that your policies are functional before you attach them to your S3 buckets or access points.

Scalable, Automated Anomaly Detection with GuardDuty, CloudTrail, & Amazon Sa...

Amazon Web Services

This workshop gives attendees an opportunity to develop a solution that can continuously monitor for and detect a realistic threat using Amazon GuardDuty in combination with machine learning-based AWS CloudTrail log analysis in Amazon SageMaker. Attendees learn how to perform serverless analysis of the Amazon CloudWatch Events for GuardDuty findings in AWS Lambda, load them into an ML model in Amazon SageMaker, and produce predictive alerts.

Threat Detection and Mitigation at Scale on AWS

Amazon Web Services

In this session, learn how AWS thinks about threat detection and remediation. We summarize the challenges of traditional threat detection efforts and explain how AWS helps address these challenges. We also provide an overview of key AWS services that detect and remediate threats to AWS. Finally, Terren Peterson, the VP of Software Engineering at Capital One, shares how his organization detects and remediates threats using Amazon GuardDuty and other AWS services.

Threat Detection & Remediation Workshop - Module 2

Amazon Web Services

by Greg McConnel, Sr. Security Solutions Architect, AWS This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.

Detecting and mitigating threats with AWS - SEC301 - Chicago AWS Summit

Amazon Web Services

Rarely does a day go by that we’re not reminded about the importance of the security of our online assets. Bad actors are continuously probing and looking for ways to compromise organizations’ defenses to gain access to valuable data or cause disruptions. In this session, learn how to address threat detection and remediation with AWS. We summarize the challenges of traditional threat detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of the key AWS services that detect and remediate threats, such as Amazon GuardDuty.

Similar to On a trail with Amazon Detective | LCloud (20)

Cloud Forensics and Incident Response Training.pdf

Beginners guide to aws security monitoring

A Case Study on Insider Threat Detection

Sumo Logic Cert Jam - Security Analytics

AWS re:Invent 2016: Predictive Security: Using Big Data to Fortify Your Defen...

A Case Study on Insider Threat Detection

DIY guide to runbooks, incident reports, and incident response

An Active Case Study on Insider Threat Detection in your Applications

Using ML with Amazon SageMaker & GuardDuty to identify anomalous traffic - SE...

Security Certification: Security Analytics using Sumo Logic - Oct 2018

Secure and Automate AWS Deployments with Next Generation Security

test-sgsgsgs.pptx

Continuous security monitoring and threat detection with AWS services - SEC20...

AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...

Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...

Amazon S3 console now reports security warnings, errors, and suggestions from...

Scalable, Automated Anomaly Detection with GuardDuty, CloudTrail, & Amazon Sa...

Threat Detection and Mitigation at Scale on AWS

Threat Detection & Remediation Workshop - Module 2

Detecting and mitigating threats with AWS - SEC301 - Chicago AWS Summit

More from LCloud

Well architected tool - Serverless and Machine Learning Lens

LCloud

Well-Architected Tool is one of the most useful during the designing process. AWS Best Practices helps in taking best business decisions while designing the optimal solution. You can find more in our blog posts: - Serverless Lens https://lcloud.pl/serverless-lens-od-aws/ - Machine Lerning Lens https://lcloud.pl/en/machine-learning-lens-from-aws/ Follow us on our social media channels: LCloud Blog https://lcloud.pl/en/blog/ Facebook https://bit.ly/2tCqBJS Twitter https://twitter.com/LCLOUD16 SlideShare https://www.slideshare.net/LCloud LinkedIn https://bit.ly/2syaQCr

3 ways to efficiently migrate your big data to AWS cloud | LCloud

LCloud

#bigdata #migration #aws #cloudcomputing Organizations processing large amounts of data face problems such as excessive maintenance costs and administrative problems while struggling to provide resources, coping with uneven workloads on a big scale, and pursuing innovation. AWS offers a wide selection of flexible on-demand computing resources, robust and inexpensive permanent storage, and managed services that provide current, known environments for creating and operating big data applications. You can find more in our blog post: https://lcloud.pl/en/big-data-migration-to-the-cloud/ Follow us on our social media channels: LCloud Blog https://lcloud.pl/en/blog/ Facebook https://bit.ly/2tCqBJS Twitter https://twitter.com/LCLOUD16 SlideShare https://www.slideshare.net/LCloud LinkedIn https://bit.ly/2syaQCr

"Don’t Run with Scissors: Serverless Security Survival Guide" | Hillel Solow,...

LCloud

"Building a Production-Grade Serverless Deployment" - Eoin Shanaghy, CTO, fo...

