Join us for this hands-on workshop where you will learn about a number of AWS services you can use to identify and respond to threats in your AWS environments. Learn about the capabilities of Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub as you walk through real-world threat scenarios. For each scenario, we will review methods to detect and respond to threats both manually and automated using services like Amazon CloudWatch Events and AWS Lambda.
Build a dashboard using serverless security analytics - SDD201 - AWS re:Infor...Amazon Web Services
In this session, we walk you through a demo of how a security team can build dashboards in minutes without having to gain deep knowledge on analytics. The AWS serverless services we use include AWS WAF logs, AWS Glue, Amazon Athena, and Amazon QuickSight.
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
Slack stores lots of customer data, and it’s essential that it’s protected. Some customers need tight control over their keys, so Slack worked with AWS KMS to enable customers to revoke data access independently. With Slack’s Enterprise Key Management (EKM) capability, customers control master keys that unlock access to their data from KMS accounts. Using precise, granular KMS access controls, customers allow or deny access to individual channels, workspaces, or Slack channels and audit keys in AWS CloudTrail logs. This session covers KMS and how Slack used KMS to build the EKM capability. Learn how KMS can help you give your customers control over their data.
AWS supports logging in with Federated Access, using SAML or integration with Active Directory. This is integrated with user Roles in AWS which provide the permissions to access various services. in this session we will explain the options for authentication. we will cover basic access control concepts and in addition we will use AWS Systems Manager to talk about how you can also facilitate secured access to your Instances.
AWS Services: IAM, AWS SSO, Managed Active Directory, AWS Systems Manager (With Demo)
Enforcing security invariants with AWS Organizations - SDD314 - AWS re:Inforc...Amazon Web Services
The builder in you wants to move fast in the cloud, taking advantage of the agility, flexibility, and scale that it offers. The security professional in you needs to ensure that—no matter what your team is doing in the cloud—certain security and compliance invariants are guaranteed to hold. This session is for the security builders among you. We show you how to take advantage of the security perimeters offered by AWS Organizations to simply, securely, and definitively assert your security rules at the perimeter.
Securing serverless and container services - SDD306 - AWS re:Inforce 2019 Amazon Web Services
Most customers are uncertain of how to secure their serverless services because these services deviate from traditional perimeter security. Additionally, many security stakeholders do not have as much insight into serverless architectures as developer communities. In this session, we provide best practices, patterns, and demos on securing serverless services using a combination of secure coding practices with partner code libraries, DevOps principles, code/container version control using code, and a deep understanding of serverless services such as AWS Lambda, AWS Fargate, and Amazon EKS. We aim to provide some baselining mechanisms and patterns to build full serverless and secure service architectures.
Architecting security and governance through policy guardrails in Amazon EKS ...Amazon Web Services
Amazon EKS makes it easy to run Kubernetes on AWS without managing master nodes or etcd operators. Kubernetes offers a powerful abstraction layer for managing containerized infrastructure, which presents unique challenges to AWS media customers. In this session, we share lessons from Synamedia, and we discuss its reasons for moving to EKS and the security and governance implications for migrating workloads. Learn about the approach and benefits for establishing security and governance with Open Policy Agent (OPA), which uses Kubernetes validating and mutating admission controllers to establish policy guardrails for container registries, input, load balancers, and other objects within EKS.
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Amazon Web Services
With Amazon EC2, Amazon EBS, Amazon S3, AWS KMS, and more, Intuit’s data platform was able meet the requirements of high availability and rapid infrastructure scaling for 100 percent of the tax year’s seasonal demands. In this session, Intuit answers questions such as: Which portions of a complex system can be forklifted directly? Which need to be reengineered? How can highly sensitive data be migrated and stored securely in AWS? Are operational best practices in AWS different than those on premises? Intuit shares its strategy for establishing sufficient confidence in your business partners and delivering 100 percent product uptime.
