Submit Search
Upload
Security @ (Cloud) Scale Deep Dive
•
2 likes
•
214 views
K
Kristana Kane
Follow
Security @ (Cloud) Scale Deep Dive
Read less
Read more
Technology
Report
Share
Report
Share
1 of 48
Recommended
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
Kristana Kane
Getting Started with Docker on AWS
Getting Started with Docker on AWS
Kristana Kane
Deep Dive on Microservices and Docker
Deep Dive on Microservices and Docker
Kristana Kane
Serverless Big Data Architectures: Serverless Data Analytics
Serverless Big Data Architectures: Serverless Data Analytics
Kristana Kane
Microservizi e container Docker in produzione: strumenti e consigli
Microservizi e container Docker in produzione: strumenti e consigli
Amazon Web Services
Migrating Your Databases to AWS Deep Dive on Amazon RDS and AWS
Migrating Your Databases to AWS Deep Dive on Amazon RDS and AWS
Kristana Kane
Protecting your data in aws - Toronto
Protecting your data in aws - Toronto
Amazon Web Services
Running Lean Architectures
Running Lean Architectures
Amazon Web Services
Recommended
Automating Security in Cloud Workloads with DevSecOps
Automating Security in Cloud Workloads with DevSecOps
Kristana Kane
Getting Started with Docker on AWS
Getting Started with Docker on AWS
Kristana Kane
Deep Dive on Microservices and Docker
Deep Dive on Microservices and Docker
Kristana Kane
Serverless Big Data Architectures: Serverless Data Analytics
Serverless Big Data Architectures: Serverless Data Analytics
Kristana Kane
Microservizi e container Docker in produzione: strumenti e consigli
Microservizi e container Docker in produzione: strumenti e consigli
Amazon Web Services
Migrating Your Databases to AWS Deep Dive on Amazon RDS and AWS
Migrating Your Databases to AWS Deep Dive on Amazon RDS and AWS
Kristana Kane
Protecting your data in aws - Toronto
Protecting your data in aws - Toronto
Amazon Web Services
Running Lean Architectures
Running Lean Architectures
Amazon Web Services
AWS APAC Webinar Week - Introduction to Cloud Computing With Amazon Web Services
AWS APAC Webinar Week - Introduction to Cloud Computing With Amazon Web Services
Amazon Web Services
Ponencia Principal - AWS Summit - Madrid
Ponencia Principal - AWS Summit - Madrid
Amazon Web Services
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Amazon Web Services
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
Amazon Web Services
SEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) Scale
Amazon Web Services
Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2
Amazon Web Services
Crypto Options in AWS
Crypto Options in AWS
Amazon Web Services
HSBC and AWS Day - AWS foundations
HSBC and AWS Day - AWS foundations
Amazon Web Services
AWS Enterprise Summit Netherlands - Enterprise Applications on AWS
AWS Enterprise Summit Netherlands - Enterprise Applications on AWS
Amazon Web Services
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Amazon Web Services
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
Amazon Web Services
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Amazon Web Services
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
Amazon Web Services
Wild Rides Takes off - The Dawn of a New Unicorn
Wild Rides Takes off - The Dawn of a New Unicorn
Amazon Web Services
Getting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
The Tightrope for K12 IT
The Tightrope for K12 IT
Amazon Web Services
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
Amazon Web Services
(SEC204) AWS GovCloud (US): Not Just for Govies
(SEC204) AWS GovCloud (US): Not Just for Govies
Amazon Web Services
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
Amazon Web Services
Bluesoft @ AWS re:Invent 2017 + AWS 101
Bluesoft @ AWS re:Invent 2017 + AWS 101
André Faria Gomes
AWS - Security & Compliance
AWS - Security & Compliance
Amazon Web Services LATAM
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Amazon Web Services
More Related Content
What's hot
AWS APAC Webinar Week - Introduction to Cloud Computing With Amazon Web Services
AWS APAC Webinar Week - Introduction to Cloud Computing With Amazon Web Services
Amazon Web Services
