"AWS Config enables you to discover what resources are used on AWS, understand how resources are configured and gives you unprecedented visibility into changes to configurations over time – all without disrupting end user productivity. With Config Rules, you can continuously evaluate whether changes to resources are compliant with policies. You can set up predefined rules, provided and managed by AWS, or author your own rules using Amazon Lambda, and these rules are evaluated whenever relevant resources are modified. You can use this visibility and control to assess and improve your security and compliance posture.
We will dive deep into other new capabilities in AWS Config and cover how you can integrate with IT service management, configuration management, and other tools. In this session, we will look at:
AWS Config Rules – how to create and use rules that govern configuration changes recorded by AWS Config.
New capabilities in AWS Config – Usability changes, better controls and other enhancements
Mechanisms to aggregate deep visibility across AWS to gain insights into your overall security and operational posture.
This session is best suited for administrators, security-ops and developers with a focus on audit, security and compliance."
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Amazon Web Services
Learning Objectives:
- Reduce the complexity of governance
- Embed compliance in the development process
- Learn about AWS Management Tools
As your cloud operations evolve, complexity of governance, compliance, and risk auditing of your AWS account increases. With AWS Config and AWS CloudTrail you can automate your controls and compliance efforts so that they scale with your cloud footprint. You can discover resources that exist in your account, capture changes in configurations, and create alerts for out-of-compliance events.In this session, we will help you use AWS Config, AWS CloudTrail, and other AWS Management Tools to automate configuration governance so that compliance is embedded in the development process.
In this webinar, we review the steps necessary to design, set up, and deploy IT cloud infrastructure for running a multi-server, Microsoft SharePoint Server farm on AWS. In this webinar we will also cover how to architect for high availability and provision the relevant AWS services and resources to run SharePoint Server workloads at scale on the AWS Cloud. You will find out where to access available content and tools, such as AWS CloudFormation templates and the Advanced Implementation Guide that will help you quickly implement and customize a scalable, enterprise-class SharePoint Server farm on AWS. This webinar is designed for a technical audience. After the presentation, you will have an opportunity to participate in a live Q&A discussion, where you may write in questions to AWS team members.
February 2016 Webinar Series - EC2 Container Service Deep Dive Amazon Web Services
Running and managing large scale applications with microservices architectures is difficult and often requires operating complex container management infrastructure. Amazon EC2 Container Service (ECS) is a highly scalable, high performance service for running and managing Docker applications.
In this webinar, we will walk through a number of patterns and tools used by our customers to run their applications on Amazon ECS. We will show you how to setup, manage and scale your Amazon ECS resources, keep them secure and deploy your applications to an Amazon ECS cluster. We will also provide best practices for monitoring, logging and service discovery.
Learning Objectives:
Learn how to setup and manage Amazon ECS for production applications
Learn how to schedule containers on production clusters using Amazon ECS
Who Should Attend:
Developers, DevOps Engineers
AWS January 2016 Webinar Series - Getting Started with Big Data on AWSAmazon Web Services
With hundreds of new and sometimes disparate tools, it’s hard to keep pace. Amazon Web Services provides a broad and fully integrated portfolio of cloud computing services to help you build, secure and deploy your big data applications.
Attend this webinar to get an overview of the different big data options available in the AWS Cloud – including popular big data frameworks such as Hadoop, Spark, NoSQL databases, and more. Learn about ideal use cases, cases to avoid, performance, interfaces, and more. Finally, learn how you can build valuable applications with a real-life example.
Learning Objectives:
Learn about big data tools available at AWS
Understand ideal use cases
Learn some of the key considerations such as performance, scalability, elasticity and availability, when selecting big data tools
Who Should Attend:
Data Architects, Data Scientists, Developers
Microservices is a software architectural method where you decompose complex applications into smaller, independent services. Containers are great for running small decoupled services, but how do you coordinate running microservices in production at scale and what AWS services do you use?
In this session, we will explore the reasoning and concepts behind microservices and how containers simplify building microservices based applications. We will also demonstrate how you can easily launch microservices on Amazon EC2 Container Service and how you can use ELB and Route 53 to easily do service discovery between microservices.
SEC302 Becoming an AWS Policy Ninja using AWS IAM and AWS OrganizationsAmazon Web Services
Are you interested in becoming an expert in managing access to your AWS resources? Have you ever wondered how to best scope down permissions for least privilege access? Do you have multiple AWS accounts and need to know how to manage access to resources centrally? In this session, we take an in-depth look at AWS Identity and Access Management (IAM) and AWS Organizations. You will learn how to quickly create IAM policies to manage fine-grained access to your resources. Throughout the session, we will cover common use cases, such as how to grant a user access to an Amazon S3 bucket or permissions to launch an Amazon EC2 instance of a specific type. You will also learn how to create and use Service Control Policies (SCPs) through Organizations to manage AWS service use across all your accounts centrally.
Microservices is a software architectural method where you decompose complex applications into smaller, independent services. Containers are great for running small decoupled services, but how do you coordinate running microservices in production at scale and what AWS services do you use?
In this session, we will explore the reasoning and concepts behind microservices and how containers simplify building microservices based applications. We will also demonstrate how you can easily launch microservices on Amazon EC2 Container Service and how you can use ELB and Route 53 to easily do service discovery between microservices.
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Amazon Web Services
Learning Objectives:
- Reduce the complexity of governance
- Embed compliance in the development process
- Learn about AWS Management Tools
As your cloud operations evolve, complexity of governance, compliance, and risk auditing of your AWS account increases. With AWS Config and AWS CloudTrail you can automate your controls and compliance efforts so that they scale with your cloud footprint. You can discover resources that exist in your account, capture changes in configurations, and create alerts for out-of-compliance events.In this session, we will help you use AWS Config, AWS CloudTrail, and other AWS Management Tools to automate configuration governance so that compliance is embedded in the development process.
