How can you ensure your environment is Secure? How can you implement an effective governance model in your organization? The AWS Cloud Adoption Framework (CAF) and its Security Perspective provide a structured approach to make risk based decisions, build security guardrails and meet your compliance goals as you migrate to AWS. The Security perspective of the CAF provides a set of 5 core themes designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection and Incident response. In this session you will learn what it takes to lead a Secure Cloud Journey for your organization and make key strategic decisions.
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018Boaz Ziniman
Understand the values your organization can get from the cloud is the first step in your cloud transformation journey.
We will share best practices for getting started with Cloud Computing and not only from the technical perspective (culture change and gains, building teams, business case, project selection and more). Join us for this session and Let's Start your Cloud journey.
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018Amazon Web Services
So what's the right way to operate a cloud environment? This session will guide you through best practices, the core principals of a well architected environment.
We will demonstrate this via looking at some real-world use cases and evaluate them against criteria in the Performance, Reliability, Security, Cost and Cloud operation.
Optimizing Costs as You Scale on AWS (ENT302) - AWS re:Invent 2018Amazon Web Services
The cloud offers a first-in-a-career opportunity to constantly optimize your costs as you grow and stay on the leading edge of innovation. By developing a cost-conscious culture and assigning the responsibility for efficiency to the appropriate business owners, you can deliver innovation efficiently and cost effectively. In this session, we share The Vanguard Group’s real-world experience of optimizing their costs, and we review a wide range of cost planning, monitoring, and optimization strategies.
Leadership Session: Using DevOps, Microservices, and Serverless to Accelerate...Amazon Web Services
In this session, learn how AWS can help you innovate faster with DevOps, microservices, and serverless. Join us for a rare and intimate discussion with AWS senior leaders: David Richardson, VP of Serverless, Ken Exner, director of AWS Developer Tools, and Deepak Singh, director of Compute Services, Containers, and Linux. Hear them share development best practices and discuss key learnings from building modern applications at Amazon.com. Also, learn how developers can leverage containers, AWS Lambda, and developer tools to build and run production applications in the cloud.
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...Amazon Web Services
In this session, learn how LogMeIn moves quickly and stays secure through the power of automation on AWS. We walk through core AWS security building blocks, such as IAM, AWS CloudTrail, AWS Config, and Amazon CloudWatch. We dive deep into LogMeIn’s approach for empowering developers on AWS while also meeting required security controls.
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Amazon Web Services
In this session, we discuss best practices and approaches for managing your Microsoft Windows-based infrastructure on AWS. We describe the AWS services that can help you manage Windows servers at scale and realize the maximum benefit of the cloud. In addition, we show you how to build simple and effective solutions to manage logging, configuration drift, inventory, licensing, and more. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
Starting your Cloud Transformation Journey - Tel Aviv Summit 2018Boaz Ziniman
Understand the values your organization can get from the cloud is the first step in your cloud transformation journey.
We will share best practices for getting started with Cloud Computing and not only from the technical perspective (culture change and gains, building teams, business case, project selection and more). Join us for this session and Let's Start your Cloud journey.
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018Amazon Web Services
So what's the right way to operate a cloud environment? This session will guide you through best practices, the core principals of a well architected environment.
We will demonstrate this via looking at some real-world use cases and evaluate them against criteria in the Performance, Reliability, Security, Cost and Cloud operation.
Optimizing Costs as You Scale on AWS (ENT302) - AWS re:Invent 2018Amazon Web Services
The cloud offers a first-in-a-career opportunity to constantly optimize your costs as you grow and stay on the leading edge of innovation. By developing a cost-conscious culture and assigning the responsibility for efficiency to the appropriate business owners, you can deliver innovation efficiently and cost effectively. In this session, we share The Vanguard Group’s real-world experience of optimizing their costs, and we review a wide range of cost planning, monitoring, and optimization strategies.