Ponencia Principal - AWS Summit - Madrid
Ponencia Principal - AWS Summit - Madrid
Amazon Web Services
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Amazon Web Services
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
Amazon Web Services
SEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) Scale
Amazon Web Services
Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2
Amazon Web Services
Crypto Options in AWS
Crypto Options in AWS
Amazon Web Services
HSBC and AWS Day - AWS foundations
HSBC and AWS Day - AWS foundations
Amazon Web Services
AWS Enterprise Summit Netherlands - Enterprise Applications on AWS
AWS Enterprise Summit Netherlands - Enterprise Applications on AWS
Amazon Web Services
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Amazon Web Services
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
Amazon Web Services
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Amazon Web Services
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
Amazon Web Services
Wild Rides Takes off - The Dawn of a New Unicorn
Wild Rides Takes off - The Dawn of a New Unicorn
Amazon Web Services
Getting Started with AWS Security
Getting Started with AWS Security
Amazon Web Services
The Tightrope for K12 IT
The Tightrope for K12 IT
Amazon Web Services
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
Amazon Web Services
(SEC204) AWS GovCloud (US): Not Just for Govies
(SEC204) AWS GovCloud (US): Not Just for Govies
Amazon Web Services
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
Amazon Web Services
Bluesoft @ AWS re:Invent 2017 + AWS 101
Bluesoft @ AWS re:Invent 2017 + AWS 101
André Faria Gomes
What's hot
(20)
AWS APAC Webinar Week - Introduction to Cloud Computing With Amazon Web Services
AWS APAC Webinar Week - Introduction to Cloud Computing With Amazon Web Services
Ponencia Principal - AWS Summit - Madrid
Ponencia Principal - AWS Summit - Madrid
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
SEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) Scale
Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2
Crypto Options in AWS
Crypto Options in AWS
HSBC and AWS Day - AWS foundations
HSBC and AWS Day - AWS foundations
AWS Enterprise Summit Netherlands - Enterprise Applications on AWS
AWS Enterprise Summit Netherlands - Enterprise Applications on AWS
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
AWS re:Invent 2016: Industry Opportunities for AWS Partners: Healthcare, Fina...
Wild Rides Takes off - The Dawn of a New Unicorn
Wild Rides Takes off - The Dawn of a New Unicorn
Getting Started with AWS Security
Getting Started with AWS Security
The Tightrope for K12 IT
The Tightrope for K12 IT
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
Seeing More Clearly: How Essilor Overcame 3 Common Cloud Security Challenges ...
(SEC204) AWS GovCloud (US): Not Just for Govies
(SEC204) AWS GovCloud (US): Not Just for Govies
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
Bluesoft @ AWS re:Invent 2017 + AWS 101
Bluesoft @ AWS re:Invent 2017 + AWS 101
Similar to Security @ (Cloud) Scale Deep Dive
AWS - Security & Compliance
AWS - Security & Compliance
Amazon Web Services LATAM
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Amazon Web Services
AWS Security Fundamentals
AWS Security Fundamentals
Amazon Web Services
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
Amazon Web Services
GPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through Failure
Amazon Web Services
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017
Amazon Web Services
20180514 _aws data-security_aws.compressed
20180514 _aws data-security_aws.compressed
Sekretariat3A
Protecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and Features
Amazon Web Services
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
Vladimir Simek
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
Amazon Web Services
Intro to threat_detection_and_remediation on aws
Intro to threat_detection_and_remediation on aws
Bela Sojina MBA, PMP
NEW LAUNCH! AWS Greengrass and Amazon FreeRTOS: Connectivity and Security at ...
NEW LAUNCH! AWS Greengrass and Amazon FreeRTOS: Connectivity and Security at ...