In this webinar, we review the steps necessary to design, set up, and deploy IT cloud infrastructure for running a multi-server, Microsoft SharePoint Server farm on AWS. In this webinar we will also cover how to architect for high availability and provision the relevant AWS services and resources to run SharePoint Server workloads at scale on the AWS Cloud. You will find out where to access available content and tools, such as AWS CloudFormation templates and the Advanced Implementation Guide that will help you quickly implement and customize a scalable, enterprise-class SharePoint Server farm on AWS. This webinar is designed for a technical audience. After the presentation, you will have an opportunity to participate in a live Q&A discussion, where you may write in questions to AWS team members.
February 2016 Webinar Series - EC2 Container Service Deep Dive Amazon Web Services
Running and managing large scale applications with microservices architectures is difficult and often requires operating complex container management infrastructure. Amazon EC2 Container Service (ECS) is a highly scalable, high performance service for running and managing Docker applications.
In this webinar, we will walk through a number of patterns and tools used by our customers to run their applications on Amazon ECS. We will show you how to setup, manage and scale your Amazon ECS resources, keep them secure and deploy your applications to an Amazon ECS cluster. We will also provide best practices for monitoring, logging and service discovery.
Learning Objectives:
Learn how to setup and manage Amazon ECS for production applications
Learn how to schedule containers on production clusters using Amazon ECS
Who Should Attend:
Developers, DevOps Engineers
AWS January 2016 Webinar Series - Getting Started with Big Data on AWSAmazon Web Services
With hundreds of new and sometimes disparate tools, it’s hard to keep pace. Amazon Web Services provides a broad and fully integrated portfolio of cloud computing services to help you build, secure and deploy your big data applications.
Attend this webinar to get an overview of the different big data options available in the AWS Cloud – including popular big data frameworks such as Hadoop, Spark, NoSQL databases, and more. Learn about ideal use cases, cases to avoid, performance, interfaces, and more. Finally, learn how you can build valuable applications with a real-life example.
Learning Objectives:
Learn about big data tools available at AWS
Understand ideal use cases
Learn some of the key considerations such as performance, scalability, elasticity and availability, when selecting big data tools
Who Should Attend:
Data Architects, Data Scientists, Developers
Microservices is a software architectural method where you decompose complex applications into smaller, independent services. Containers are great for running small decoupled services, but how do you coordinate running microservices in production at scale and what AWS services do you use?
In this session, we will explore the reasoning and concepts behind microservices and how containers simplify building microservices based applications. We will also demonstrate how you can easily launch microservices on Amazon EC2 Container Service and how you can use ELB and Route 53 to easily do service discovery between microservices.
SEC302 Becoming an AWS Policy Ninja using AWS IAM and AWS OrganizationsAmazon Web Services
Are you interested in becoming an expert in managing access to your AWS resources? Have you ever wondered how to best scope down permissions for least privilege access? Do you have multiple AWS accounts and need to know how to manage access to resources centrally? In this session, we take an in-depth look at AWS Identity and Access Management (IAM) and AWS Organizations. You will learn how to quickly create IAM policies to manage fine-grained access to your resources. Throughout the session, we will cover common use cases, such as how to grant a user access to an Amazon S3 bucket or permissions to launch an Amazon EC2 instance of a specific type. You will also learn how to create and use Service Control Policies (SCPs) through Organizations to manage AWS service use across all your accounts centrally.
Microservices is a software architectural method where you decompose complex applications into smaller, independent services. Containers are great for running small decoupled services, but how do you coordinate running microservices in production at scale and what AWS services do you use?
In this session, we will explore the reasoning and concepts behind microservices and how containers simplify building microservices based applications. We will also demonstrate how you can easily launch microservices on Amazon EC2 Container Service and how you can use ELB and Route 53 to easily do service discovery between microservices.
ENT314 Automate Best Practices and Operational Health for Your AWS ResourcesAmazon Web Services
It can be challenging to optimize AWS resources across cost, performance, security and fault-tolerance, much less do it automatically. AWS Trusted Advisor is an online resource to help you do just that, by providing real time guidance to help you provision your resources following AWS best practices. In this session, we will go over how to safely automate these best practices using Amazon CloudWatch events and AWS Lambda along with samples for you to use.
AWS Personal Health Dashboard (PHD) provides alerts and remediation guidance when AWS is experiencing events that may impact your AWS environment. The AWS Health API, the underlying service powering PHD integrates with Amazon CloudWatch Events, enabling you to trigger AWS Lambda functions to define automated remediation actions. We will also introduce you to AWS Health tools, a community-based source of tools to automate remediation actions and customize Health alerts.
Come join us to see how you can implement automation of AWS best practice recommendations from Trusted Advisor and remediation from the AWS Health API on your AWS resources.
February 2016 Webinar Series Migrate Your Apps from Parse to AWSAmazon Web Services
Parse recently announced that they are retiring their mobile app development service, and current customers will have until January 28, 2017 to move their apps to alternative services. To help you get through the transition, AWS is working together with Parse to provide a migration path to AWS. AWS provides a variety of services for building, testing and monitoring mobile apps.
In this webinar, we will introduce you to the full range of AWS mobile services, and take you through the steps required to migrate your mobile apps from Parse to AWS.
Learning Objectives:
Get an overview of AWS Mobile Services
Learn how to migrate your apps from Parse to AWS
Who Should Attend:
Developers, product managers, and anyone interested in migrating mobile apps from Parse to AWS
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
Do you have questions on how to best use Microsoft Active Directory with your AWS Windows workloads? Do you need a deep-dive on securely setting up trusts between your on-premises Active Directory and your AWS Directory Services for Microsoft Active Directory? This session will help you understand the differences between AWS Directory Service for Microsoft AD, building your own Microsoft Active Directory on Amazon EC2, or joining your cloud resources to your on-premises Active Directory over a direct network connection. After this session you will be an expert on how to setup single sign-on for your cloud applications and resources, using Group Policy for your EC2 systems, and how to securely configure trusts across your on-premises and AWS Cloud Active Directories.
AWS provides a range of Compute Services – Amazon EC2, Amazon ECS and AWS Lambda. We will provide an intro level overview of these services and highlight suitable use cases. Amazon Elastic Compute Cloud (Amazon EC2) itself provides a broad selection of instance types to accommodate a diverse mix of workloads. Going a bit deeper on EC2 we will provide background on the Amazon EC2 instance platform, key platform features, and the concept of instance generations. We dive into the current-generation design choices of the different instance families, including the General Purpose, Compute Optimized, Storage Optimized, Memory Optimized, and GPU instance families. We also detail best practices and share performance tips for getting the most out of your Amazon EC2 instances, both from a performance and cost perspective.