Leadership Session: Using DevOps, Microservices, and Serverless to Accelerate...Amazon Web Services
In this session, learn how AWS can help you innovate faster with DevOps, microservices, and serverless. Join us for a rare and intimate discussion with AWS senior leaders: David Richardson, VP of Serverless, Ken Exner, director of AWS Developer Tools, and Deepak Singh, director of Compute Services, Containers, and Linux. Hear them share development best practices and discuss key learnings from building modern applications at Amazon.com. Also, learn how developers can leverage containers, AWS Lambda, and developer tools to build and run production applications in the cloud.
How LogMeIn Automates Governance and Empowers Developers at Scale (SEC302) - ...Amazon Web Services
In this session, learn how LogMeIn moves quickly and stays secure through the power of automation on AWS. We walk through core AWS security building blocks, such as IAM, AWS CloudTrail, AWS Config, and Amazon CloudWatch. We dive deep into LogMeIn’s approach for empowering developers on AWS while also meeting required security controls.
Operationalizing Microsoft Workloads (WIN320) - AWS re:Invent 2018Amazon Web Services
In this session, we discuss best practices and approaches for managing your Microsoft Windows-based infrastructure on AWS. We describe the AWS services that can help you manage Windows servers at scale and realize the maximum benefit of the cloud. In addition, we show you how to build simple and effective solutions to manage logging, configuration drift, inventory, licensing, and more. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.
Secure Your Customers' Data from Day 1: Armando Leite, AWS
All companies, regardless of size, should build with protection of customer data as a top priority. This session will examine how to achieve this through topics including: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. You'll learn key principles of how to build a secure organization and protect your customers data. Don't wait until your first security incident before putting these best practices in place.
Learning Objectives:
- Learn about requirements for AWS Firewall Manager, like AWS Organizations
- Learn how to keep new Web applications in compliance across the org from day one
- Learn how Firewall Manager supports your custom WAF rules as well as Managed Rules for AWS WAF
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...Amazon Web Services
Do you want to have a strong understanding of governance across all of your AWS accounts? Are you struggling to get centralized visibility across your entire organization? Join us in this session as we explore AWS Config, a service that enables centralized governance and resource monitoring. Learn best practices for enabling governance policies through a central account across multiple accounts in your organization, and monitor their compliance status using the multi-account, multi-region data aggregation capability. Also learn about recent launches and how customers are using AWS Config in their enterprises today.
AWS Fargate makes running containerized workloads on AWS easier than ever. In this session, we provide a technical foundation for using AWS Fargate with your existing containerized services. We also provide best practices for building images, configuring task definitions, task networking, secrets management, and monitoring.
A Practitioner's Guide to Securing Your Cloud (Like an Expert) (SEC203-R1) - ...Amazon Web Services
New to AWS? Given the number of AWS services there are, you may think that it’s going to take a lot of work to get your security house in order in the cloud. In fact, across AWS, there are only a few simple patterns you need to know to be effective at security in the cloud. In this session, we’ll focus on the permissions controls offered by Identity and Access Management (IAM) and the network security controls offered by Virtual Private Cloud (VPC). You’ll walk away having seen concrete examples that illustrate the patterns that enable you to properly secure any workload in AWS.
Connected Product Development - Secure Cloud & Local Connectivity for Microco...Amazon Web Services
Learning Objectives:
- Configure and download Amazon FreeRTOS on supported hardware to quickly develop a POC
- Deploy a connected product running Amazon FreeRTOS and connect to AWS cloud services
- Connect a device running Amazon FreeRTOS to a local AWS Greengrass Core device
SPEKE-ing of Content Protection & DRM (MAE302) - AWS re:Invent 2018Amazon Web Services
Encrypting high-value content has long been a challenge for media customers. The number of digital rights management (DRM) schemes, transcoding and packaging vendors, and packaging formats created hundreds of potential integration points, each requiring extensive engineering resources and time. The Secure Packager and Encoder Key Exchange (SPEKE) is a single, open REST API specification for authentication and key exchange between DRM platforms and encryptors (transcoders and packagers) that reduces the number of integration points and accelerates time-to-market for customers for on-premises, hybrid, and cloud video workflows. In this session, learn about the SPEKE API and the Content Protection Information Exchange (CPIX) format, and how SPEKE establishes secure key exchange using Amazon API Gateway, document encryption, IAM roles, and Signature Version 4 signing for live and file-based video workflows.
