Ryan Holland (Cloud Platform Solutions Director, Alert Logic)'s presentation on securing your AWS environment at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: Realities of Security in the CloudAlert Logic
James Brown (VP Technology Solutions Group, Alert Logic)'s presentation on the reality of securing your digital transformation to the cloud at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: Amazon Web Services: Understanding the Shared Security ModelAlert Logic
Bill Murray (Director of Security Programs, AWS)'s presentation on the Shared Security Model at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWSAlert Logic
Clarke Rodgers (CISO, SCOR Velogica)'s presentation on SCOR's journey to SOC2/TYPE2 via AWS at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Ryan Holland (Cloud Platform Solution Director, Alert Logic) and Pat McDowell (Partner Solution Architect, Amazon Web Services)'s presentation on AWS security services like AWS Inspector, AWS WAF, and AWS Config Rules at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: Live Cyber Hack DemonstrationAlert Logic
James Brown (VP Technology Solutions Group, Alert Logic), Stephen Coty (Chief Security Evangelist, Alert Logic), and Paul Fletcher (Security Evangelist, Alert Logic)'s live hack demonstration at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: Realities of Security in the CloudAlert Logic
James Brown (VP Technology Solutions Group, Alert Logic)'s presentation on the reality of securing your digital transformation to the cloud at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: Amazon Web Services: Understanding the Shared Security ModelAlert Logic
Bill Murray (Director of Security Programs, AWS)'s presentation on the Shared Security Model at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
#ALSummit: SCOR Velogica's Journey to SOC2/TYPE2 Via AWSAlert Logic
Clarke Rodgers (CISO, SCOR Velogica)'s presentation on SCOR's journey to SOC2/TYPE2 via AWS at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Ryan Holland (Cloud Platform Solution Director, Alert Logic) and Pat McDowell (Partner Solution Architect, Amazon Web Services)'s presentation on AWS security services like AWS Inspector, AWS WAF, and AWS Config Rules at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: Live Cyber Hack DemonstrationAlert Logic
James Brown (VP Technology Solutions Group, Alert Logic), Stephen Coty (Chief Security Evangelist, Alert Logic), and Paul Fletcher (Security Evangelist, Alert Logic)'s live hack demonstration at the NYC Alert Logic Cloud Security Summit on June 14, 2016.
#ALSummit: Accenture - Making the Move: Enabling Security in the CloudAlert Logic
Bill Phelps (Managing Director of Security Programs, Accenture)'s presentation on observations of cloud security trends at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Securing Healthcare Data on AWS for HIPAAAlert Logic
Get the scoop on addressing HIPAA compliance requirements and using DevOps and a Security Operations Center (SOC) to assist with compliance.
Slides from AWS Healthcare Meetup in NYC with Logicworks and Alert Logic on May 4, 2016.
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
James Brown, Director of Cloud Computing & Security Architecture, Alert Logic covers:
• The shared security model: what security you are responsible for to protect your content, applications, systems and networks vs AWS.
• Overview of the OWASP Top 10 most critical web application security risks (such as SQL injections)
• Best practices for how to protect your environment from the latest threats
#ALSummit: Accenture - Making the Move: Enabling Security in the CloudAlert Logic
Bill Phelps (Managing Director of Security Programs, Accenture)'s presentation on observations of cloud security trends at the NYC Alert Logic Cloud Security Summit on June 14th, 2016.
Securing Healthcare Data on AWS for HIPAAAlert Logic
Get the scoop on addressing HIPAA compliance requirements and using DevOps and a Security Operations Center (SOC) to assist with compliance.
Slides from AWS Healthcare Meetup in NYC with Logicworks and Alert Logic on May 4, 2016.
Journey to the Cloud: Securing Your AWS Applications - April 2015Alert Logic
James Brown, Director of Cloud Computing & Security Architecture, Alert Logic covers:
• The shared security model: what security you are responsible for to protect your content, applications, systems and networks vs AWS.
• Overview of the OWASP Top 10 most critical web application security risks (such as SQL injections)
• Best practices for how to protect your environment from the latest threats
Welcome to everything the cloud has to offer. Now, you need to keep your apps and workloads secure, without compromising the speed and flexibility of the cloud. This is the new economics of cloud security.
Learn more: https://www.alertlogic.com/neweconomics
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
DevSecOps: Taking a DevOps Approach to SecurityAlert Logic
More organisations are embracing DevOps and automation to realise compelling business benefits, such as more frequent feature releases, increased application stability, and more productive resource utilization. However, many security and compliance monitoring tools have not kept up. In fact, they often represent the largest single remaining barrier to continuous delivery.