AWS January 2016 Webinar Series - Introduction to Docker on AWSAmazon Web Services
Using Docker on your local development machine is simple, but running Docker applications at scale in production can be difficult.
In this webinar, we will discuss the difficulties of running Docker in production and how Amazon EC2 Container Service (ECS) can be used to reduce the operational burdens, and we will give an overview of the architecture powering Amazon ECS. We will also demo how to define multi-container applications with Docker Compose and deploy and scale them seamlessly to a cluster with Amazon ECS.
Learning Objectives:
Understand the benefits and architecture of Amazon ECS
Learn how to deploy and scale Docker containers on Amazon ECS
Who Should Attend:
Developers
Intended for customers who have (or will have) thousands of instances on AWS, this session is about reducing the complexity of managing costs for these large fleets so they run efficiently. Attendees will learn about common roadblocks that prevent large customers from cost optimizing, tools they can use to efficiently remove those roadblocks, and techniques to monitor their rate of cost optimization. The session will include a case study that will talk in detail about the millions of dollars saved using these techniques. Customers will learn about a range of templates they can use to quickly implement these techniques, and also partners who can help them implement these templates.
Managing your identities in the cloud with AWS and Microsoft Active Directory...Amazon Web Services
Identify the main options for deploying and managing Active Directory on AWS, how to extend your on-premises environment to AWS, and what are the best-practices from the field.
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatchAmazon Web Services
You may already know that you can use Amazon CloudWatch to view graphs of your AWS resources like Amazon Elastic Compute Cloud instances or Amazon Simple Storage Service. But, did you know that you can monitor your on-premises servers with Amazon CloudWatch Logs? Or, that you can integrate CloudWatch Logs with Elasticsearch for powerful visualization and analysis? This session will offer a tour of the latest monitoring and automation capabilities that we’ve added, how you can get even more done with Amazon CloudWatch.
(SEC306) Turn on CloudTrail: Log API Activity in Your AWS Account | AWS re:In...Amazon Web Services
Do you need to know who made an API call? What resources were acted upon in an API call? Do you need to find the source IP address of an API call? AWS CloudTrail helps you answer these questions. In this session we review the basics of CloudTrail and then dive into CloudTrail features. We demo solutions that you can use to analyze API activity recorded and delivered by CloudTrail. Join us if you are interested in security or compliance and how you can architect, build, and maintain compliant applications on AWS.
"This session brings together the interests of engineering, compliance, and security as you align healthcare workloads to the controls in the HIPAA Security Rule. We'll discuss how to architect for HIPAA compliance using AWS, and introduce a number of new services added to the HIPAA program in 2015, such as Amazon Relational Database Service (RDS), Amazon DynamoDB, and Amazon Elastic MapReduce (EMR). You'll hear from customers who process and store Protected Health Information on AWS, and how they satisfied their compliance requirements while maintaining agility.
This session helps security and compliance experts see what's technically possible on AWS, and how implementing the Technical Safeguards in the HIPAA Security Rule is simple and familiar. We map the Security Rule's Technical Safeguards to AWS features and design patterns to help developers, operations teams, and engineers speak the language of their security and compliance peers."
Hands-on Labs: Getting Started with AWS - March 2017 AWS Online Tech TalksAmazon Web Services
Millions of customers are leveraging AWS for increased flexibility, scalability, and reliability. Attend this hands-on workshop to learn the basics of AWS as you build a simple static website on AWS. After a brief overview, this session will dive into discussions of core AWS services, such as Amazon S3, Route 53 and Amazon CloudFront and demonstrate how to utilize those services to deploy a static website, associate a domain name for it, and enable it to load quickly. By the end of the hands-on session, you will have your own website running in your AWS account.
Learning Objectives:
• Learn how to deploy a static website using Amazon S3. Amazon S3 will provide the origin for your website as well as storage for your static content.
• Associate your domain name with your website using Amazon Route 53. Amazon Route 53 will tell the Domain Name System (DNS) where to find your website.
• Enable your website to load quickly using Amazon CloudFront. Amazon CloudFront will create a content delivery network (CDN) that hosts your website content in close proximity to your users.
AWS re:Invent 2016: Amazon CloudWatch Logs and AWS Lambda: A Match Made in He...Amazon Web Services
In this session, we cover three common scenarios that include Amazon CloudWatch Logs and AWS Lambda. First, you learn how to build an Elasticsearch cluster from historical data using Amazon S3, Lambda, and CloudWatch Logs. Next, you learn how to add details to CloudWatch alarm notifications using Amazon SNS and Lambda. Finally, we show you how to bring Elastic Load Balancing logs to CloudWatch Logs using S3 bucket triggers from Lambda.
Relational databases are the core engines of many workloads. In this session we will start off by exploring the options and best practices for running relational databases on AWS and then take a deeper dive into Amazon Aurora and show how it can be used to run OLTP workloads at scale.
Speaker: Johnathon Meichtry, Principal Solutions Architect, Amazon Web Services
Just as serverless application development is rapidly becoming the most popular way to bring highly scalable applications to the cloud, .NET has undergone radical changes with .NET Core to become a premier development platform for the cloud. In this session, you will learn how to use the newly launched C# support for .NET Core with AWS Lambda to create highly scalable serverless applications that target platforms from the traditional desktop to mobile devices. We will demonstrate how to write, test, and deploy C# code to AWS Lambda and see how we can leverage our serverless back end from mobile applications.