Enterprises require that their mission critical business applications such as Microsoft, SAP and Oracle are up and running 24x7. Whatever it is, the requirements are the same: Availability, security and flexibility are key. In this session we will walk through practical examples of how AWS customers operate heavily mission critical applications in the cloud. Through real world customer examples, you will learn how Enterprise deploy mission critical workloads in highly redundant manner as well as apply security controls which will provide you with increased visibility and control of your applications.
Optimizing Storage for Enterprise Workloads and Migrations (STG202) - AWS re:...Amazon Web Services
In this session, we focus on best practices for AWS block and file storage when supporting enterprise workloads (like SAP, Oracle, Microsoft applications, and home directories). We discuss migrating mission-critical workload data, selecting volumes or file systems, optimizing performance, and designing for durability and availability. We also review optimizing for cost to ensure that your lift-and-shift project is a success.
Module 5: AWS Elasticity and Management Tools
This module will cover:
Auto Scaling concepts
Elastic Load Balancing concepts
AWS Management tools including CloudWatch
Closing Remarks
Autonomous DevSecOps: Five Steps to a Self-Driving Cloud (ENT214-S) - AWS re:...Amazon Web Services
In this session, we outline the five levels of cloud operations automation, providing a clear path and maturity model for achieving security, compliance, and architecture best practices. Using real-world case studies from Fortune 100 enterprises, we demonstrate how secure AWS Landing Zones and policy-based, automated guardrails accelerate the safe migration and ongoing operation of hundreds of enterprise applications, putting your team on the road to DevSecOps maturity. This session is brought to you by AWS partner, Turbot HQ, Inc.
Media Processing Workflows at High Velocity and Scale using AI and ML - AWS O...Amazon Web Services
Learning Objectives:
- See how AI and ML in media processing can reduce time and costs while generating actionable insights
- Understand why and how to add orchestration to performance-sensitive media workflows
- See real customer examples of media processing workflows on AWS
Module 3: AWS Security
This module will cover how AWS approaches securing the cloud, along with the AWS Shared Responsibility Model, AWS Access Control and Management, AWS Security Compliance Programs, and resources available to aid you in better understanding AWS Cloud security options.
Building a Hybrid Cloud Architecture Utilizing AWS Landing ZonesTom Laszewski
Application modernization projects with AWS start with creating an AWS Landing Zone. Based on AWS best practices, AWS Landing Zones help ensure a secure, performant, highly available, and cost-efficient AWS environment. Common hybrid cloud use cases, such as cloud migration, data center extension, disaster recovery, cloud bursting, and edge computing, require data integration, operations management and monitoring, security, and networking as the foundational components of a hybrid cloud architecture. In this session, we dive deep on the networking, security, account management structure, operating management, and monitoring best practices to build your own AWS Landing Zone that can be extended into your data center. AWS partner, GreenPages, demonstrates a repeatable hybrid cloud architecture to secure, manage, and integrate your network across on-premises and multiple AWS regions using an AWS Landing Zone. AWS customer, Finch Therapeutics, then discusses how the company utilized the GreenPages hybrid cloud reference implementation to deploy, secure, and manage its hybrid cloud environment.
The Evolution of Identity and Access Management on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Understand the identity and access management evolution
- Learn best practices for managing AWS root user credentials and Users, Groups, and Roles, especially as the number of users and AWS accounts grow
- Better understand identity federation by viewing two demos
In this session, Tim Wagner, general manager of AWS Lambda and API Gateway, explores how developers can design, develop, deliver, and monitor cloud applications as they take advantage of the AWS serverless platform and developer toolset. He shares technical insights that developers can use to optimize their workflows and their use of cloud resources, which, in turn, can improve security, scalability, and availability. He also discusses common serverless patterns used by enterprises, and he dives into the operational and security features used by large and mature organizations. You will also hear from a Principal Architect of T-Mobile who will discuss how T-Mobile is driving adoption of serverless within the company.