Evolving perimeters with guardrails, not gates: Improving developer agility -...Amazon Web Services
In this session, Comcast discusses its AWS cloud governance strategy, focusing on self-service tooling and account management, and explaining how it improved the developer experience by leveraging federated identities, AWS Organizations, and AWS Identity and Access Management permissions boundaries.
Build a dashboard using serverless security analytics - SDD201 - AWS re:Infor...Amazon Web Services
In this session, we walk you through a demo of how a security team can build dashboards in minutes without having to gain deep knowledge on analytics. The AWS serverless services we use include AWS WAF logs, AWS Glue, Amazon Athena, and Amazon QuickSight.
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
Slack stores lots of customer data, and it’s essential that it’s protected. Some customers need tight control over their keys, so Slack worked with AWS KMS to enable customers to revoke data access independently. With Slack’s Enterprise Key Management (EKM) capability, customers control master keys that unlock access to their data from KMS accounts. Using precise, granular KMS access controls, customers allow or deny access to individual channels, workspaces, or Slack channels and audit keys in AWS CloudTrail logs. This session covers KMS and how Slack used KMS to build the EKM capability. Learn how KMS can help you give your customers control over their data.
AWS supports logging in with Federated Access, using SAML or integration with Active Directory. This is integrated with user Roles in AWS which provide the permissions to access various services. in this session we will explain the options for authentication. we will cover basic access control concepts and in addition we will use AWS Systems Manager to talk about how you can also facilitate secured access to your Instances.
AWS Services: IAM, AWS SSO, Managed Active Directory, AWS Systems Manager (With Demo)
Enforcing security invariants with AWS Organizations - SDD314 - AWS re:Inforc...Amazon Web Services
The builder in you wants to move fast in the cloud, taking advantage of the agility, flexibility, and scale that it offers. The security professional in you needs to ensure that—no matter what your team is doing in the cloud—certain security and compliance invariants are guaranteed to hold. This session is for the security builders among you. We show you how to take advantage of the security perimeters offered by AWS Organizations to simply, securely, and definitively assert your security rules at the perimeter.
Securing serverless and container services - SDD306 - AWS re:Inforce 2019 Amazon Web Services
Most customers are uncertain of how to secure their serverless services because these services deviate from traditional perimeter security. Additionally, many security stakeholders do not have as much insight into serverless architectures as developer communities. In this session, we provide best practices, patterns, and demos on securing serverless services using a combination of secure coding practices with partner code libraries, DevOps principles, code/container version control using code, and a deep understanding of serverless services such as AWS Lambda, AWS Fargate, and Amazon EKS. We aim to provide some baselining mechanisms and patterns to build full serverless and secure service architectures.
Architecting security and governance through policy guardrails in Amazon EKS ...Amazon Web Services
Amazon EKS makes it easy to run Kubernetes on AWS without managing master nodes or etcd operators. Kubernetes offers a powerful abstraction layer for managing containerized infrastructure, which presents unique challenges to AWS media customers. In this session, we share lessons from Synamedia, and we discuss its reasons for moving to EKS and the security and governance implications for migrating workloads. Learn about the approach and benefits for establishing security and governance with Open Policy Agent (OPA), which uses Kubernetes validating and mutating admission controllers to establish policy guardrails for container registries, input, load balancers, and other objects within EKS.
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Amazon Web Services
With Amazon EC2, Amazon EBS, Amazon S3, AWS KMS, and more, Intuit’s data platform was able meet the requirements of high availability and rapid infrastructure scaling for 100 percent of the tax year’s seasonal demands. In this session, Intuit answers questions such as: Which portions of a complex system can be forklifted directly? Which need to be reengineered? How can highly sensitive data be migrated and stored securely in AWS? Are operational best practices in AWS different than those on premises? Intuit shares its strategy for establishing sufficient confidence in your business partners and delivering 100 percent product uptime.
Evolving perimeters with guardrails, not gates: Improving developer agility -...Amazon Web Services
In this session, Comcast discusses its AWS cloud governance strategy, focusing on self-service tooling and account management, and explaining how it improved the developer experience by leveraging federated identities, AWS Organizations, and AWS Identity and Access Management permissions boundaries.