BDA402 Deep Dive: Log Analytics with Amazon Elasticsearch ServiceAmazon Web Services
Everything generates logs. Applications, infrastructure, security ... everything. Keeping track of the flood of log data is a big challenge, yet critical to your ability to understand your systems and troubleshoot (or prevent) issues. In this session, we will use both Amazon CloudWatch and application logs to show you how to build an end-to-end log analytics solution. First, we cover how to configure an Amazon Elaticsearch Service domain and ingest data into it using Amazon Kinesis Firehose, demonstrating how easy it is to transform data with Firehose. We look at best practices for choosing instance types, storage options, shard counts, and index rotations based on the throughput of incoming data and configure a secure analytics environment. We demonstrate how to set up a Kibana dashboard and build custom dashboard widgets. Finally, we dive deep into the Elasticsearch query DSL and review approaches for generating custom, ad-hoc reports.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
(SEC301) Encryption and Key Management in AWS | AWS re:Invent 2014Amazon Web Services
Sensitive customer data needs to be protected throughout AWS. This session discusses the options available for encrypting data at rest in AWS. It focuses on several scenarios, including transparent AWS management of encryption keys on behalf of the customer to provide automated server-side encryption and customer key management using partner solutions or AWS CloudHSM. This session is helpful for anyone interested in protecting data stored in AWS.
AWS WAF introduction and live demo - Pop-up Loft Tel AvivAmazon Web Services
Distributed application security at scale with AWS WAF. Learn about how the AWS WAF can help protect your web and application services and run through a demo showing how the WAF blocks IP addresses, prevents SQL Injection, and how you can use string matching to defend against Bots, Crawlers, and XSS .
ENT314 Automate Best Practices and Operational Health for Your AWS ResourcesAmazon Web Services
It can be challenging to optimize AWS resources across cost, performance, security and fault-tolerance, much less do it automatically. AWS Trusted Advisor is an online resource to help you do just that, by providing real time guidance to help you provision your resources following AWS best practices. In this session, we will go over how to safely automate these best practices using Amazon CloudWatch events and AWS Lambda along with samples for you to use.
AWS Personal Health Dashboard (PHD) provides alerts and remediation guidance when AWS is experiencing events that may impact your AWS environment. The AWS Health API, the underlying service powering PHD integrates with Amazon CloudWatch Events, enabling you to trigger AWS Lambda functions to define automated remediation actions. We will also introduce you to AWS Health tools, a community-based source of tools to automate remediation actions and customize Health alerts.
Come join us to see how you can implement automation of AWS best practice recommendations from Trusted Advisor and remediation from the AWS Health API on your AWS resources.
February 2016 Webinar Series Migrate Your Apps from Parse to AWSAmazon Web Services
Parse recently announced that they are retiring their mobile app development service, and current customers will have until January 28, 2017 to move their apps to alternative services. To help you get through the transition, AWS is working together with Parse to provide a migration path to AWS. AWS provides a variety of services for building, testing and monitoring mobile apps.
In this webinar, we will introduce you to the full range of AWS mobile services, and take you through the steps required to migrate your mobile apps from Parse to AWS.
Learning Objectives:
Get an overview of AWS Mobile Services
Learn how to migrate your apps from Parse to AWS
Who Should Attend:
Developers, product managers, and anyone interested in migrating mobile apps from Parse to AWS
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
Do you have questions on how to best use Microsoft Active Directory with your AWS Windows workloads? Do you need a deep-dive on securely setting up trusts between your on-premises Active Directory and your AWS Directory Services for Microsoft Active Directory? This session will help you understand the differences between AWS Directory Service for Microsoft AD, building your own Microsoft Active Directory on Amazon EC2, or joining your cloud resources to your on-premises Active Directory over a direct network connection. After this session you will be an expert on how to setup single sign-on for your cloud applications and resources, using Group Policy for your EC2 systems, and how to securely configure trusts across your on-premises and AWS Cloud Active Directories.
AWS provides a range of Compute Services – Amazon EC2, Amazon ECS and AWS Lambda. We will provide an intro level overview of these services and highlight suitable use cases. Amazon Elastic Compute Cloud (Amazon EC2) itself provides a broad selection of instance types to accommodate a diverse mix of workloads. Going a bit deeper on EC2 we will provide background on the Amazon EC2 instance platform, key platform features, and the concept of instance generations. We dive into the current-generation design choices of the different instance families, including the General Purpose, Compute Optimized, Storage Optimized, Memory Optimized, and GPU instance families. We also detail best practices and share performance tips for getting the most out of your Amazon EC2 instances, both from a performance and cost perspective.
AWS January 2016 Webinar Series - Introduction to Docker on AWSAmazon Web Services
Using Docker on your local development machine is simple, but running Docker applications at scale in production can be difficult.
In this webinar, we will discuss the difficulties of running Docker in production and how Amazon EC2 Container Service (ECS) can be used to reduce the operational burdens, and we will give an overview of the architecture powering Amazon ECS. We will also demo how to define multi-container applications with Docker Compose and deploy and scale them seamlessly to a cluster with Amazon ECS.
Learning Objectives:
Understand the benefits and architecture of Amazon ECS
Learn how to deploy and scale Docker containers on Amazon ECS
Who Should Attend:
Developers
Intended for customers who have (or will have) thousands of instances on AWS, this session is about reducing the complexity of managing costs for these large fleets so they run efficiently. Attendees will learn about common roadblocks that prevent large customers from cost optimizing, tools they can use to efficiently remove those roadblocks, and techniques to monitor their rate of cost optimization. The session will include a case study that will talk in detail about the millions of dollars saved using these techniques. Customers will learn about a range of templates they can use to quickly implement these techniques, and also partners who can help them implement these templates.
Managing your identities in the cloud with AWS and Microsoft Active Directory...Amazon Web Services
Identify the main options for deploying and managing Active Directory on AWS, how to extend your on-premises environment to AWS, and what are the best-practices from the field.
(DVO315) Log, Monitor and Analyze your IT with Amazon CloudWatchAmazon Web Services
You may already know that you can use Amazon CloudWatch to view graphs of your AWS resources like Amazon Elastic Compute Cloud instances or Amazon Simple Storage Service. But, did you know that you can monitor your on-premises servers with Amazon CloudWatch Logs? Or, that you can integrate CloudWatch Logs with Elasticsearch for powerful visualization and analysis? This session will offer a tour of the latest monitoring and automation capabilities that we’ve added, how you can get even more done with Amazon CloudWatch.