As serverless architectures become more popular, customers need a framework of patterns to help them identify how they can leverage AWS to deploy their workloads without managing servers or operating systems. This session describes reusable serverless patterns while considering costs. For each pattern, we provide operational and security best practices and discuss potential pitfalls and nuances. We will also discuss considerations for moving an existing server-based workload to a serverless architecture. The patterns use services like AWS Lambda, Amazon API Gateway, Amazon Kinesis Streams, Amazon Kinesis Analytics, Amazon DynamoDB, Amazon S3, AWS Step Functions, AWS Config, AWS X-Ray, and Amazon Athena. This session can help you recognize candidates for serverless architectures in your own organization and understand areas of potential savings and increased agility.
Introduction to the Security Perspective of the Cloud Adoption FrameworkAmazon Web Services
by Bill Reid, Sr Mgr, Solutions Architecture AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
by Michael Wasielewski, CISSP, CCSP, AWS
The Security Perspective of the AWS Cloud Adoption Framework (CAF) provides a framework for maturation via a structured program that incorporates best practices and processes to define, build, and optimize how you operate security controls in the AWS platform. The Security perspective of the CAF provides a set of 5 core foundational theme designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection, and Incident response. During this session, we address how to put the Security Perspective of the CAF into practice.
Secure Your Customers' Data from Day 1: Armando Leite, AWS
All companies, regardless of size, should build with protection of customer data as a top priority. This session will examine how to achieve this through topics including: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. You'll learn key principles of how to build a secure organization and protect your customers data. Don't wait until your first security incident before putting these best practices in place.
Learning Objectives:
- Learn about requirements for AWS Firewall Manager, like AWS Organizations
- Learn how to keep new Web applications in compliance across the org from day one
- Learn how Firewall Manager supports your custom WAF rules as well as Managed Rules for AWS WAF
This module will cover cloud computing concepts and AWS global Infrastructure.
• Recognize terminology and concepts as they relate to the AWS platform and navigate the AWS Management Console.
• Understand the foundational services, including Amazon Elastic Compute Cloud (EC2), Amazon Virtual Private Cloud (VPC), Amazon Simple Storage Service (S3), and Amazon Elastic Block Store (EBS).
• Understand the security measures AWS provides and key concepts of AWS Identity and Access Management (IAM).
• Understand AWS database services, including Amazon DynamoDB and Amazon Relational Database Service (RDS). • Understand AWS management tools, including Auto Scaling, Amazon CloudWatch, Elastic Load Balancing (ELB), and AWS Trusted Advisor.
Presenters today:
• John Balsillie Senior Technical Trainer, AWS APAC
• Karthik Chandy Senior Technical Trainer, AWS APAC
Best Practices for Centrally Monitoring Resource Configuration & Compliance (...Amazon Web Services
Do you want to have a strong understanding of governance across all of your AWS accounts? Are you struggling to get centralized visibility across your entire organization? Join us in this session as we explore AWS Config, a service that enables centralized governance and resource monitoring. Learn best practices for enabling governance policies through a central account across multiple accounts in your organization, and monitor their compliance status using the multi-account, multi-region data aggregation capability. Also learn about recent launches and how customers are using AWS Config in their enterprises today.
AWS Fargate makes running containerized workloads on AWS easier than ever. In this session, we provide a technical foundation for using AWS Fargate with your existing containerized services. We also provide best practices for building images, configuring task definitions, task networking, secrets management, and monitoring.
A Practitioner's Guide to Securing Your Cloud (Like an Expert) (SEC203-R1) - ...Amazon Web Services
New to AWS? Given the number of AWS services there are, you may think that it’s going to take a lot of work to get your security house in order in the cloud. In fact, across AWS, there are only a few simple patterns you need to know to be effective at security in the cloud. In this session, we’ll focus on the permissions controls offered by Identity and Access Management (IAM) and the network security controls offered by Virtual Private Cloud (VPC). You’ll walk away having seen concrete examples that illustrate the patterns that enable you to properly secure any workload in AWS.