Achieving security goals with AWS CloudHSM - SDD333 - AWS re:Inforce 2019 Amazon Web Services
This talk compares AWS CloudHSM to other AWS cryptography services for common use cases. We dive deep on how to build scalable, reliable workloads with CloudHSM, and we cover configuration of the service for performance, error resilience, and cross-region redundancy.
Building a well-engaged and secure AWS account access management - FND207-R ...Amazon Web Services
Building a well-managed and secure AWS account access management for enterprise customers and AWS partners is essential for managing a large number of AWS accounts. In this session, we review new features, best practices, and the risks involved when architecting organizational units. We also cover how to build dynamic access structures.
Capital One case study: Addressing compliance and security within AWS - FND21...Amazon Web Services
Capital One is a leading global financial institution that has reimagined banking. Attend this session to learn how the company is governing and securing mission-critical infrastructure, its AWS environment, and its users and customers by building an integrated identity governance program that secures the organization and enables its workforce. Capital One shares its successes and lessons learned while building its identity strategy, and it covers what the company recommends that you consider when building or expanding your identity program. Learn how Capital One secures the wallet that it refers to when asking, “What’s in your wallet?”
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Amazon Web Services
Customers trust AWS with mission-critical workloads because AWS is designed and built to deliver the most flexible, reliable, scalable, and secure cloud computing environment available today. AWS works to earn that trust by offering transparency, demonstrating consistency, and providing best practices to keep themselves secure. As customers adopt AWS, they traverse several trust-building milestones with due-diligence activities, such as assurance report and AWS Well-Architected Tool reviews and deep dives with AWS subject matter experts. This session addresses these milestones at common AWS adoption stages with examples, questions that customers often ask, and suggestions for how to get started.
Securing your block storage on AWS - GRC207 - AWS re:Inforce 2019 Amazon Web Services
Want to simplify the process of meeting compliance goals in a world of increasing data regulation? AWS customers run mission-critical workloads—SQL and NoSQL databases, business applications, data analytics, log analysis—on Amazon EC2, backed by Amazon EBS and EC2 instance storage. Securing data content and storage access is critical to maintaining uptime and meeting compliance needs. In this session, we discuss data security and review the security capabilities of Amazon EBS and EC2 instance storage. Learn how you can benefit from new Amazon EBS features such as encryption by default, launch of encrypted instances from unencrypted AMIs, and simplified sharing of encrypted AMIs.
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...Amazon Web Services
Many enterprises use Active Directory for authentication, server and workstation management, group policy management, and more. It’s also one of the first applications to be deployed on AWS by those building or migrating Windows applications at scale. There are two primary models for running Active Directory on AWS: AWS Managed Microsoft AD and self-managed Active Directory on Amazon EC2. We discuss best practices for securing Active Directory deployment on AWS and the shared responsibility model for running AWS Managed Microsoft AD. We also examine a reference architecture that follows these best practices. Services include AWS Managed Microsoft AD, Amazon EC2, Amazon EBS, Amazon VPC, and AWS KMS.
Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...Amazon Web Services
Customers must regularly attest to the security and compliance of AWS services in order to confidently operate within the cloud. To support customers with this task, AWS provides a number of resources to define our 13 control domains, differentiate between customer and AWS responsibilities, and demonstrate the mapping of an organization’s attestation needs to an AWS audit framework. During this session, customers familiarize themselves with our compliance reports (e.g., FedRAMP, SOC, ISO, PCI, etc.), dive deep on AWS compliance tools, and discuss mechanisms for leveraging the knowledge of AWS security subject matter experts.
AWS Security, IAM, Databases, Elasticity, Management Tools - AWSome Day Phila...Amazon Web Services
Part 3 of 3.
This free, one-day training will provide a step-by-step introduction to the core AWS services for compute, storage, database, and networking.
AWS technical experts will explain key features and use cases, share best practices, walk through technical demos, and be available to answer your questions one-on-one.