(SEC306) Turn on CloudTrail: Log API Activity in Your AWS Account | AWS re:In...Amazon Web Services
Do you need to know who made an API call? What resources were acted upon in an API call? Do you need to find the source IP address of an API call? AWS CloudTrail helps you answer these questions. In this session we review the basics of CloudTrail and then dive into CloudTrail features. We demo solutions that you can use to analyze API activity recorded and delivered by CloudTrail. Join us if you are interested in security or compliance and how you can architect, build, and maintain compliant applications on AWS.
"This session brings together the interests of engineering, compliance, and security as you align healthcare workloads to the controls in the HIPAA Security Rule. We'll discuss how to architect for HIPAA compliance using AWS, and introduce a number of new services added to the HIPAA program in 2015, such as Amazon Relational Database Service (RDS), Amazon DynamoDB, and Amazon Elastic MapReduce (EMR). You'll hear from customers who process and store Protected Health Information on AWS, and how they satisfied their compliance requirements while maintaining agility.
This session helps security and compliance experts see what's technically possible on AWS, and how implementing the Technical Safeguards in the HIPAA Security Rule is simple and familiar. We map the Security Rule's Technical Safeguards to AWS features and design patterns to help developers, operations teams, and engineers speak the language of their security and compliance peers."
Hands-on Labs: Getting Started with AWS - March 2017 AWS Online Tech TalksAmazon Web Services
Millions of customers are leveraging AWS for increased flexibility, scalability, and reliability. Attend this hands-on workshop to learn the basics of AWS as you build a simple static website on AWS. After a brief overview, this session will dive into discussions of core AWS services, such as Amazon S3, Route 53 and Amazon CloudFront and demonstrate how to utilize those services to deploy a static website, associate a domain name for it, and enable it to load quickly. By the end of the hands-on session, you will have your own website running in your AWS account.
Learning Objectives:
• Learn how to deploy a static website using Amazon S3. Amazon S3 will provide the origin for your website as well as storage for your static content.
• Associate your domain name with your website using Amazon Route 53. Amazon Route 53 will tell the Domain Name System (DNS) where to find your website.
• Enable your website to load quickly using Amazon CloudFront. Amazon CloudFront will create a content delivery network (CDN) that hosts your website content in close proximity to your users.
AWS re:Invent 2016: Amazon CloudWatch Logs and AWS Lambda: A Match Made in He...Amazon Web Services
In this session, we cover three common scenarios that include Amazon CloudWatch Logs and AWS Lambda. First, you learn how to build an Elasticsearch cluster from historical data using Amazon S3, Lambda, and CloudWatch Logs. Next, you learn how to add details to CloudWatch alarm notifications using Amazon SNS and Lambda. Finally, we show you how to bring Elastic Load Balancing logs to CloudWatch Logs using S3 bucket triggers from Lambda.
Relational databases are the core engines of many workloads. In this session we will start off by exploring the options and best practices for running relational databases on AWS and then take a deeper dive into Amazon Aurora and show how it can be used to run OLTP workloads at scale.
Speaker: Johnathon Meichtry, Principal Solutions Architect, Amazon Web Services
Just as serverless application development is rapidly becoming the most popular way to bring highly scalable applications to the cloud, .NET has undergone radical changes with .NET Core to become a premier development platform for the cloud. In this session, you will learn how to use the newly launched C# support for .NET Core with AWS Lambda to create highly scalable serverless applications that target platforms from the traditional desktop to mobile devices. We will demonstrate how to write, test, and deploy C# code to AWS Lambda and see how we can leverage our serverless back end from mobile applications.
BDA402 Deep Dive: Log Analytics with Amazon Elasticsearch ServiceAmazon Web Services
Everything generates logs. Applications, infrastructure, security ... everything. Keeping track of the flood of log data is a big challenge, yet critical to your ability to understand your systems and troubleshoot (or prevent) issues. In this session, we will use both Amazon CloudWatch and application logs to show you how to build an end-to-end log analytics solution. First, we cover how to configure an Amazon Elaticsearch Service domain and ingest data into it using Amazon Kinesis Firehose, demonstrating how easy it is to transform data with Firehose. We look at best practices for choosing instance types, storage options, shard counts, and index rotations based on the throughput of incoming data and configure a secure analytics environment. We demonstrate how to set up a Kibana dashboard and build custom dashboard widgets. Finally, we dive deep into the Elasticsearch query DSL and review approaches for generating custom, ad-hoc reports.
AWS offers you the ability to add additional layers of security to your data at rest in the cloud, providing access control as well scalable and efficient encryption features. Flexible key management options allow you to choose whether to have AWS manage the encryption keys or to keep complete control over the keys yourself. In this session, you will learn how to secure data when using AWS services. We will discuss data encryption using Key Management Service, S3 access controls, edge and host access security, and database platform security features.
(SEC301) Encryption and Key Management in AWS | AWS re:Invent 2014Amazon Web Services
Sensitive customer data needs to be protected throughout AWS. This session discusses the options available for encrypting data at rest in AWS. It focuses on several scenarios, including transparent AWS management of encryption keys on behalf of the customer to provide automated server-side encryption and customer key management using partner solutions or AWS CloudHSM. This session is helpful for anyone interested in protecting data stored in AWS.
AWS WAF introduction and live demo - Pop-up Loft Tel AvivAmazon Web Services
Distributed application security at scale with AWS WAF. Learn about how the AWS WAF can help protect your web and application services and run through a demo showing how the WAF blocks IP addresses, prevents SQL Injection, and how you can use string matching to defend against Bots, Crawlers, and XSS .
Running an IT department in a large organization is challenging. You need to provide users with access to the latest technology, while maintaining corporate standards and providing oversight to avoid runaway spending. In this session, you’ll hear how Lockheed Martin has used AWS Service Catalog to ensure compliance across the organization. You will also learn how 2nd Watch, an APN Premier Consulting Partner, leverages AWS Service Catalog to manage resources for customers and are now able to deploy quickly and standardize their workload management. We’ll also demo advanced functionality and how you can get started.