Amazon Web Services
Serverless Architecture Patterns
Serverless Architecture Patterns
Amazon Web Services
Introduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption Framework
Amazon Web Services
Introduction to Security and AWS Storage
Introduction to Security and AWS Storage
Amazon Web Services
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Amazon Web Services
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Amazon Web Services
Journey Towards Scaling Your API to 10 Million Users
Journey Towards Scaling Your API to 10 Million Users
Adrian Hornsby
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
Amazon Web Services
Manage Infrastructure Securely at Scale and Eliminate Operational Risks - DEV...
Manage Infrastructure Securely at Scale and Eliminate Operational Risks - DEV...
Amazon Web Services
Similar to Security @ (Cloud) Scale Deep Dive
(20)
AWS - Security & Compliance
AWS - Security & Compliance
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
AWS Security Fundamentals
AWS Security Fundamentals
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)
GPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through Failure
Security at Scale with AWS - AWS Summit Cape Town 2017
Security at Scale with AWS - AWS Summit Cape Town 2017
20180514 _aws data-security_aws.compressed
20180514 _aws data-security_aws.compressed
Protecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and Features
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
AWS Webinar CZSK 02 Bezpecnost v AWS cloudu
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
Intro to threat_detection_and_remediation on aws
Intro to threat_detection_and_remediation on aws
NEW LAUNCH! AWS Greengrass and Amazon FreeRTOS: Connectivity and Security at ...
NEW LAUNCH! AWS Greengrass and Amazon FreeRTOS: Connectivity and Security at ...
Serverless Architecture Patterns
Serverless Architecture Patterns
Introduction to the Security Perspective of the Cloud Adoption Framework
Introduction to the Security Perspective of the Cloud Adoption Framework
Introduction to Security and AWS Storage
Introduction to Security and AWS Storage
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Journey Towards Scaling Your API to 10 Million Users
Journey Towards Scaling Your API to 10 Million Users
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
Manage Infrastructure Securely at Scale and Eliminate Operational Risks - DEV...
Manage Infrastructure Securely at Scale and Eliminate Operational Risks - DEV...
More from Kristana Kane
AWS Summit Atlanta Keynote
AWS Summit Atlanta Keynote
Kristana Kane
Getting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless Computing
Kristana Kane
An Overview to Artificial Intelligence Services at AWS
An Overview to Artificial Intelligence Services at AWS
Kristana Kane
AWS IoT Deep Dive
AWS IoT Deep Dive
Kristana Kane
Deep Dive into Apache MXNet on AWS
Deep Dive into Apache MXNet on AWS
Kristana Kane
Getting Started with AWS IoT
Getting Started with AWS IoT
Kristana Kane
VMware and AWS Together - VMware Cloud on AWS
VMware and AWS Together - VMware Cloud on AWS
Kristana Kane
More from Kristana Kane
(7)
AWS Summit Atlanta Keynote
AWS Summit Atlanta Keynote
Getting Started with AWS Lambda and Serverless Computing
Getting Started with AWS Lambda and Serverless Computing
An Overview to Artificial Intelligence Services at AWS
An Overview to Artificial Intelligence Services at AWS
AWS IoT Deep Dive
AWS IoT Deep Dive
Deep Dive into Apache MXNet on AWS
Deep Dive into Apache MXNet on AWS
Getting Started with AWS IoT
Getting Started with AWS IoT
VMware and AWS Together - VMware Cloud on AWS
VMware and AWS Together - VMware Cloud on AWS
Recently uploaded
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
Deakin University
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
2toLead Limited
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Scott Keck-Warren
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
null - The Open Security Community
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Pooja Nehwal
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
Hyundai Motor Group
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
LBM Solutions
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Hyundai Motor Group
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Patryk Bandurski
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
soniya singh
Slack Application Development 101 Slides
Slack Application Development 101 Slides
praypatel2
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Allon Mureinik
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
Mark Billinghurst
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
BookNet Canada
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Safe Software
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Enjoy Anytime
Recently uploaded
(20)
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Artificial intelligence in the post-deep learning era
Artificial intelligence in the post-deep learning era
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Tech-Forward - Achieving Business Readiness For Copilot in Microsoft 365
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
Vulnerability_Management_GRC_by Sohang Sengupta.pptx
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
Next-generation AAM aircraft unveiled by Supernal, S-A2
Next-generation AAM aircraft unveiled by Supernal, S-A2
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Snow Chain-Integrated Tire for a Safe Drive on Winter Roads
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
FULL ENJOY 🔝 8264348440 🔝 Call Girls in Diplomatic Enclave | Delhi
Slack Application Development 101 Slides
Slack Application Development 101 Slides
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Hyderabad Call Girls Khairatabad ✨ 7001305949 ✨ Cheap Price Your Budget
Security @ (Cloud) Scale Deep Dive
1.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Cameron Worrell, Solutions Architect August 17th, 2017 Security @ (Cloud) Scale
2.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Agenda • AWS Controls that You Don’t Need to Worry About • Framework to Help You Adapt the Cloud Faster • AWS Services that You Should be Using • Reference Architectures that You Can Use
3.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Agenda
4.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Controls
5.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Controls 2,500+
6.