LCloud

Amazon Aurora MySQL - tips & tricks in configuration | LCloud

LCloud

#amazonwebservices #database #aurora Aurora is a fully managed MySQL compliant database engine. You can find more in our blog entry: https://lcloud.pl/en/amazon-aurora-mysql-tips-tricks/ Follow us on our social media channels: LCloud Blog https://lcloud.pl/en/blog/ Facebook https://bit.ly/2tCqBJS Twitter https://twitter.com/LCLOUD16 SlideShare https://www.slideshare.net/LCloud LinkedIn https://bit.ly/2syaQCr

AWS Landing Zone Essentials PL | LCloud

LCloud

Czym jest AWS Landing Zone? Z czego się składa? Jak skonfigurować usługę i dlaczego warto ją wdrożyć. Tego wszystkiego dowiesz się z naszej infografiki. Więcej znajdziesz na blogu: https://lcloud.pl/aws-landing-zone/ Koniecznie nie zapomnij odwiedzić naszego bloga i kanałów społecznościowych! Blog LCloud https://bit.ly/2Vgooz4 Facebook https://bit.ly/2tCqBJS Twitter https://twitter.com/LCLOUD16 LinkedIn https://bit.ly/2syaQCr YouTube https://bit.ly/2tGV62b Pytania? Napisz do nas: kontakt@lcloud.pl https://lcloud.pl/

Security management using devops | LCloud

LCloud

Security is one of the most important aspects when designing and creating environments in the cloud. It is worth considering infrastructure design in relation to best practices. DevOps can be such an example. All the sources are linked in the presentation. Enjoy and don't forget to check out our blog and other social media! LCloud Blog https://bit.ly/2Vgooz4 Facebook https://bit.ly/2tCqBJS Twitter https://twitter.com/LCLOUD16 LinkedIn https://bit.ly/2syaQCr YouTube https://bit.ly/2tGV62b Questions? Feel free to ask: kontakt@lcloud.pl https://lcloud.pl/

Amazon Neptune - visually more options

LCloud

Amazon Neptune is a service that allows you to use graph structures and nodes to visualize stored data in an accessible way. You can find more in our blog entry: https://tinyurl.com/y623ff5j All the sources are linked in the presentation. Enjoy and don't forget to check out our blog and other social media! LCloud Blog https://bit.ly/2Vgooz4 Facebook https://bit.ly/2tCqBJS Twitter https://twitter.com/LCLOUD16 LinkedIn https://bit.ly/2syaQCr YouTube https://bit.ly/2tGV62b Questions? Feel free to ask: kontakt@lcloud.pl https://lcloud.pl/

How to use AWS practices to provide the enterprise architecture in the cloud

LCloud

Overview of Amazon Web Services - kwiecień 2017

LCloud

Good practices to design and implement IT architecture based on AWS

LCloud

Lcloud na AWS re: Invent 2016 w Las Vegas

LCloud

What to know about Amazon Elastic Block Store (EBS)

LCloud

More from LCloud (13)

Well architected tool - Serverless and Machine Learning Lens

3 ways to efficiently migrate your big data to AWS cloud | LCloud

"Don’t Run with Scissors: Serverless Security Survival Guide" | Hillel Solow,...

"Building a Production-Grade Serverless Deployment" - Eoin Shanaghy, CTO, fo...

Amazon Aurora MySQL - tips & tricks in configuration | LCloud

AWS Landing Zone Essentials PL | LCloud

Security management using devops | LCloud

Amazon Neptune - visually more options

How to use AWS practices to provide the enterprise architecture in the cloud

Overview of Amazon Web Services - kwiecień 2017

Good practices to design and implement IT architecture based on AWS

Lcloud na AWS re: Invent 2016 w Las Vegas

What to know about Amazon Elastic Block Store (EBS)

Recently uploaded

By Design, not by Accident - Agile Venture Bolzano 2024

Pierluigi Pugliese

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

FIDO Alliance

Communications Mining Series - Zero to Hero - Session 1

DianaGray10

This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered: • Communication Mining Overview • Why is it important? • How can it help today’s business and the benefits • Phases in Communication Mining • Demo on Platform overview • Q/A

Securing your Kubernetes cluster_ a step-by-step guide to success !

KatiaHIMEUR1

Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster. However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks. In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.

Monitoring Java Application Security with JDK Tools and JFR Events

Ana-Maria Mihalceanu

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

FIDO Alliance

Video Streaming: Then, Now, and in the Future

Alpen-Adria-Universität

In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.