Connected Product Development - Secure Cloud & Local Connectivity for Microco...Amazon Web Services
Learning Objectives:
- Configure and download Amazon FreeRTOS on supported hardware to quickly develop a POC
- Deploy a connected product running Amazon FreeRTOS and connect to AWS cloud services
- Connect a device running Amazon FreeRTOS to a local AWS Greengrass Core device
SPEKE-ing of Content Protection & DRM (MAE302) - AWS re:Invent 2018Amazon Web Services
Encrypting high-value content has long been a challenge for media customers. The number of digital rights management (DRM) schemes, transcoding and packaging vendors, and packaging formats created hundreds of potential integration points, each requiring extensive engineering resources and time. The Secure Packager and Encoder Key Exchange (SPEKE) is a single, open REST API specification for authentication and key exchange between DRM platforms and encryptors (transcoders and packagers) that reduces the number of integration points and accelerates time-to-market for customers for on-premises, hybrid, and cloud video workflows. In this session, learn about the SPEKE API and the Content Protection Information Exchange (CPIX) format, and how SPEKE establishes secure key exchange using Amazon API Gateway, document encryption, IAM roles, and Signature Version 4 signing for live and file-based video workflows.
Enterprises require that their mission critical business applications such as Microsoft, SAP and Oracle are up and running 24x7. Whatever it is, the requirements are the same: Availability, security and flexibility are key. In this session we will walk through practical examples of how AWS customers operate heavily mission critical applications in the cloud. Through real world customer examples, you will learn how Enterprise deploy mission critical workloads in highly redundant manner as well as apply security controls which will provide you with increased visibility and control of your applications.
Optimizing Storage for Enterprise Workloads and Migrations (STG202) - AWS re:...Amazon Web Services
In this session, we focus on best practices for AWS block and file storage when supporting enterprise workloads (like SAP, Oracle, Microsoft applications, and home directories). We discuss migrating mission-critical workload data, selecting volumes or file systems, optimizing performance, and designing for durability and availability. We also review optimizing for cost to ensure that your lift-and-shift project is a success.
Module 5: AWS Elasticity and Management Tools
This module will cover:
Auto Scaling concepts
Elastic Load Balancing concepts
AWS Management tools including CloudWatch
Closing Remarks
Autonomous DevSecOps: Five Steps to a Self-Driving Cloud (ENT214-S) - AWS re:...Amazon Web Services
In this session, we outline the five levels of cloud operations automation, providing a clear path and maturity model for achieving security, compliance, and architecture best practices. Using real-world case studies from Fortune 100 enterprises, we demonstrate how secure AWS Landing Zones and policy-based, automated guardrails accelerate the safe migration and ongoing operation of hundreds of enterprise applications, putting your team on the road to DevSecOps maturity. This session is brought to you by AWS partner, Turbot HQ, Inc.
Media Processing Workflows at High Velocity and Scale using AI and ML - AWS O...Amazon Web Services
Learning Objectives:
- See how AI and ML in media processing can reduce time and costs while generating actionable insights
- Understand why and how to add orchestration to performance-sensitive media workflows
- See real customer examples of media processing workflows on AWS
Module 3: AWS Security
This module will cover how AWS approaches securing the cloud, along with the AWS Shared Responsibility Model, AWS Access Control and Management, AWS Security Compliance Programs, and resources available to aid you in better understanding AWS Cloud security options.
Building a Hybrid Cloud Architecture Utilizing AWS Landing ZonesTom Laszewski
Application modernization projects with AWS start with creating an AWS Landing Zone. Based on AWS best practices, AWS Landing Zones help ensure a secure, performant, highly available, and cost-efficient AWS environment. Common hybrid cloud use cases, such as cloud migration, data center extension, disaster recovery, cloud bursting, and edge computing, require data integration, operations management and monitoring, security, and networking as the foundational components of a hybrid cloud architecture. In this session, we dive deep on the networking, security, account management structure, operating management, and monitoring best practices to build your own AWS Landing Zone that can be extended into your data center. AWS partner, GreenPages, demonstrates a repeatable hybrid cloud architecture to secure, manage, and integrate your network across on-premises and multiple AWS regions using an AWS Landing Zone. AWS customer, Finch Therapeutics, then discusses how the company utilized the GreenPages hybrid cloud reference implementation to deploy, secure, and manage its hybrid cloud environment.