I wish I
was a Solid State Drive in someone else’s Datacenter…
7.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Controls
8.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Controls AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Your own accreditation Your own certifications Your own external auditsCustomerAWS Customer scope and effort is reduced Better results through focused efforts Built on AWS consistent baseline controls
9.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Cloud Adoption Framework • Each Perspective provides guidance for different parts of an organization • Helps YOU adapt existing practices or introduce new practices for cloud computing
10.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. The Security Journey to the Cloud Security in the cloud is familiar. The increase in agility and the ability to perform actions faster, at a larger scale and at a lower cost, does not invalidate well- established principles of information security.
11.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. The CAF Security Perspective 5 Core Capabilities Identity and Access Management Detective Controls Infrastructure Security Data Protection Incident Response
12.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Scaling to >1 Million Users RDS DB Instance Active (Multi-AZ) Availability Zone ELB Balancer RDS DB Instance Read Replica RDS DB Instance Read Replica Web Instance Web Instance Web Instance Web Instance Amazon Route 53 User Amazon S3 Amazon CloudFront DynamoDB Amazon SQS ElastiCache Worker Instance Worker Instance Amazon CloudWatch Internal App Instance Internal App Instance Amazon SES Lambda
13.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Security Already Built In… Security groups are virtual firewalls that control the traffic for one or more resources AWS IAM securely controls access to AWS services and resources for your users.
14.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Security Already Built In…
15.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Identity and Access Management AWS Organizations AWS IAM AWS Security Token Service
16.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Detective Controls AWS CloudTrail Amazon CloudWatch AWS Config Amazon Inspector VPC Flow Logs Account Resources Network
17.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Detective Controls - VPC Flow Logs
18.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Detective Controls - VPC Flow Logs
19.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Infrastructure Security AWS Shield AWS WAF Network AWS OpsWorks Resources AWS Trusted Advisor AWS Config Rules Demo @ https://waf.widgetsllc.xyz
20.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Infrastructure Security – AWS Config Rules • Amazon CloudTrail should be enabled… • Is it? • All EBS volumes encrypted… • Are they? • All security groups in attached state should not have unrestricted access to port 22. • Do they?