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...Amazon Web Services
Security postures in the cloud can take different forms, depending upon your specific business and IT requirements. Hear from customer panelists representing the energy industry, IT services, and government about how they have successfully delivered projects on AWS using Trend Micro solutions, while meeting or exceeding their security requirements. Focus is on the practical considerations and options for improving your overall IT security posture with the AWS shared responsibility security model. Sponsored by Trend Micro.
Review this content as Amazon Web Services' (AWS) experts share best practices that are helping libraries save money, be more flexible and cope with the ever-increasing volume of data they are facing.
We will introduce you to AWS Cloud services and explore typical library use cases on AWS with a particular focus on storage and archiving use cases that provide exceptional durability and cost savings.
Everything You Need to Develop Apps Faster and Scale to Millions of UsersAmazon Web Services
Mobile app development can be complex and time-consuming. In this session, we will demonstrate how AWS Mobile Services makes it easier for you to develop mobile apps by providing a single, integrated experience for discovering, provisioning, and configuring AWS cloud resources.
AWS Lambda is a new compute service that runs your code in response to events and automatically manages the compute resources for you. AWS Lambda enables powerful application architectures that simplify and accelerate development of connected applications. Together with Amazon Cognito, AWS SNS Push Notifications and AWS DynamoDB, AWS Lambda is a powerful tool in your arsenal for developing IoT/mobile apps, and beyond. This session will show you how to get started quickly by covering key architectural design concepts and demonstrating the use of the AWS SDKs to simplify creating powerful applications for the always-on world that connects beyond the desktop.
Speaker: Adam Larter, Solutions Architect, Amazon Web Services
Review this webinar to learn how to use the variety of AWS storage services and features to deploy backup and archiving solutions that are low cost and easy to deploy, manage and maintain. We will present reference architectures, best practices and use cases based on AWS services including Amazon S3, Glacier and Storage Gateway. Special topics will include how to move your data securely into the AWS cloud, how to retrieve and restore your data, and how to back-up on-premises data to the cloud using Amazon Storage gateway and other third party storage gateways.
Managing security and ensuring cloud compliance for large scale applications with is complex and can be difficult to troubleshoot.
AWS Config Rules is a new set of cloud governance capabilities that allow IT Administrators to define guidelines for provisioning and configuring AWS resources and then continuously monitor compliance with those guidelines.
In this webinar, we will explain the benefits of AWS Config Rules, how it compares with other AWS security services, and walk through enabling AWS Config Rules on your account. We will explain the differences between pre-defined, AWS managed rules and guide you through the process of creating your own custom rule using AWS Lambda.
Learning Objectives:
Understand the basics of AWS Config Rules
Learn how to establish guidelines and monitor compliance using AWS Config Rules
Who Should Attend:
IT and System Administrators, Security Experts, Developers, Operators
Improving Infrastructure Governance on AWS - AWS June 2016 Webinar SeriesAmazon Web Services
As your teams and infrastructure grow, it becomes more difficult to track IT resource changes as well as identify who made changes and when. It also becomes harder to enforce standards for your infrastructure resources, resulting in configuration drift and potential security issues. On AWS, you can easily standardize infrastructure configurations for commonly used IT services while also enabling self-service provisioning for your company. Once these resources are provisioned, you can then track how these resources are connected and monitor configuration changes and drift. In this session, we will discuss how you can achieve a sophisticated level of standardization, configuration compliance, and monitoring using a combination of AWS Service Catalog, AWS Config, and AWS CloudTrail.
Learning Objectives:
Understand how to use AWS services to enable governance while providing self-service
Learn to codify your business policies to promote compliance
How to improve security without sacrificing developer productivity
SRV334-Making Things Right with AWS Config Rules and AWS LambdaAmazon Web Services
Custom rules created with AWS Config and AWS Lambda enables organizations to inspect, assess, and remediate changes to AWS resources. These tools provide the development speed and flexibility required for your team to quickly start and finish a job before it becomes an issue for your client. In this workshop, you practice using AWS Lambda to design and implement the AWS Config rules that you think an organization should have ready at a moment’s notice before their next client contacts them about an issue.
Learn how you can achieve a sophisticated level of standardization, configuration compliance, and monitoring using a combination of AWS Service Catalog, AWS Config, and AWS CloudTrail.
AWS provides several security capabilities and services to increase privacy and control infrastructure access. Built-in firewalls allow you to create private networks within AWS, and also control network access to your instances and subnets. Identity and access management capabilities enable you to define individual user accounts with permissions across AWS resources. AWS also provides tools and features that enable you to see exactly what’s happening in your AWS environment. In this session, you will gain an understanding of preventive and detective controls at the infrastructure level on AWS. We will cover Identity and Access Management as well as the security aspects of Amazon EC2, Virtual Private Cloud (VPC), Elastic Load Balancing (ELB), and CloudTrail.
AWS provides several security capabilities and services to increase privacy and control infrastructure access. Built-in firewalls allow you to create private networks within AWS, and also control network access to your instances and subnets. Identity and access management capabilities enable you to define individual user accounts with permissions across AWS resources. AWS also provides tools and features that enable you to see exactly what’s happening in your AWS environment. In this session, you will gain an understanding of preventive and detective controls at the infrastructure level on AWS. We will cover Identity and Access Management as well as the security aspects of Amazon EC2, Virtual Private Cloud (VPC), Elastic Load Balancing (ELB), and CloudTrail.
As companies shift workloads into the cloud, IT organizations are required to manage an increasing number of cloud resources. AWS provides a broad set of services that help IT organizations with provisioning, tracking, auditing, configuration management, and cost management of their AWS resources. In this session, we will explore the AWS Management Tools suite of services that support the lifecycle management of AWS resources at scale and enable IT governance and compliance. The Deep Dive on AWS Management Tools session will benefit both new and experienced IT administrators, systems administrators, and developers operating infrastructure on AWS and interested in learning about the AWS resource management capabilities.
ENT302 Deep Dive on AWS Management Tools and New LaunchesAmazon Web Services
As companies shift workloads into the cloud, IT organizations are required to manage an increasing number of cloud resources. AWS provides a broad set of services that help IT organizations with provisioning, tracking, auditing, configuration management, and cost management of their AWS resources. In this session, we will explore the AWS Management Tools suite of services that support the lifecycle management of AWS resources at scale and enable IT governance and compliance. The Deep Dive on AWS Management Tools session will benefit both new and experienced IT administrators, systems administrators, and developers operating infrastructure on AWS and interested in learning about the AWS resource management capabilities.