The Evolution of Identity and Access Management on AWS - AWS Online Tech TalksAmazon Web Services
Learning Objectives:
- Understand the identity and access management evolution
- Learn best practices for managing AWS root user credentials and Users, Groups, and Roles, especially as the number of users and AWS accounts grow
- Better understand identity federation by viewing two demos
In this session, Tim Wagner, general manager of AWS Lambda and API Gateway, explores how developers can design, develop, deliver, and monitor cloud applications as they take advantage of the AWS serverless platform and developer toolset. He shares technical insights that developers can use to optimize their workflows and their use of cloud resources, which, in turn, can improve security, scalability, and availability. He also discusses common serverless patterns used by enterprises, and he dives into the operational and security features used by large and mature organizations. You will also hear from a Principal Architect of T-Mobile who will discuss how T-Mobile is driving adoption of serverless within the company.
As serverless architectures become more popular, customers need a framework of patterns to help them identify how they can leverage AWS to deploy their workloads without managing servers or operating systems. This session describes reusable serverless patterns while considering costs. For each pattern, we provide operational and security best practices and discuss potential pitfalls and nuances. We will also discuss considerations for moving an existing server-based workload to a serverless architecture. The patterns use services like AWS Lambda, Amazon API Gateway, Amazon Kinesis Streams, Amazon Kinesis Analytics, Amazon DynamoDB, Amazon S3, AWS Step Functions, AWS Config, AWS X-Ray, and Amazon Athena. This session can help you recognize candidates for serverless architectures in your own organization and understand areas of potential savings and increased agility.
Introduction to the Security Perspective of the Cloud Adoption FrameworkAmazon Web Services
by Bill Reid, Sr Mgr, Solutions Architecture AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
by Michael Wasielewski, CISSP, CCSP, AWS
The Security Perspective of the AWS Cloud Adoption Framework (CAF) provides a framework for maturation via a structured program that incorporates best practices and processes to define, build, and optimize how you operate security controls in the AWS platform. The Security perspective of the CAF provides a set of 5 core foundational theme designed to help you structure your selection and implementation of controls that are right for your business: IAM, Detective Controls, Infrastructure Security, Data Protection, and Incident response. During this session, we address how to put the Security Perspective of the CAF into practice.
At AWS, security is job zero and we have architected our infrastructure for the most data-sensitive organizations in the world. In this session, we will cover our Shared Responsibility Model in relation to Security and our Compliance Program, and what that means for our customers when using our suite of storage services.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs. We will ensure you have an AWS account and understand EC2, prepare you to get set up on the AWS Command Line Interface (CLI) to access the AWS Management Console, introduce you to in source repositories, discuss SSH access and necessary SDKs, and more.
Introduction to the Security Perspective of the Cloud Adoption Framework (CAF)Amazon Web Services
by Steve Laino, GRC Consultant, AWS
The Security Perspective of the AWS Cloud Adoption Framework (CAF) provides a framework for maturation via a structured program that incorporates best practices and processes to define, build, and optimize how you operate security controls in the AWS Cloud. The Security Perspective of the CAF provides a set of five core foundational themes designed to help you structure your selection and implementation of controls that are right for your business: AWS Identity and Access Management, detective controls, infrastructure security, data protection, and incident response. During this session, you will learn how to put the Security Perspective of the CAF into practice.
At AWS, security is job zero and we have architected our infrastructure for the most data-sensitive organizations in the world. In this session, we will cover our Shared Responsibility Model in relation to Security and our Compliance Program, and what that means for our customers when using our suite of storage services.
Introduction to AWS Security: Security Week at the SF LoftAmazon Web Services
Introduction to AWS Security: Security Week at the San Francisco Loft
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Level: 100
Speaker: Bill Reid - Sr. Manager, Solutions Architecture, AWS
El sector de los servicios financieros atrae a algunas de las amenazas de seguridad de la información más hostiles y es una de las industrias más reguladas del mundo. AWS es consciente de estas obligaciones y ha colaborado con las organizaciones de servicios financieros más complejas con el fin de cumplir los requisitos de seguridad y conformidad en cada uno de los pasos de su viaje a la nube. La protección de sus datos es la mayor prioridad de AWS y nuestra infraestructura global está diseñada y administrada de acuerdo con las prácticas recomendadas de seguridad, así como varias normas de conformidad.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
La seguridad en la nube de AWS es la mayor prioridad. Como cliente de AWS, se beneficiará de una arquitectura de red y un centro de datos diseñados para satisfacer los requisitos de seguridad de las organizaciones más exigentes.