Who should attend?
AWSome Day is ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing and how to get started on the AWS Cloud.
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Amazon Web Services
"DevOps practices help push applications faster into production through better collaboration and automated testing. During that process, security is often seen as an inhibitor to speed. The challenge for many organizations is delivering applications at a fast pace while embedding security at the speed of DevOps. In this session, learn how products and customers in the AWS Marketplace help make DevSecOps a well-orchestrated methodology for ensuring the speed, stability, and security of your applications.
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, Training and Certification
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
Build end-to-end IT lifecycle management on AWS - FND301-R - AWS re:Inforce 2...Amazon Web Services
"In this workshop, cloud architects, Cloud Center of Excellence (CCOE) team members, and IT managers learn how to launch and operate governed cloud workloads on AWS by leveraging AWS management tools. They extend a sample catalog containing Amazon EC2, Amazon S3, and so on, and enable catalog users to only manage the resources they create. They then perform the IT service management process integration using ServiceNow as an example solution.
Containers and mission-critical applications - SEP309-R - AWS re:Inforce 2019 Amazon Web Services
Vanguard is running mission-critical applications on AWS Fargate that require enhanced security controls. In this session, we show you how Vanguard is using Amazon ECS, AWS Fargate, and Application Load Balancer to run its Docker-based microservices.
Module 1: AWS Introduction and History - AWSome Day Online Conference - APACAmazon Web Services
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftAmazon Web Services
Identity Round Robin Workshop - Serverless Round: Security Week at the San Francisco Loft
Start the day off by learning how to properly configure identity and access controls for a serverless application built with Amazon S3, Amazon CloudFront, and Amazon Cognito. With a combination of talking and hands-on exercises we will be diving into AWS IAM policy types to better understand the differences and learn how the policy evaluation logic works. We will also be diving into how you can use Cognito User Pools for user management within your serverless applications.
Level: 300
Speaker: Jesse Fuchs - Sr. Solutions Architect, AWS
Audibility in Kubernetes with Amazon EKS - GRC302 - AWS re:Inforce 2019 Amazon Web Services
Amazon Elastic Container Service for Kubernetes (Amazon EKS) is an AWS service offering a managed Kubernetes control plane for customers to orchestrate their containerized applications on Amazon EC2. In this chalk talk, Micah Hausler, AWS system development engineer, explains how customers can ensure the integrity and auditability of their applications on Amazon EKS. He demonstrates the exploitation of a misconfigured web application container, and he conducts a forensic analysis of what happened in the system.
We introduce AWS Transit Gateway and its functionalities, such as routing domains, attachments, and propagation. We offer a hands-on lab for developing an architecture that provides isolation between environments like production and dev environment. Further, we design an Outbound Amazon VPC for centralized internet access for outbound URL filtering, or data loss prevention scenarios. We conclude by demonstrating the integration of AWS Direct Connect gateway with AWS Transit Gateway.
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard.
AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard.
Scale permissions management in AWS with attribute-based access control - SDD...Amazon Web Services
Central administrators need scalable mechanisms to set granular permissions as their organizations grow. In this session, we discuss how to scale permissions management by relying on workforce and resource attributes. We introduce attribute-based access control (ABAC) and share how AWS enables you to author permission rules that scale with your organization to simplify permissions management. We share best practices for using tags to implement ABAC; we demonstrate how administrators can create policies and govern tags to grant developers access to AWS resources in their projects; and we show how permissions automatically apply as developers add resources to their projects. It is assumed that attendees are familiar with AWS permissions.
Permissions boundaries: how to truly delegate permissions on AWS - SDD406-R -...Amazon Web Services
"In this workshop, you learn how to secure access permissions for multiple teams operating in a single AWS account. We provide an example three-tier web application running in production, and you practice delegating permissions to web administrators so they can modify only their own resources without impacting the permissions needed to do their job.
All attendees need a laptop, an active AWS Account, an AWS IAM Administrator, and a familiarity with core AWS services."
