In this session, learn how to address threat detection and remediation at AWS. We summarize the challenges of traditional threat-detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty. Be sure to also check out the corresponding Threat Detection chalk talk.
Take action on your security & compliance alerts with AWS Security Hub - SEC2...Amazon Web Services
In this session, learn about AWS Security Hub and how it gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. See how Security Hub aggregates, prioritizes, and helps you take action on your alerts from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions.
Join us for this hands-on workshop where we walk through some real-world threat scenarios and show you the AWS services involved with threat detection and remediation. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector, and of course, GuardDuty.
How Millennium Management achieves provable security with AWS Zelkova - FSV30...Amazon Web Services
Data exfiltration is a key concern for financial institutions, which often store personally identifiable information, payment card information, and proprietary methods or algorithms. Balancing security and agility in identity and access management (IAM) policies is critical. To achieve this balance, Millennium Management developed a security framework that integrates into CI/CD pipelines. This framework utilizes semantic reasoning, proprietary security evaluations, and AWS Zelkova to achieve provably secure IAM policies pre-deployment in a distributed, multi-account environment. Learn how Millennium combined Zelkova with services such as AWS Step Functions, AWS Lambda, and AWS CodePipeline—for rapid development while mitigating data exfiltration risk.
Monitoring with container insights & anomaly detection - SVC308 - New York AW...Amazon Web Services
Applications today are becoming more difficult to monitor. With the adoption of microservice architectures, customers are facing an explosion of components that generate more data from more devices, are updated more frequently, and exist for shorter periods of time. In this session, learn how AWS is enabling your journey from monitoring to observability so that you can ensure that you have full stack visibility. We do a deep dive into new features like Amazon CloudWatch container insights and Amazon CloudWatch anomaly detection that help improve the health and performance of your applications.
How to act on security and compliance alerts with AWS Security Hub - SEC202 -...Amazon Web Services
Learn about AWS Security Hub and how it gives you a comprehensive view of your high-priority security alerts and your compliance status across AWS accounts. See how Security Hub aggregates, prioritizes, and helps you act on your alerts from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as solutions from members of the AWS Partner Network.
Mythical Mysfits: Build & collaborate on a modern web application on AWS - MA...Amazon Web Services
In this workshop, learn how to deploy a fully functional web application on AWS. We show you how to use the AWS services that enable you to focus on writing code without needing to manage underlying infrastructure. We use service such as AWS Fargate, AWS Lambda, and Amazon DynamoDB to build and deploy a web application on AWS, connect the application to a backend database, and capture and analyze data on user behavior. To participate, you need a laptop (macOS or Windows), an AWS account with administrator-level access, and an active GitHub account.
Detecting and mitigating threats with AWS - SEC301 - Chicago AWS SummitAmazon Web Services
Rarely does a day go by that we’re not reminded about the importance of the security of our online assets. Bad actors are continuously probing and looking for ways to compromise organizations’ defenses to gain access to valuable data or cause disruptions. In this session, learn how to address threat detection and remediation with AWS. We summarize the challenges of traditional threat detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of the key AWS services that detect and remediate threats, such as Amazon GuardDuty.
Using automation to drive continuous-compliance best practices - SVC309 - Chi...Amazon Web Services
Northwestern Mutual’s technology teams maintain a complex compliance environment for a diverse set of developers working within more than 100 AWS accounts. To drive best practices and ensure continuous compliance, they designed an AWS-based architecture using services such as AWS Lambda, Amazon DynamoDB, Amazon Simple Queue Service (Amazon SQS), and Amazon CloudWatch to auto-remediate misconfigurations. In this session, we discuss how these services help Northwestern Mutual swiftly correct configurations and integrate with tools like Slack and Pagerduty to create logs, notify developers and account owners of changes, and track trends in remediation.
Take action on your security & compliance alerts with AWS Security Hub - SEC2...Amazon Web Services
In this session, learn about AWS Security Hub and how it gives you a comprehensive view of your high-priority security alerts and compliance status across AWS accounts. See how Security Hub aggregates, prioritizes, and helps you take action on your alerts from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as from AWS Partner solutions.
Join us for this hands-on workshop where we walk through some real-world threat scenarios and show you the AWS services involved with threat detection and remediation. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector, and of course, GuardDuty.