AWS Business Essentials helps IT business leaders and professionals understand the benefits of cloud computing and how a cloud strategy can help you meet your business objectives. In this course we discuss the advantages of cloud computing for your business and the fundamentals of AWS, including financial benefits. This course also introduces you to successful cloud adoption frameworks so to help you consider the AWS platform within your cloud computing strategy. We have broken this training into 3 parts during the event, in order to complete the training please plan to attend all 3 sessions.
Architecting for the Cloud: demo and best practices, by Simone Brunozzi (2011...Amazon Web Services
Architecting for the Cloud: Demo and best practices.
Follow Simone Brunozzi on Twitter: @simon
Presentation recorded on July 14th, 2011, in Sydney during the 2011 AWS Tour Australia.
For the video (including audio), go here: http://www.slideshare.net/AmazonWebServices/video-architecting-for-the-cloud-demo-and-best-practices
Traditional data warehouses become expensive and slow down as the volume of your data grows. Amazon Redshift is a fast, petabyte-scale data warehouse that makes it easy to analyze all of your data using existing business intelligence tools for 1/10th the traditional cost. This session will provide an introduction to Amazon Redshift and cover the essentials you need to deploy your data warehouse in the cloud so that you can achieve faster analytics and save costs.
As organizations shift control of their infrastructure and data to the cloud, it is critical that they rethink their application security efforts. This can be accomplished by ensuring applications are designed to take advantage of built-in cloud security controls and configured properly in deployment.
Attend this webcast to gain insight into the security nuances of the cloud platform and risk mitigation techniques. Topics include:
• Common cloud threats and vulnerabilities
• Exposing data with insufficient Authorization and Authentication
• The danger of relying on untrusted components
• Distributed Denial of Service (DDoS) and other application attacks
• Securing APIs and other defensive measures
AWS Community Day - Vitaliy Shtym - Pragmatic Container SecurityAWS Chicago
Vitaliy Shtym - Pragmatic Container Security
We'll use practical examples to understand the security strategy and tactics needed to accelerate development while meeting security goals no matter where you deploying containers.
AWS Community Day
aws community day | midwest 2019
Pragmatic Container Security (Sponsored by Trend Micro) - AWS Summit SydneyAmazon Web Services
Containers accelerate development. They address the very real challenge of application packaging and delivery. Thanks to containers, teams can quickly and reliably deploy their applications in a variety of environments. But solutions always come with a cost. Containers simplify the developer experience by pushing complexity down into the infrastructure. This shift requires a change in the security approach in order to preserve the advantages containers bring. In this talk, we'll use practical examples to understand the security strategy and tactics you need to continue to accelerate development while meeting your security goals no matter where you're deploying containers.
How Retail Insights, LLC Used Alert Logic to Meet Compliance Mandates and Enh...Amazon Web Services
Retail Insights, LLC lacked sufficient visibility into their AWS environment and were relying on third party developers to build their web applications. To gain a better understanding of their security posture, they sought out a security solution that would provide total visibility into their apps and environment. Additionally, a new business opportunity arose that required Retail Insights to demonstrate how they would meet HIPAA compliance for PII data. Alert Logic helped Retail Insights by not only helping them gain visibility into their AWS environment, but providing a comprehensive security solution that protected several layers of the application stack with a team of security experts actively monitoring and protecting them from threats
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...Amazon Web Services
We’ve entered a new connectivity oriented world where we can access information any time, any place, on any device, 24 hours a day, and cloud computing is a major enabler of this flexibility. Like you, more and more businesses are looking to the cloud for better, faster, more powerful and affordable communications and while many would think that security in the cloud is much different, the reality is less dramatic. Moving to the cloud still requires using proven security techniques, but sometimes in new and dynamic ways that adapt to the elastic nature of cloud architecture. Join us as we discuss the latest cloud security solutions, including real world examples of how organizations like yours are succeeding against new and evolving threats. We will examine security considerations beyond what is provided by security-conscious cloud providers like Amazon Web Services and what additional factors you might want to think about when deploying to the cloud.
Jobvite: A Holistic Approach to SecurityTheodore Kim
AWS Loft presentation on 04/28/16.
You’ve configured host and network based ACLs, enabled CloudTrail logging, encrypted all data at rest (EBS & S3), secured your AMIs, regularly patch EC2 instances, and locked down IAM roles. But are you secure? How do you know if/when a security incident has occurred, detect unauthorized access to data, identify vulnerabilities in your application, block online attacks in real-time, or certify your application as truly secure?
Theodore Kim, VP of Technical Operations at Jobvite, and his team will present a holistic approach to securing your application environment hosted in AWS. Topics will include:
- Do I need an Intrusion Detection/Prevention (IDS/IPS) System?
- How to detect and block network/application intrusion attempts in real time.
- Log file parsing/alerting via Security Information & Event Management (SIEM) systems to identify anomalous system activity.
- An overview of penetration/vulnerability testing services.
- Auditing your environment to identify security vulnerabilities and support compliance efforts.
- How to incorporate security vulnerability scanning into the build and release process.