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Amazon Web Services
"This workshop provides the opportunity for you get familiar with AWS security services and learn how to use them to identify and remediate threats in your environment. Learn how to use Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub to investigate threats during and after an attack, set up a notification and response pipeline, and add additional protections to improve your environment’s security posture.
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...Amazon Web Services
The struggle to safeguard valuable online assets is an ongoing and critical one. But to protect those assets, first we must detect the threats and then effectively respond. In this hands-on workshop, we walk through some real-world threat scenarios and show you the AWS services involved with threat detection and remediation. You learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, and AWS Config and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using GuardDuty, Macie, and AWS Config, as well as AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, DNS logs, AWS Lambda, and Amazon Inspector.
Achieving security goals with AWS CloudHSM - SDD333 - AWS re:Inforce 2019 Amazon Web Services
This talk compares AWS CloudHSM to other AWS cryptography services for common use cases. We dive deep on how to build scalable, reliable workloads with CloudHSM, and we cover configuration of the service for performance, error resilience, and cross-region redundancy.
Building a well-engaged and secure AWS account access management - FND207-R ...Amazon Web Services
Building a well-managed and secure AWS account access management for enterprise customers and AWS partners is essential for managing a large number of AWS accounts. In this session, we review new features, best practices, and the risks involved when architecting organizational units. We also cover how to build dynamic access structures.
Capital One case study: Addressing compliance and security within AWS - FND21...Amazon Web Services
Capital One is a leading global financial institution that has reimagined banking. Attend this session to learn how the company is governing and securing mission-critical infrastructure, its AWS environment, and its users and customers by building an integrated identity governance program that secures the organization and enables its workforce. Capital One shares its successes and lessons learned while building its identity strategy, and it covers what the company recommends that you consider when building or expanding your identity program. Learn how Capital One secures the wallet that it refers to when asking, “What’s in your wallet?”
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Amazon Web Services
Customers trust AWS with mission-critical workloads because AWS is designed and built to deliver the most flexible, reliable, scalable, and secure cloud computing environment available today. AWS works to earn that trust by offering transparency, demonstrating consistency, and providing best practices to keep themselves secure. As customers adopt AWS, they traverse several trust-building milestones with due-diligence activities, such as assurance report and AWS Well-Architected Tool reviews and deep dives with AWS subject matter experts. This session addresses these milestones at common AWS adoption stages with examples, questions that customers often ask, and suggestions for how to get started.
Securing your block storage on AWS - GRC207 - AWS re:Inforce 2019 Amazon Web Services
Want to simplify the process of meeting compliance goals in a world of increasing data regulation? AWS customers run mission-critical workloads—SQL and NoSQL databases, business applications, data analytics, log analysis—on Amazon EC2, backed by Amazon EBS and EC2 instance storage. Securing data content and storage access is critical to maintaining uptime and meeting compliance needs. In this session, we discuss data security and review the security capabilities of Amazon EBS and EC2 instance storage. Learn how you can benefit from new Amazon EBS features such as encryption by default, launch of encrypted instances from unencrypted AMIs, and simplified sharing of encrypted AMIs.
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...Amazon Web Services
Many enterprises use Active Directory for authentication, server and workstation management, group policy management, and more. It’s also one of the first applications to be deployed on AWS by those building or migrating Windows applications at scale. There are two primary models for running Active Directory on AWS: AWS Managed Microsoft AD and self-managed Active Directory on Amazon EC2. We discuss best practices for securing Active Directory deployment on AWS and the shared responsibility model for running AWS Managed Microsoft AD. We also examine a reference architecture that follows these best practices. Services include AWS Managed Microsoft AD, Amazon EC2, Amazon EBS, Amazon VPC, and AWS KMS.