How Millennium Management achieves provable security with AWS Zelkova - FSV30...Amazon Web Services
Data exfiltration is a key concern for financial institutions, which often store personally identifiable information, payment card information, and proprietary methods or algorithms. Balancing security and agility in identity and access management (IAM) policies is critical. To achieve this balance, Millennium Management developed a security framework that integrates into CI/CD pipelines. This framework utilizes semantic reasoning, proprietary security evaluations, and AWS Zelkova to achieve provably secure IAM policies pre-deployment in a distributed, multi-account environment. Learn how Millennium combined Zelkova with services such as AWS Step Functions, AWS Lambda, and AWS CodePipeline—for rapid development while mitigating data exfiltration risk.
Monitoring with container insights & anomaly detection - SVC308 - New York AW...Amazon Web Services
Applications today are becoming more difficult to monitor. With the adoption of microservice architectures, customers are facing an explosion of components that generate more data from more devices, are updated more frequently, and exist for shorter periods of time. In this session, learn how AWS is enabling your journey from monitoring to observability so that you can ensure that you have full stack visibility. We do a deep dive into new features like Amazon CloudWatch container insights and Amazon CloudWatch anomaly detection that help improve the health and performance of your applications.
How to act on security and compliance alerts with AWS Security Hub - SEC202 -...Amazon Web Services
Learn about AWS Security Hub and how it gives you a comprehensive view of your high-priority security alerts and your compliance status across AWS accounts. See how Security Hub aggregates, prioritizes, and helps you act on your alerts from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as solutions from members of the AWS Partner Network.
Mythical Mysfits: Build & collaborate on a modern web application on AWS - MA...Amazon Web Services
In this workshop, learn how to deploy a fully functional web application on AWS. We show you how to use the AWS services that enable you to focus on writing code without needing to manage underlying infrastructure. We use service such as AWS Fargate, AWS Lambda, and Amazon DynamoDB to build and deploy a web application on AWS, connect the application to a backend database, and capture and analyze data on user behavior. To participate, you need a laptop (macOS or Windows), an AWS account with administrator-level access, and an active GitHub account.
Detecting and mitigating threats with AWS - SEC301 - Chicago AWS SummitAmazon Web Services
Rarely does a day go by that we’re not reminded about the importance of the security of our online assets. Bad actors are continuously probing and looking for ways to compromise organizations’ defenses to gain access to valuable data or cause disruptions. In this session, learn how to address threat detection and remediation with AWS. We summarize the challenges of traditional threat detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of the key AWS services that detect and remediate threats, such as Amazon GuardDuty.
Using automation to drive continuous-compliance best practices - SVC309 - Chi...Amazon Web Services
Northwestern Mutual’s technology teams maintain a complex compliance environment for a diverse set of developers working within more than 100 AWS accounts. To drive best practices and ensure continuous compliance, they designed an AWS-based architecture using services such as AWS Lambda, Amazon DynamoDB, Amazon Simple Queue Service (Amazon SQS), and Amazon CloudWatch to auto-remediate misconfigurations. In this session, we discuss how these services help Northwestern Mutual swiftly correct configurations and integrate with tools like Slack and Pagerduty to create logs, notify developers and account owners of changes, and track trends in remediation.
Fraud detection using machine learning with Amazon SageMaker - AIM306 - New Y...Amazon Web Services
Fraud is a serious problem that can cost businesses billions of dollars annually and damage customer trust. Machine learning (ML) can provide flexible approach to fraud detection. ML models do not use pre-defined rules to determine whether activity is fraudulent. Instead, they are trained to recognize fraud patterns in datasets, and the models are self-learning, which enables them to adapt to new, unknown fraud patterns. In this session, we dive deep into a solution that automates the detection of potentially fraudulent activity and flags that activity for review. We discuss the architecture of the solution using Amazon SageMaker and other AWS services to provide an easy-to-deploy, end-to-end solution for fraud detection.
Accelerate database development and testing with Amazon Aurora - ADB208 - New...Amazon Web Services
Build faster, more scalable database applications with Amazon Aurora, a MySQL- and PostgreSQL-compatible relational database built for the cloud. We cover Aurora Serverless, which automatically scales your database up and down to meet demand; Fast Database Cloning, which makes data instantly available for application development; Backtrack, which rolls back your database between test runs; and Performance Insights, which helps assess the load on your database and optimize your SQL queries.
Build sophisticated forecasting and recommendation models - AIM202 - New York...Amazon Web Services
Accurate forecasting and personalization create many opportunities. Amazon Forecast uses machine learning to give you forecasts that are up to 50% more accurate than forecasts from traditional methods. Amazon Personalize can create individualized recommendations for each of your customers. You don’t need machine learning to get started; both services use sophisticated techniques to analyze your data, select the right algorithm, and automatically train a custom model that’s specific to your use case. We discuss how AWS customers use these services. You can also learn how to get started using them in your organization.