Una ventaja de la nube de AWS es que permite a los clientes escalar e innovar al mismo tiempo que garantizan la seguridad del entorno. Los clientes solo pagan por los servicios que usan, es decir, que puede gozar de la seguridad que necesite sin tener que realizar pagos iniciales y a un costo inferior que el de un entorno on-premise.
https://aws.amazon.com/es/security/
Introduction to the Security Perspective of the Cloud Adoption FrameworkAmazon Web Services
The Security Perspective of the AWS Cloud Adoption Framework (CAF) provides a framework for maturation via a structured program that incorporates best practices and processes to define, build, and optimize how you operate security controls in the AWS Cloud. The Security Perspective of the CAF provides a set of five core foundational themes designed to help you structure your selection and implementation of controls that are right for your business: AWS Identity and Access Management, detective controls, infrastructure security, data protection, and incident response. During this session, you will learn how to put the Security Perspective of the CAF into practice.
Speaker: Bill Reid - Sr. Manager, Solutions Architecture, AWS
by Brad Dispensa, Sr.SA–Security and Compliance
At AWS, security is job zero and we have architected our infrastructure for the most data-sensitive organizations in the world. In this session, we will cover our Shared Responsibility Model in relation to Security and our Compliance Program, and what that means for our customers when using our suite of storage services.
How Rent-A-Center Stays Secure and Compliant on AWS with Alert LogicAmazon Web Services
In this webinar, Alert Logic will talk about how you can protect your AWS workloads with their suite of security offerings in a matter of days instead of months, without having to hire additional staff. You’ll also learn how Rent-A-Center uses Alert Logic to comply with SOX and PCI, increase efficiency of security operations, and maintain a strong security posture on AWS.
Customers using AWS benefit from over 1,800 security and compliance controls built into the AWS platform and operations. In this session, you will learn how to take advantage of the advanced security features of the AWS platform to gain the visibility, agility, and control needed to be more secure in the cloud than in legacy environments. We'll take a look at several reference architectures for common workloads and highlight the innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the shared security responsibility model and how you can inherit controls from the rich compliance and accreditation programs maintained by AWS.
SID331_Architecting Security and Governance Across a Multi-Account StrategyAmazon Web Services
Whether it is per business unit or per application, many AWS customers use multiple accounts to meet their infrastructure isolation, separation of duties, and billing requirements. In this session, we discuss considerations, limitations, and security patterns when building out a multi-account strategy. We explore topics such as identity federation, cross-account roles, consolidated logging, and account governance. Thomson Reuters shared their journey and their approach to a multi-account strategy. At the end of the session, we present an enterprise-ready, multi-account architecture that you can start leveraging today.
We encourage you attend the full multi-account track:
SID331: Architecting Security and Governance Across a Multi-Account Strategy (Session)
SID335: Implementing Security and Governance Across a Multi-Account Strategy (Chalk Talk)
ENT324: Automating and Auditing Cloud Governance and Compliance in Multi-Account Environments (Session)
SID311: Designing Security and Governance Across a Multi-Account Strategy (Workshop)
SID308: Multi-Account Strategies (Chalk Talk)"
Living on the Edge, It’s Safer Than You Think! Building Strong with Amazon Cl...Amazon Web Services
Your application is exposed to a variety of threats from common distributed attacks to sophisticated zero-day vectors. Learn how to architect beyond the region and take advantage of the AWS Edge Network and upgrade your security posture with easy to deploy solutions that scale. At this session you will learn how to I ensure your application will withstand malicious threats and DDoS attacks, what role does architecture play in your security posture, and how professional services and partners like Flux7 can help.
Similar to Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018 (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.