As the number of developers and size of your infrastructure on AWS grows, timely investments in self-service and monitoring can help you scale operations without being the bottleneck. You can standardize infrastructure configurations for commonly used products to enable your customers to self-serve infrastructure needs for their apps. Once these resources are provisioned, you can easily understand how they are connected to administer them effectively, and monitor changes to configurations and evaluate drift. In this session, we will discuss how you can achieve a sophisticated level of standardization, configuration compliance, and monitoring using a combination of AWS Service Catalog, AWS Config, and AWS CloudTrail.
AWS re:Invent 2016: Chalk Talk: Succeeding at Infrastructure-as-Code (GPSCT312)Amazon Web Services
The days of manually managing infrastructure tasks are quickly coming to an end; businesses increasingly need their infrastructure teams to react with the same agility of their development teams. In this session, we discuss various approaches to infrastructure-as-code utilizing AWS solutions across the areas of templated infrastructure provisioning, configuration management, and policy as code. We invite you to bring your questions and join AWS Solutions Architects as we dive deeper into the concepts and best practices behind infrastructure-as-code.
Automatisierte Kontrolle und Transparenz in der AWS Cloud – Autopilot für Com...AWS Germany
Vortrag "Automatisierte Kontrolle und Transparenz in der AWS Cloud – Autopilot für Compliance Ihrer Cloud Ressourcen" von Philipp Behre beim AWS Cloud Web Day für Mittelstand und Großunternehmen. Alle Videos und Präsentationen finden Sie hier: http://amzn.to/1VUJZsT
This session is designed to build on from the information you have learned in an AWS Overview, Technical Essentials, or Immersion Day. It will arm Technical Decision makers with the AWS's best practice, a framework to decide which services to watch, and our top 5 tips for success. We'll focus on the next steps for building out these practices and equip you with resources to empower your future projects.
Speakers: Tom Whateley, Solutions Architect, AWS
Similar to (SEC314) AWS for the Enterprise: Implementing Policy, Governance & Security (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
2. What to expect from the session
After this session, you will be able to
• Start using AWS Config to gain visibility into
configuration changes on your resources
• Integrate with existing tools/processes and aggregate
data across accounts
• Config Rules: Get better control over changes by
setting up rules that evaluate configurations recorded
• Feature announcements for AWS Config
3. What you want to see
Visibility: A foundational element for security
What you’re likely to see
In your datacenter…
4. Administrator pains
• “I don’t know who bought this server or what’s running in
there. I have great records for my services and I just
support legacy systems that came in before my time,
and hope it’s working correctly” – Anonymous administrator
• “I have a CMDB that works most of the time. I can’t
really act on this information because it’s pretty stale” –
Security team at Enterprise
5. • Infrastructure = software!
• Change is frequent, automated, and impactful
• Resources are connected
• Can’t take away powers: Self service and agility
Visibility: A foundational element for security
In the cloud…
6. Options:
• Poll Describe APIs for changes
• Maintain infrastructure to capture changes
• Waste resources with a lot of duplicate data
• Normalize results from different service endpoints
Visibility: A foundational element for security
In the cloud…
Can this be cheaper, faster, and less error-prone?
7. AWS Config
• Get inventory of AWS resources
• Discover new and deleted resources
• Record configuration changes continuously
• Get notified when configurations change
9. Config Rules
(preview)
• Set up rules to check configuration changes recorded
• Use pre-built rules provided by AWS
• Author custom rules using AWS Lambda
• Invoked automatically for continuous assessment
• Use dashboard for visualizing compliance and identifying
offending changes
14. Multi-region aggregation of delivered data
Region 1
Region 2
Region 3
Common S3 bucket
Amazon S3 policies should permit accounts to write Config data
Amazon SQS/Amazon SNS publish/subscribe permissions
should be set
SNS Topic: Region 1
SNS Topic: Region 2
SNS Topic: Region 3
Common SQS queue
17. Component Description Contains
Metadata Information about this configuration
item
Version ID, Configuration item ID,
Time when the configuration item
was captured, State ID indicating
the ordering of the configuration
items of a resource, MD5Hash, etc.
Common Attributes Resource attributes Resource ID, tags, Resource type.
Amazon Resource Name (ARN)
Availability Zone, etc.
Relationships How the resource is related to other
resources associated with the
account
EBS volume vol-1234567 is
attached to an EC2 instance i-
a1b2c3d4
Current Configuration Information returned through a call
to the Describe or List API of the
resource
e.g. for EBS Volume
State of DeleteOnTermination flag
Type of volume. For example, gp2,
io1, or standard
Related Events The AWS CloudTrail events that are
related to the current configuration
of the resource
AWS CloudTrail event ID
Configuration Item
22. Config Rule
• AWS managed rules
Defined by AWS
Require minimal (or no) configuration
Rules are managed by AWS
• Customer managed rules
Authored by you using AWS Lambda
Rules execute in your account
You maintain the rule
A rule that checks the validity of configurations recorded
23. Config Rules - Triggers
• Triggered by changes: Rules invoked when relevant resources
change
Scoped by changes to:
• Tag key/value
• Resource types
• Specific resource ID
e.g. EBS volumes tagged “Production” should be attached to EC2 instances
• Triggered periodically: Rules invoked at specified frequency
e.g. Account should have no more than 3 “PCI v3” EC2 instances; every 3 hrs
24. Evaluations
The result of evaluating a Config rule against a resource
• Report evaluation of {Rule, ResourceType, ResourceID}
directly from the rule itself
27. Use cases enabled
Security analysis: Am I safe?
Audit compliance: Where is the evidence?
Change management: What will this change affect?
Troubleshooting: What has changed?
Discovery: What resources exist?
28. Am I safe?
Properly configured resources
are critical to security
AWS Config continuously
monitors configuration changes
and helps you evaluate these
configurations for potential
security weaknesses using
Config Rules
29.