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Amazon Web Services
In this chalk talk, we cover a number of AWS services involved with threat detection and mitigation, and we walk through some real-world threat scenarios. We discuss the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector and, of course, Amazon GuardDuty. Come with your questions on threat detection on AWS.
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...Amazon Web Services
Connecting low-power, microcontroller-based devices, such as appliances, smart meters, and industrial equipment, to the cloud enables data collection and analysis and remote updates to deployed devices. Often, these devices need to cost-effectively connect to a mobile device via Bluetooth Low Energy for provisioning, reading, and security, but this can be challenging. In this session, we dive deep into how the Amazon FreeRTOS microcontroller operating system makes it easy to program, deploy, secure, connect, and manage small, low-power edge devices. You learn how to authenticate microcontroller devices with iOS and Android devices and to monitor, manage, and update firmware using the over-the-air update functionality in AWS IoT Device Management.
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Amazon Web Services
For companies that employ DevOps practices to push applications faster into production through better collaboration and automated testing, security is often seen as an inhibitor to speed. The challenge for many organizations is getting applications delivered at a fast pace while embedding security at the speed of DevOps. In this session, you learn how AWS Marketplace products and customers help make DevSecOps a well-orchestrated methodology for ensuring the speed, stability, and security of your applications.
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Amazon Web Services
Building a CI/CD pipeline to automatically deliver your application into production provides great agility for a development team. However, to ensure safe deployments for your business and users, it’s important to use metrics and monitoring to automatically roll back when things go wrong. In this session, learn how to build a CI/CD pipeline that incorporates monitoring for automated rollback actions, and application tracing to help quickly determine what went wrong.
Continuous security monitoring and threat detection with AWS services - SEC20...Amazon Web Services
Join us for this chalk talk, where we discuss several AWS services involved with threat detection and remediation, including Amazon GuardDuty, Amazon Macie, and AWS Config. We walk you through real-world threat scenarios and answer your questions about how to approach threat detection on AWS. For each scenario, we review methods to remediate the threat using GuardDuty, Macie, and AWS Config, and other services, including AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, DNS logs, AWS Lambda, and Amazon Inspector.
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Amazon Web Services
"In this workshop, you learn how to deploy AWS WAF in front of your application, how to set up AWS WAF full logging for compliance and monitoring purposes, and how to increase your security posture by creating custom rules using Amazon Elasticsearch Service with Kibana. You also learn how to protect your application against bad bots, web scrapers, and scanners by configuring bad and benign bot signatures and then automating your AWS WAF rules by parsing AWS WAF full logs using an AWS Lambda function.
All attendees need a laptop, an active AWS Account, an AWS IAM Administrator, and a familiarity with core AWS services."
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Amazon Web Services
In this session, learn how AWS helps customers effectively manage and govern their infrastructure and resources, simplifying compliance and improving efficiency when completing operational tasks. Come hear Anik Mazumder, principal infrastructure architect at Intuit, speak about his company’s experience. We also share some of the latest innovation from AWS Config in this space, and we cover recent releases in AWS management and governance services.
Building system-of-record applications with Amazon QLDB - SVC218 - New York A...Amazon Web Services
Many organizations build system-of-record applications with ledger-like functionality because they want to maintain an accurate history of their application data. However, ledger applications are usually implemented using relational databases, making building audit functionality with relational databases time consuming, prone to human error, and requiring custom development. This led us to build the world’s first fully managed ledger database, Amazon Quantum Ledger Database (Amazon QLDB). Amazon QLDB is a new class of database that provides a transparent, immutable, and cryptographically verifiable transaction log. Come to this session to learn about the features and functionality of Amazon QLDB, and see a live demo.
Data protection using encryption in AWS - SEC201 - Santa Clara AWS SummitAmazon Web Services
Encryption is an essential tool for protecting data, and your key management practices provide the means to control access to sensitive and regulated information. In this session, we provide an overview of AWS Key Management Service (AWS KMS) and show you how it integrates with encryption capabilities across AWS. We describe how customers can use AWS KMS features to gain additional control over their keys and satisfy compliance requirements. Representatives from Slack join us to describe how the company used AWS KMS to give its customers increased control and visibility over the data that Slack protects on their behalf.
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...Amazon Web Services
The vast majority of Internet of Things (IoT) customers are connecting many pieces of equipment with multiple independent sensors. For these customers, detecting a critical operational event, such as when equipment variability reduces the quality of its output, can be challenging. In this session, you learn how AWS IoT Events makes it possible to easily and cost effectively detect system-wide events and respond with appropriate actions to drive results such as optimizing manufacturing efficiency or improving production quality.