Pop the hood: Using AWS resources to attest to security of the cloud - GRC310...Amazon Web Services
Customers must regularly attest to the security and compliance of AWS services in order to confidently operate within the cloud. To support customers with this task, AWS provides a number of resources to define our 13 control domains, differentiate between customer and AWS responsibilities, and demonstrate the mapping of an organization’s attestation needs to an AWS audit framework. During this session, customers familiarize themselves with our compliance reports (e.g., FedRAMP, SOC, ISO, PCI, etc.), dive deep on AWS compliance tools, and discuss mechanisms for leveraging the knowledge of AWS security subject matter experts.
AWS Security, IAM, Databases, Elasticity, Management Tools - AWSome Day Phila...Amazon Web Services
Part 3 of 3.
This free, one-day training will provide a step-by-step introduction to the core AWS services for compute, storage, database, and networking.
AWS technical experts will explain key features and use cases, share best practices, walk through technical demos, and be available to answer your questions one-on-one.
Who should attend?
AWSome Day is ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing and how to get started on the AWS Cloud.
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Amazon Web Services
"DevOps practices help push applications faster into production through better collaboration and automated testing. During that process, security is often seen as an inhibitor to speed. The challenge for many organizations is delivering applications at a fast pace while embedding security at the speed of DevOps. In this session, learn how products and customers in the AWS Marketplace help make DevSecOps a well-orchestrated methodology for ensuring the speed, stability, and security of your applications.
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, Training and Certification
Virtual AWSome Day:
- Step-by-step introduction to the core AWS services for compute, storage, database, and networking.
- ideal for IT managers, system engineers, system administrators, and architects who are eager to learn more about cloud computing.
Build end-to-end IT lifecycle management on AWS - FND301-R - AWS re:Inforce 2...Amazon Web Services
"In this workshop, cloud architects, Cloud Center of Excellence (CCOE) team members, and IT managers learn how to launch and operate governed cloud workloads on AWS by leveraging AWS management tools. They extend a sample catalog containing Amazon EC2, Amazon S3, and so on, and enable catalog users to only manage the resources they create. They then perform the IT service management process integration using ServiceNow as an example solution.
Containers and mission-critical applications - SEP309-R - AWS re:Inforce 2019 Amazon Web Services
Vanguard is running mission-critical applications on AWS Fargate that require enhanced security controls. In this session, we show you how Vanguard is using Amazon ECS, AWS Fargate, and Application Load Balancer to run its Docker-based microservices.
Module 1: AWS Introduction and History - AWSome Day Online Conference - APACAmazon Web Services
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftAmazon Web Services
Identity Round Robin Workshop - Serverless Round: Security Week at the San Francisco Loft
Start the day off by learning how to properly configure identity and access controls for a serverless application built with Amazon S3, Amazon CloudFront, and Amazon Cognito. With a combination of talking and hands-on exercises we will be diving into AWS IAM policy types to better understand the differences and learn how the policy evaluation logic works. We will also be diving into how you can use Cognito User Pools for user management within your serverless applications.
Level: 300
Speaker: Jesse Fuchs - Sr. Solutions Architect, AWS
Audibility in Kubernetes with Amazon EKS - GRC302 - AWS re:Inforce 2019 Amazon Web Services
Amazon Elastic Container Service for Kubernetes (Amazon EKS) is an AWS service offering a managed Kubernetes control plane for customers to orchestrate their containerized applications on Amazon EC2. In this chalk talk, Micah Hausler, AWS system development engineer, explains how customers can ensure the integrity and auditability of their applications on Amazon EKS. He demonstrates the exploitation of a misconfigured web application container, and he conducts a forensic analysis of what happened in the system.
We introduce AWS Transit Gateway and its functionalities, such as routing domains, attachments, and propagation. We offer a hands-on lab for developing an architecture that provides isolation between environments like production and dev environment. Further, we design an Outbound Amazon VPC for centralized internet access for outbound URL filtering, or data loss prevention scenarios. We conclude by demonstrating the integration of AWS Direct Connect gateway with AWS Transit Gateway.
Using AWS Control Tower to govern multi-account AWS environments at scale - G...Amazon Web Services
AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard.