30. AWS managed rules
1. All EC2 instances must be inside a VPC.
2. All attached EBS volumes must be encrypted, with KMS ID.
3. CloudTrail must be enabled, optionally with S3 bucket, SNS topic
and CloudWatch Logs.
4. All security groups in attached state should not have unrestricted
access to port 22.
5. All EIPs allocated for use in the VPC are attached to instances.
6. All resources being monitored must be tagged with specified tag
keys:values.
7. All security groups in attached state should not have unrestricted
access to these specific ports.
31. Custom rules
• Codify and automate your own practices
• Get started with samples in AWS Lambda
• Implement guidelines for security best practices and
compliance
• Use rules from different AWS Partners
• View compliance in one dashboard
32.
33. Evidence for compliance
Many compliance audits require
access to the state of your
systems at arbitrary times (i.e.,
PCI, HIPAA).
A complete inventory of all
resources and their configuration
attributes is available for any
point in time.
But what does a jellyfish have
to do with compliance?
35. Change management: Option 1
Account 1
Account 2
Account 3
Common S3 bucket
Common SNS topic
Adaptor is custom software to convert JSON into
CMDB’s format
BMC, HP,
Custom
CMDB
Adaptor
Data pipe into existing CMDB
36. Change management: Option 2
Account 1
Account 2
Account 3
AWS
Config
BMC
HP
API
AdaptorAdaptor
Adaptor is custom software needed to convert JSON
into CMDB’s format
Use in federated form
37. What resources exist?
Discover resources that exist in
your account
Discover resources that no longer
exist in your account
A complete inventory of all
resources and their configuration
attributes available via API and
console
38.
39. What changed?
It is critical to be able to quickly
answer, “What has changed?”
You can quickly identify the
recent configuration changes to
your resources by using the
console or by building custom
integrations with the regularly
exported resource history files.
43. AWS Identity and Access Management
• Gain visibility into users, groups, roles, and policies
• Answer
• What policies did user joe have on May 30, 2014?
• Did anything change in the “dbUser” policy I created?
• Who used the “dbUser” policy between November 10 and
November 15?
• Config Rules
• Create Config rules that check or validate policies attached to
users, groups, or roles
• Establish strong governance on changes to policy documents
44. Amazon EC2 Dedicated Hosts
• Gain visibility into Amazon EC2 hosts which run your
instances
• Use data for assessing compliance with OS licensing
See CMP203: EC2 Enhancements for the Enterprise
Thursday, October 8, 1:30pm – 2:30pm
Palazzo H
45. Supported resource types
Resource Type Resource
Amazon EC2 EC2 Instance
EC2 Elastic IP (VPC only)
EC2 Security Group
EC2 Network Interface
Amazon EBS EBS Volume
Amazon VPC VPCs
Network ACLs
Route Table
Subnet
VPN Connection
Internet Gateway
Customer Gateway
VPN Gateway
AWS CloudTrail Trail
Identity and Access Management IAM Users
IAM Groups
IAM Roles
IAM Customer Managed Policies
Amazon EC2 Dedicated Hosts
46. AWS Config: Nine public AWS regions
US East
(N. Virginia)
US West
(Oregon)
US West
(N.California)
South America
(Sao Paulo)
EU
(Ireland)
EU (Frankfurt)
Asia Pacific (Tokyo)
Asia Pacific (Sydney)
Asia Pacific
(Singapore)
47. AWS Config Rules preview: US East (N. Virginia)
US East
(N. Virginia)
54. AWS Config pricing
Pay one time only per configuration item (CI) recorded:
$0.003 per CI (all regions)
Amazon S3/Amazon SNS charges applicable. No
additional charges for CI storage or retrieval via APIs.
55. Config Rules pricing
Priced based on number of active rules per month
$2.00 per active rule per month with account-level allowance of
20,000 evaluations per active rule. Overage of $0.0001 per
evaluation
• Evaluation: Single result reported for the rule/resource. Evaluations
are shared across rules in account.
• Active rule: Rule with at least one evaluation that month
• Customer managed rules may incur additional charges from AWS
Lambda
56. Pricing example
2,500 CIs per month from all configuration changes
5 active Config rules, reporting total 100 evaluations/day
Total evaluations per month = 100*30 = 3,000 evaluations
Allowance for 5 Config rules = 5 * 20,000 = 100,000 evaluations
Config configuration items: 2,500 * $0.003 = $7.5
5 active Config rules : 5 * $2.0 = $10.0
Evaluation charges : $0
Total charges $17.5
57. AWS security tools: What to use?
AWS Security and Compliance
Security of the cloud
Services and tools to aid
security in the cloud
Service Type Use cases
On-demand
evaluations
Security insights into your
application deployments
running inside your EC2
instance
Continuous
evaluations
Codified internal best
practices, misconfigurations,
security vulnerabilities, or
actions on changes
Periodic evaluations
Cost, performance, reliability,
and security checks that apply
broadly
Inspector
Config
Rules
Trusted
Advisor
58. AWS Config: In 2015 (Recap)
General Availability – Feb 2015
AWS Config general availability
Optional + Email friendly notifications - March 2015
Turn off SNS notifications, or use filter notifications
in email
New Regions - April 2015
Description: All 9 public AWS regions
New Partner: LogStorage - April 2015
Integration with AWS Config for Enterprise
Management (Japan)
Selective Resource - June 2015
Select a subset of AWS resources for AWS Config to
track
Discovery and Inventory – Aug 2015
New API and console to discover existing and
deleted resources by simply providing resource type
New Partner: Loggly – Oct 2015
Analyze, track, and alert on AWS Config details with
Loggly
Config Rules – Oct 2015 (Preview)
Rules to evaluate and report results
IAM resources – (Announced)
Track historical and current configurations for users,
groups, roles, and policies
EC2 Dedicated Hosts– (Announced)
Track usage of dedicated hosts for assessing
compliance with licensing
59. Don’t forget
• Sign up for the Config Rules preview NOW!
• https://aws.amazon.com/config/preview
• Contact us via AWS Config forums
https://forums.aws.amazon.com/forum.jspa?forumID=184
• Enjoy re:Play!