RightScale Webinar: Security and Compliance in the CloudRightScale
In this webinar we talk about how the cloud security landscape continues to evolve, then show you a demo of how enterprises are using RightScale to help them securely manage all their cloud infrastructure.
Key Topics:
1. Understanding the security requirements of cloud
2. Security certifications among cloud providers
3. Managing secure & compliant cloud-enabled organizations
4. Live demo of the RightScale approach
Danny Mak, Partner Solutions Architect, APAC shares how to modernize with containers and build using DevOps on AWS during the AWS ASEAN Partner Techshift.
Security in the cloud Workshop HSTC 2014Akash Mahajan
A broad overview of what it takes to be secure. This is more of an introduction where we introduce the basic terms around Cloud Computing and how do we go about securing our information assets(Data, Applications and Infrastructure)
The workshop was fun because all the slides were paired with real world examples of security breaches and attacks.
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Amazon Web Services
You might think it’s impossible to achieve NIST 800-53 high impact controls in your environment but with AWS and Trend Micro you can achieve this seemingly impossible mission, even in hybrid environments. Learn how to leverage AWS and Trend Micro security controls to retain logs, control access to systems or monitor changes and more and how to automate everything using technologies like AWS CloudFormation. Join this session and get a peek at the inner workings of the AWS & Trend Micro Quick Start Reference Deployment Guide for NIST 800-53 that can help you quickly deliver high-impact controls in an automated, repeatable fashion.
Customers using AWS benefit from over 1,800 security and compliance controls built into the AWS platform and operations. In this session, you will learn how to take advantage of the advanced security features of the AWS platform to gain the visibility, agility, and control needed to be more secure in the cloud than in legacy environments. We'll take a look at several reference architectures for common workloads and highlight the innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the shared security responsibility model and understand how to benefit from controls from the rich compliance and accreditation programs maintained by AWS. Speaker: Stephen Quigg, Solutions Architect, Amazon Web Services
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Dev Dives: Train smarter, not harder – active learning and UiPath LLMs for do...UiPathCommunity
💥 Speed, accuracy, and scaling – discover the superpowers of GenAI in action with UiPath Document Understanding and Communications Mining™:
See how to accelerate model training and optimize model performance with active learning
Learn about the latest enhancements to out-of-the-box document processing – with little to no training required
Get an exclusive demo of the new family of UiPath LLMs – GenAI models specialized for processing different types of documents and messages
This is a hands-on session specifically designed for automation developers and AI enthusiasts seeking to enhance their knowledge in leveraging the latest intelligent document processing capabilities offered by UiPath.
Speakers:
👨🏫 Andras Palfi, Senior Product Manager, UiPath
👩🏫 Lenka Dulovicova, Product Program Manager, UiPath
2. Attacks Happen at Multiple Layers of the Application Stack
THE IMPACT
• Every layer of the
application stack is
under attack
• Attacks are multi-stage
using multiple threat
vectors
• Web applications are
#1 vector in the cloud
• Security must be
cloud-native, cover
every layer of
application stack, and
identify attacks at
every stage.
SQL
Injection
Identify &
Recon
Comman
d &
Control
Worm
Outbreak
Extract &
Exfiltrate
Malware
Brute
Force
Identify &
Recon
3. Relative Threats - Cloud vs On Premise
Source: Alert Logic Cloud Security Report, 2015
4. Global Threats - Time to Exposure
• Attacks against Microsoft DS
accounted for over 51% of
the overall attack vectors
• Database services have been
a consistent target
• 14% of the malware loaded
on the Honeypots was
considered undetectable by
AV
5. Attackers Are Focused on Your Network, Hosts, and Apps
• Secure coding and best practices
• Software and virtual patching
• Configuration management
• Access management
• Application level attack monitoring
• Access management
• Patch management
• Configuration hardening
• Security monitoring
• Log analysis
• Network threat detection
• Security monitoring
• Logical network segmentation
• Perimeter security services
• External DDoS, spoofing, and scanning prevented
• Hardened hypervisor
• System image library
• Root access for customer
PROVIDES
• Configuration
best practices
8. Securing Your AWS Account
• Lock down the root account
• Delete any root API keys
• Enable Hardware MFA for the root account – define an auditable process for requesting the key
• Follow least privilege for IAM Users and Roles
• Avoid using “Admin” prebuilt policies unless absolutely necessary
• Leverage CloudTrail Logs and IAM Access Advisor to help tune policies
• Restrict SSH/RDP access for instances with IAM Roles
• Enable a strong password policy and MFA requirement for IAM users
• If users must have an API key ensure they are frequently rotated as well
• Enable CloudTrail and AWS Config
• Leverage the features to enable CloudTrail in all regions
• Use Config Rules to identify out of policy changes
• Not a one time activity – Continuously monitor for changes
10. Monitor Activity and Identify Insecure Configurations
• Inventory the services and regions you are using
• What regions do you have VPCs and instances?