AWS Control Tower is a new AWS service that cloud administrators can use to set up and govern their secure, compliant, multi-account environments on AWS. In this session, we show you how Control Tower automates the creation of a secure and compliant landing zone with best-practice blueprints for a multi-account structure, identity and federated access management, a central log archive, cross-account security audits, and workflows for provisioning accounts with pre-approved configurations. We also discuss guardrails—pre-packaged governance rules created for security, operations, and compliance that you can apply enterprise-wide or to groups of accounts to enforce policies or detect violations. Finally, we show you how to easily manage and monitor all this through the Control Tower dashboard.
Scale permissions management in AWS with attribute-based access control - SDD...Amazon Web Services
Central administrators need scalable mechanisms to set granular permissions as their organizations grow. In this session, we discuss how to scale permissions management by relying on workforce and resource attributes. We introduce attribute-based access control (ABAC) and share how AWS enables you to author permission rules that scale with your organization to simplify permissions management. We share best practices for using tags to implement ABAC; we demonstrate how administrators can create policies and govern tags to grant developers access to AWS resources in their projects; and we show how permissions automatically apply as developers add resources to their projects. It is assumed that attendees are familiar with AWS permissions.
Permissions boundaries: how to truly delegate permissions on AWS - SDD406-R -...Amazon Web Services
"In this workshop, you learn how to secure access permissions for multiple teams operating in a single AWS account. We provide an example three-tier web application running in production, and you practice delegating permissions to web administrators so they can modify only their own resources without impacting the permissions needed to do their job.
All attendees need a laptop, an active AWS Account, an AWS IAM Administrator, and a familiarity with core AWS services."
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Amazon Web Services
"This workshop provides the opportunity for you get familiar with AWS security services and learn how to use them to identify and remediate threats in your environment. Learn how to use Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub to investigate threats during and after an attack, set up a notification and response pipeline, and add additional protections to improve your environment’s security posture.
Finding all the threats: AWS threat detection and remediation - SEC303 - Chic...Amazon Web Services
The struggle to safeguard valuable online assets is an ongoing and critical one. But to protect those assets, first we must detect the threats and then effectively respond. In this hands-on workshop, we walk through some real-world threat scenarios and show you the AWS services involved with threat detection and remediation. You learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, and AWS Config and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using GuardDuty, Macie, and AWS Config, as well as AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, DNS logs, AWS Lambda, and Amazon Inspector.
Join us for this hands-on workshop where we walk through some real-world threat scenarios and show you the AWS services involved with threat detection and remediation. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector, and of course, GuardDuty.
Find All the Threats: AWS Threat Detection and Remediation - SEC303 - Anaheim...Amazon Web Services
Join us for this hands-on workshop where we walk through some real-world threat scenarios and show you the AWS services involved with threat detection and remediation. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector, and of course, Amazon GuardDuty.
by Greg McConnel, Sr. Security Solutions Architect, AWS
This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.
Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...Amazon Web Services
Join us for this hands-on workshop where you learn about a number of AWS services involved with threat detection and remediation as we walk through some real-world threat scenarios. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector and, of course, Amazon GuardDuty.
This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.
Level: 200
Speaker: Sean Leviseur - Security Architect, AWS Professional Services
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Amazon Web Services
Learn about how AWS security built a security knowledge management platform to distribute guidance at the scale of the AWS organization using Amazon API Gateway, AWS Lambda, Amazon RDS, and Amazon S3. This platform defines the AWS security bar and empowers AWS with the knowledge that is needed to build secure products and protect customer data. In this session, we look at how the content is consumed by tools and how it powers automated threat modeling for security reviews.
How to act on your security and compliance alerts with AWS Security Hub - FND...Amazon Web Services
Learn about AWS Security Hub and how it gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. See how Security Hub aggregates, prioritizes, and helps you act on your alerts from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions.
This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.