Technology as a means for compliance - GRC206 - AWS re:Inforce 2019 Amazon Web Services
For regulated data types, such as personally identifiable information, customers often ask the same questions. This session addresses questions on topics that range from deletion of data to third-party assurance reports, and it connects you with the corresponding risk discussions and the applicable AWS technology or supporting language from AWS documentation. Learn how to speed up your risk assessment by equipping yourself with facts and knowledge that will help you make informed decisions about your AWS journey.
Unified monitoring of the container environment, containers, and applications...Amazon Web Services
With Amazon EKS, AWS Fargate, and Amazon ECS, AWS makes it easy to run containerized applications. However, a perfectly running containerized environment does not ensure a perfect user experience for your customers. In this session, we explore the interdependencies between container environment and the health of containers and applications. We examine how container health can jeopardize application health and how to identify noisy neighbors that might slow down your application’s response time and impact the user’s experience. We show you how to get full insight into your container environment, containers, and applications without touching a single line of application code. This presentation is brought to you by AWS partner, Dynatrace.
Network visibility into the traffic traversing your AWS infrastructure - SVC2...Amazon Web Services
Having visibility into the Amazon VPC infrastructure is a foundational element that any cloud administrator needs to maintain and operate an AWS infrastructure that is secure and functional. Visibility into your AWS infrastructure becomes increasingly important as it scales, because it gives you the ability to make key planning decisions and maintain security. This session is intended for anyone wanting to learn about network visibility on AWS, and it includes information about partners and real-life customer use cases. Come see how you, too, can gain insights into the network traffic that is traversing your AWS infrastructure.
Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...Amazon Web Services
From data that analyzed millions of resources across hundreds of customers, we’ve learned that human configuration errors that might expose your AWS resources have become increasingly common. The potential impact to security can be significant, and it’s critical for everyone to play their part in managing the risks. However, it’s important to first understand what risks need managing. In this session, we describe the five most common errors that we have distilled from our experience with customers, and we share how to best avoid these errors and their potential impact.
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Amazon Web Services
The move to AWS enables new application and architectural patterns that are in a continual state of change. The only way that your infrastructure, security, and operations can keep pace with these changes is with automation. In this session, we discuss the various automation tools that can be used to deploy AWS infrastructure (as code), add the VM-Series to help protect against threats (security as code), and then automatically update the policy based on Amazon GuardDuty or AWS Security Hub findings (operations as code). A brief demonstration concludes this session.
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
The move to AWS enables new application and architectural patterns that are in a continual state of change. The only way that your infrastructure, security, and operations can keep pace with these changes is with automation. In this session, we discuss the various automation tools you can use to first deploy the AWS infrastructure (as code), add the VM-Series to protect against threats (security as code), and then automatically update the policy based on Amazon GuardDuty or AWS Security Hub finding (operations as code). A brief demonstration concludes the session. This presentation is brought to you by AWS partner, Palo Alto Networks.
In this session, learn how to address threat detection and remediation at AWS. We summarize the challenges of traditional threat-detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty. Be sure to also check out the corresponding Threat Detection chalk talk.
Threat detection and mitigation at AWS - SEC301 - Santa Clara AWS SummitAmazon Web Services
In this session, learn how to address threat detection and remediation at AWS. We summarize the challenges of traditional threat detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of key AWS
Fraud detection using machine learning with Amazon SageMaker - AIM306 - New Y...Amazon Web Services
Fraud is a serious problem that can cost businesses billions of dollars annually and damage customer trust. Machine learning (ML) can provide flexible approach to fraud detection. ML models do not use pre-defined rules to determine whether activity is fraudulent. Instead, they are trained to recognize fraud patterns in datasets, and the models are self-learning, which enables them to adapt to new, unknown fraud patterns. In this session, we dive deep into a solution that automates the detection of potentially fraudulent activity and flags that activity for review. We discuss the architecture of the solution using Amazon SageMaker and other AWS services to provide an easy-to-deploy, end-to-end solution for fraud detection.
Accelerate database development and testing with Amazon Aurora - ADB208 - New...Amazon Web Services
Build faster, more scalable database applications with Amazon Aurora, a MySQL- and PostgreSQL-compatible relational database built for the cloud. We cover Aurora Serverless, which automatically scales your database up and down to meet demand; Fast Database Cloning, which makes data instantly available for application development; Backtrack, which rolls back your database between test runs; and Performance Insights, which helps assess the load on your database and optimize your SQL queries.