• Which resources are accessible from the Internet?
• Leverage CloudTrail to identify new VPCs or service usage
• Define a consistent Tagging and Naming strategy for resources
• Ensure the AWS Service you’re using remain securely configured
• Disable non-secure ciphers on Elastic Load Balancers
• Remove S3 bucket permissions that allow global write or read
• Identify security groups or network ACLs that allow unrestricted access to sensitive ports
• Identify and remediate vulnerabilities in AMIs
• Patch your AMIs not your instances
• Maintain a list of trusted AMIs, restrict users from launching non-trusted images
• Scan instances frequently to identify new vulnerabilities
11. Implement Network and Log Visibility
• Capture log data from instances in real time
• Once an instance has been terminated you are unable to gather logs from it
• Collect and maintain instances metadata with the logos.
• Implement network intrusion detection
• Analyze network traffic for all instance traffic and not just VPC ingress and egress
• Look for Deny events in VPC Flow Logs to instances
• Implement a Web Application Firewall
• Inspection at layer 7 is required to identify application specific attacks
• Ideally leverage positive and negative enforcement
12. How Cloud Defender Works in AWS
AWS Service Log Collection Web and Network Security Events,
Application & server logs
Continuous Vulnerability Scanning
Configuration Assessments, and Environment
Visibility
AWS SERVICES INSTANCES & APPLICATIONS
Analytics Platform Threat Intel & Context Expert Analysis
Threat Detection with Remediation Tactics
YOUR TEAM
Vulnerability &
Configuration
Issues
And if we then take those stages we can see how they map to different parts of an application stack, from infrastructure, systems and applications. When we look at attacks in cloud environments while many of them focus on the application layer you do still need to have defenses in the other layers.
And on the topic of the types of threats one really interesting report that our Threat intelegence teams create every year is the Cloud Security Report, which looks at the types of threats we are seeing across both in our premise data centers and cloud environements. This data in this report is real-world data that’s collected and represents over 1Billion events and over 800,000 security incidents over a 12 month period. Whats interesting is you can see in the data that advisaries are adapting the types of attacks based on the environments and are especially focusing on Application attacks for cloud customers. You can get the full report at alertlogic.com/csr which gives much deeper into the data
One additional method we use to gather attack data is from our global honeynet network, its how quickly we begin to see attacks once a new honeynet node is activated. When we look at the tyype of attacks Microsfot Directory Services, database and administrative ports for SSH/RDP are consistant targets.
Highest volume of attacks occurred in Europe
Attacks against Microsoft DS accounted for over 51% of the overall attack vectors
Database services have been a consistent target
14% of the malware loaded on the Honeypots was considered undetectable by AV
Underscores the importance of a defense in depth strategy for the need to secure your enterprise and cloud infrastructure
Likely most everyone by now has at least heard of the shared responsibilty model, so I will cover this somewhat briefly. Under the SSR for infrastructure sevices like EC2 AWS is repsonsible to secure all of the infrastructure, networks and hosts all the way up to the hypervisor – which in a way is huge benefit to using AWS because for on-premise environments you would need to be responsible for these tasks this model allows you to leverage their expertise and focus on the part that you are repsonsible for.
The data showing attacks focusing on applications and remote access through ssh and rdp shows us that attackers are wise to the fact they are not likely to be successful in attacking componets that AWS is securing and are focusing on areas where the customers are responsible.
Attackers are wising up to the fact that businesses are not aware of the extent of their responsibilities – some of which may be beyond their existing capabilities
They are focusing their attention on the areas that fall to the customer to address, in particular the web application layer where we have see a large increase in the number of targeted attacks
**insert banner with Cloud Security report stats**
To helpsecure your AWS environement there are three tenents that we will focuson
Applications are often visualized as a stack and stacks like houses require a solid foundation otherwise bad things happen. So the first thing we’ll look at is shoring up the foundation which
Cloud Defender is doing two things: First it will scan you AWS services looking for any configuration issues. At the same time it scans your instances and applications looking for known vulnerabilities. That information gets passed back to your team in the form of prioritized remediation actions so you take focus on the issues that will have the biggest positive impact with regards to your risk.
While that is happening Cloud Defender is also collecting logs from your servers, apps, and AWS services, as well as network, web app events. This information is fed into an analytics platform. This platform analyzes the data, eliminating irrelevant events, and then, by applying threat intelligence and context generates actionable security events. These events are then vetted by a team of security experts, who have access to both the raw data that generated the event as well as a library of threat research that enables them to provide you with the context you need to understand the threat.
You are then contacted about the incident and provided remediation recommendations. This helps you focus on eliminating the issues without having to become an expert in any one specific threat vector.
Cloud Defender is always on, always working for you.