21.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Infrastructure Security – AWS Config Rules • Codify and automate your own practices • Get started with samples in AWS Lambda • Implement guidelines for security best practices and compliance • Use rules from various AWS Partners • View compliance in one dashboard
22.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Infrastructure Security – AWS Config Rules
23.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Infrastructure Security – AWS Config Rules
24.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Infrastructure Security – AWS Config Rules
25.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Data Protection AWS CloudHSM AWS Key Management Service AWS Certificate Manager
26.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Data Protection - Encryption Encryption In-Transit SSL/TLS VPN / IPSEC SSH Encryption At-Rest Object Database Filesystem Disk
27.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Data Protection – AWS Certificate Manager • AWS Certificate Manager (AWS ACM) is a service that lets you easily provision, manage, and deploy TLS certificates for use with Amazon Elastic Load Balancer or Amazon CloudFront distribution. • No additional charge for provisioning TLS certificates • Manages the renewal process of TLS certificates • Certificates are verified by Amazon’s certificate authority (CA), Amazon Trust Services (ATS)
28.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Data Protection – AWS Certificate Manager
29.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Data Protection – AWS KMS Data key 1 S3 object EBS volume Amazon Redshift cluster Data key 2 Data key 3 Data key 4 Custom application Customer Master Keys
30.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response Amazon CloudWatch Amazon Lambda
31.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – AWS CloudWatch Events
32.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – AWS CloudWatch Events
33.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – AWS CloudWatch Events
34.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – AWS CloudWatch Events
35.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – AWS CloudWatch Events
36.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – AWS CloudWatch Events
37.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – Lambda Log from __future__ import print_function import json def lambda_handler(event, context): print(json.dumps(event, indent=2))
38.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – AWS CloudWatch Events
39.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – Lambda Respond cloudtrail = boto3.client('cloudtrail') trail_arn = event["detail"]["requestParameters"]["name "] ct_response = cloudtrail.start_logging( Name = trail_arn )
40.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – Lambda Notify sns_topic = "arn:aws:sns:us-east-1:123459227412:reporter-topic" subject = 'EVENT: ' + event["detail"]["eventName"] message = "What happened? " + event["detail"]["eventName"] + "n" "What service? " + event["detail"]["eventSource"] + "n" "Where? " + event["detail"]["awsRegion"] + "n" "When? " + event["detail"]["eventTime"] + "n" "Who? " + str(json.dumps(event["detail"]["userIdentity"], indent=2)) sns = boto3.client('sns') sns_response = sns.publish( TopicArn = sns_topic, Message = message, Subject = subject, MessageStructure = 'string' )
41.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – Amazon SNS Notification
42.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Incident Response – Complete
43.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Scaling to >1 Million Users RDS DB Instance Active (Multi-AZ) Availability Zone ELB Balancer RDS DB Instance Read Replica RDS DB Instance Read Replica Web Instance Web Instance Web Instance Web Instance Amazon Route 53 User Amazon S3 Amazon CloudFront DynamoDB Amazon SQS ElastiCache Worker Instance Worker Instance Amazon CloudWatch Internal App Instance Internal App Instance Amazon SES Lambda
44.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Scaling to >1 Million Users RDS DB Instance Active (Multi-AZ) Availability Zone ELB Balancer RDS DB Instance Read Replica RDS DB Instance Read Replica Web Instance Web Instance Web Instance Web Instance Amazon Route 53 User Amazon S3 Amazon CloudFront DynamoDB Amazon SQS ElastiCache Worker Instance Worker Instance Amazon CloudWatch Internal App Instance Internal App Instance Amazon SES Lambda AWS WAF AWS Shield AWS Organizations AWS CloudTrail AWS Config VPC Flow Logs Amazon Inspector AWS OpsWorks
45.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Deploy Faster Wherever You Like 16 Regions – 44 Availability Zones – 82 Edge Locations Region & Number of Availability Zones AWS GovCloud (2) EU Ireland (3) US West Frankfurt (3) Oregon (3) London (2) Northern California (3) Asia Pacific US East Singapore (2) N. Virginia (6), Ohio (3) Sydney (2), Tokyo (3), Seoul (2), Mumbai (2) Canada Central (2) China Beijing (2) South America São Paulo (3)
46.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. AWS Marketplace Security Partners Infrastructure Security Logging & Monitoring Identity & Access Control Configuration & Vulnerability Analysis Data Protection
47.
© 2017, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Summary • AWS Security Benefits: • Integrated Security & Compliance • Global Resilience, Visibility, & Control • Maintain Your Privacy and Data Ownership • Agility Through Security Automation • Security Innovation at Scale • Broad Security Partner & Marketplace Solutions
48.
Thank You!