Introduction to CHERI technology - Cybersecurity

mikeeftimakis1

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Removing Uninteresting Bytes in Software Fuzzing

Aftab Hussain

Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process. In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds. - These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Prayukth K V

The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development. The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers: State of global ICS asset and network exposure Sectoral targets and attacks as well as the cost of ransom Global APT activity, AI usage, actor and tactic profiles, and implications Rise in volumes of AI-powered cyberattacks Major cyber events in 2024 Malware and malicious payload trends Cyberattack types and targets Vulnerability exploit attempts on CVEs Attacks on counties – USA Expansion of bot farms – how, where, and why In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East Why are attacks on smart factories rising? Cyber risk predictions Axis of attacks – Europe Systemic attacks in the Middle East Download the full report from here: https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/

Elevating Tactical DDD Patterns Through Object Calisthenics

Dorra BARTAGUIZ

After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!

DevOps and Testing slides at DASA Connect

Kari Kakkonen

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Epistemic Interaction - tuning interfaces to provide information for AI support

Alan Dix

Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024 https://alandix.com/academic/papers/synergy2024-epistemic/ As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

DanBrown980551

Do you want to learn how to model and simulate an electrical network from scratch in under an hour? Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)! During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook. PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides: - A fully editable and extendable library for grid component modelling; - Visualization tools to display your network; - Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses; The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well. What you will learn during the webinar: - For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills; - For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

91mobiles

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

Albert Hoitingh

The Art of the Pitch: WordPress Relationships and Sales

Laura Byrne

Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes? All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.

GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...

Neo4j

Leonard Jayamohan, Partner & Generative AI Lead, Deloitte This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.

Recently uploaded (20)

By Design, not by Accident - Agile Venture Bolzano 2024

FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf

Communications Mining Series - Zero to Hero - Session 1

Securing your Kubernetes cluster_ a step-by-step guide to success !

Monitoring Java Application Security with JDK Tools and JFR Events

FIDO Alliance Osaka Seminar: Passkeys and the Road Ahead.pdf

Video Streaming: Then, Now, and in the Future

Introduction to CHERI technology - Cybersecurity

UiPath Test Automation using UiPath Test Suite series, part 4

Removing Uninteresting Bytes in Software Fuzzing

State of ICS and IoT Cyber Threat Landscape Report 2024 preview

Elevating Tactical DDD Patterns Through Object Calisthenics

DevOps and Testing slides at DASA Connect

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Epistemic Interaction - tuning interfaces to provide information for AI support

LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...

Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf

Encryption in Microsoft 365 - ExpertsLive Netherlands 2024

The Art of the Pitch: WordPress Relationships and Sales

GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...

On a trail with Amazon Detective | LCloud

1. On a trail with Amazon Detective On a trail with Amazon Detective

2. What is Amazon Detective?

3. Amazon Detective is the latest security service from the AWS family. It uses machine learning, statistical analysis and graph theory, in combination with AWS resource log data to detect potentially dangerous activities and security issues. It allows clients to view summaries and analytical data related to events in AWS CloudTrail as well as VPC Flow Logs. Amazon Detective also processes the results obtained from Amazon GuardDuty, when customer enabled the service.

4. Mechanism behind the Amazon Detective

5. How it works? Source: https://aws.amazon.com/detective/

6. How to launch Amazon Detective?

7. Select and run Amazon Detective from the AWS console. Then configure the organization's accounts for monitoring and the "master" account for data collection. Step 1

8. The Amazon Detective service immediately begins the analysis of telemetry data, creating graphical visualizations. Step 2

9. Select from the console the resource type and ID of interests you and check the detected irregularities on the chart. You can also use the integration with Amazon GuardDuty and AWS Security Hub. Step 3

10. Amazon Detective provides interactive charts along with detailed data and results context. In addition, we get such accurate data as location or behavior patterns on the main account. Step 4

11. Use cases

12. Triage security findings It allows to determine the incident related IP addresses, resources and AWS accounts as well as activities at the time when the event took place and to determine whether it is really malicious activity or false alarm.

13. It allows conducting an investigation process, in-depth analysis of malicious activity detected by services such as Amazon GuardDuty, along with determining its impact and scope on security. Incident investigation

14. This is a proactive analysis, providing explanations based on time analysis, which aims to locate hidden threats based on hypotheses and tips. Threat hunting

15. Benefits from implementation

16. Benefits from Amazon Detective implementation ▪ compliance with industry best practices and standards, ▪ accurate and comprehensive reports indicating threats, security gaps and the exact location of their occurrence, ▪ automated security solution, ▪ the ability to integrate with security offered by other providers, ▪ simplifying the investigation process and improving the detection of potential threats, ▪ it is time saving.

17. Any questions? We can help you! Feel free to contact us kontakt@lcloud.pl www.lcloud.pl Thank you for your time! All source materials in the presentation have been appropriately marked.

On a trail with Amazon Detective | LCloud

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Similar to On a trail with Amazon Detective | LCloud

Similar to On a trail with Amazon Detective | LCloud (20)

More from LCloud

More from LCloud (13)

Recently uploaded

Recently uploaded (20)

On a trail with Amazon Detective | LCloud