Speaker: Michael Wasielewski - Sr. Solutions Architect
Security best practices the well-architected way - SDD318 - AWS re:Inforce 2019 Amazon Web Services
As you continually evolve your use of the AWS platform, it’s important to consider ways to improve your security posture and take advantage of new security services and features. In this advanced session, we share architectural patterns for meeting common challenges, service limits and tips, tricks, and ways to continually evaluate your architecture against best practices. Automation and tools are featured throughout, and there will be code giveaways! Be prepared for a technically deep session on AWS security.
Take action on your security & compliance alerts with AWS Security Hub - SEC2...Amazon Web Services
In this session, learn about AWS Security Hub and how it gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. See how Security Hub aggregates, prioritizes, and helps you take action on your alerts from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions.
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Amazon Web Services
In this chalk talk, we cover a number of AWS services involved with threat detection and mitigation, and we walk through some real-world threat scenarios. We discuss the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector and, of course, Amazon GuardDuty. Come with your questions on threat detection on AWS.
Accelerated Threat Detection: Alert Logic and AWS - DEM02-R - AWS re:Inforce ...Amazon Web Services
Over the last 7 years, Alert Logic has helped AWS customers achieve enhanced security and peace of mind. Learn how positive security outcomes are attained by combining human expertise and the latest in AWS security in this engaging session with Jack Danahy, SVP of Security at Alert Logic, and Zach Vinduska, VP of IT Infrastructure and Security at ClubCorp. Hear real-world examples of how expert defenders in Alert Logic’s 24/7 Security Operations Center can help you quickly detect threats, verify them as incidents, and support you in responding quickly and effectively.
In the cloud, the name of the game is securability! - SEP303 - AWS re:Inforce...Amazon Web Services
Do you ever feel like your efforts with security are futile? Change can lead to new, never-before-recognized opportunities to innovate. Security is no exception. Using measurements to drive us, we have found innovations in security that have led to greater collaboration and carefully curated security outcomes. The cloud has made never-before-seen security capabilities possible. Have you ever imagined talking about the five nines of security? We are! Come join the debate about how to make cloud workloads safer by adopting securability and a bounded measurable means of increasing the safety of software.
DDoS attack detection at scale - SDD408 - AWS re:Inforce 2019 Amazon Web Services
Distributed Denial of Service (DDoS) attacks seek to affect the availability of applications through network congestion, connection state exhaustion, and application stress. AWS distills exabytes of NetFlow data, application logs, and service health metrics to inform DDoS attack detection, reporting, and mitigation systems. In this session, learn how to access insights about the DDoS threat environment and attacks against your specific AWS resources through the AWS Management Console, API, and Amazon CloudWatch. Finally, learn how to use this information to automate notification and response.
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...Amazon Web Services
In this session you will learn how to align your AWS environment to industry standard best practices for security. This session covers AWS' prescriptive recommendations for securing cloud workloads, including the the Well-Architected Framework for Security. In addition, see how AWS Security Hub simplifies the task of measuring the security of your workloads.
Threat detection and mitigation at AWS - SEC201 - New York AWS SummitAmazon Web Services
In this session, learn how to address threat detection and remediation at AWS. We summarize the challenges of traditional threat-detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty. Be sure to also check out the corresponding Threat Detection chalk talk.
In this workshop, senior security management, IT, and business executive teams participate in an experiential exercise that illuminates the key decision points of a successful and secure cloud journey. During the team-based, game-like simulation, participants leverage an industry case study and make strategic decisions and investments around security, risk, and compliance. Participants experience the impact of these investments and decisions on the critical aspects of their secure cloud adoption. They also learn applicable decision and investment approaches to specific secure cloud adoption journeys. They walk through real-life examples, receive practical advice from AWS facilitators, and they leave with an understanding of the major success factors for building security, risk, and compliance in the cloud. This workshop is designed for executives who are leading a secure cloud journey, including the CISO, senior security and risk management leaders, and CIO/CTO. Non-IT participants who are key to executing the cloud security strategy are also encouraged to attend.
Similar to Scaling threat detection and response on AWS (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.