Build sophisticated forecasting and recommendation models - AIM202 - New York...Amazon Web Services
Accurate forecasting and personalization create many opportunities. Amazon Forecast uses machine learning to give you forecasts that are up to 50% more accurate than forecasts from traditional methods. Amazon Personalize can create individualized recommendations for each of your customers. You don’t need machine learning to get started; both services use sophisticated techniques to analyze your data, select the right algorithm, and automatically train a custom model that’s specific to your use case. We discuss how AWS customers use these services. You can also learn how to get started using them in your organization.
Find all the threats: AWS threat detection and mitigation - SEC302 - Santa Cl...Amazon Web Services
In this chalk talk, we cover a number of AWS services involved with threat detection and mitigation, and we walk through some real-world threat scenarios. We discuss the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector and, of course, Amazon GuardDuty. Come with your questions on threat detection on AWS.
Connecting low-power devices to the cloud with Amazon FreeRTOS BLE - SVC206 -...Amazon Web Services
Connecting low-power, microcontroller-based devices, such as appliances, smart meters, and industrial equipment, to the cloud enables data collection and analysis and remote updates to deployed devices. Often, these devices need to cost-effectively connect to a mobile device via Bluetooth Low Energy for provisioning, reading, and security, but this can be challenging. In this session, we dive deep into how the Amazon FreeRTOS microcontroller operating system makes it easy to program, deploy, secure, connect, and manage small, low-power edge devices. You learn how to authenticate microcontroller devices with iOS and Android devices and to monitor, manage, and update firmware using the over-the-air update functionality in AWS IoT Device Management.
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Amazon Web Services
For companies that employ DevOps practices to push applications faster into production through better collaboration and automated testing, security is often seen as an inhibitor to speed. The challenge for many organizations is getting applications delivered at a fast pace while embedding security at the speed of DevOps. In this session, you learn how AWS Marketplace products and customers help make DevSecOps a well-orchestrated methodology for ensuring the speed, stability, and security of your applications.
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Amazon Web Services
Building a CI/CD pipeline to automatically deliver your application into production provides great agility for a development team. However, to ensure safe deployments for your business and users, it’s important to use metrics and monitoring to automatically roll back when things go wrong. In this session, learn how to build a CI/CD pipeline that incorporates monitoring for automated rollback actions, and application tracing to help quickly determine what went wrong.
Continuous security monitoring and threat detection with AWS services - SEC20...Amazon Web Services
Join us for this chalk talk, where we discuss several AWS services involved with threat detection and remediation, including Amazon GuardDuty, Amazon Macie, and AWS Config. We walk you through real-world threat scenarios and answer your questions about how to approach threat detection on AWS. For each scenario, we review methods to remediate the threat using GuardDuty, Macie, and AWS Config, and other services, including AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, DNS logs, AWS Lambda, and Amazon Inspector.
Using AWS WAF to protect against bots and scrapers - SDD311 - AWS re:Inforce ...Amazon Web Services
"In this workshop, you learn how to deploy AWS WAF in front of your application, how to set up AWS WAF full logging for compliance and monitoring purposes, and how to increase your security posture by creating custom rules using Amazon Elasticsearch Service with Kibana. You also learn how to protect your application against bad bots, web scrapers, and scanners by configuring bad and benign bot signatures and then automating your AWS WAF rules by parsing AWS WAF full logs using an AWS Lambda function.
All attendees need a laptop, an active AWS Account, an AWS IAM Administrator, and a familiarity with core AWS services."
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Amazon Web Services
In this session, learn how AWS helps customers effectively manage and govern their infrastructure and resources, simplifying compliance and improving efficiency when completing operational tasks. Come hear Anik Mazumder, principal infrastructure architect at Intuit, speak about his company’s experience. We also share some of the latest innovation from AWS Config in this space, and we cover recent releases in AWS management and governance services.
Building system-of-record applications with Amazon QLDB - SVC218 - New York A...Amazon Web Services
Many organizations build system-of-record applications with ledger-like functionality because they want to maintain an accurate history of their application data. However, ledger applications are usually implemented using relational databases, making building audit functionality with relational databases time consuming, prone to human error, and requiring custom development. This led us to build the world’s first fully managed ledger database, Amazon Quantum Ledger Database (Amazon QLDB). Amazon QLDB is a new class of database that provides a transparent, immutable, and cryptographically verifiable transaction log. Come to this session to learn about the features and functionality of Amazon QLDB, and see a live demo.
Data protection using encryption in AWS - SEC201 - Santa Clara AWS SummitAmazon Web Services
Encryption is an essential tool for protecting data, and your key management practices provide the means to control access to sensitive and regulated information. In this session, we provide an overview of AWS Key Management Service (AWS KMS) and show you how it integrates with encryption capabilities across AWS. We describe how customers can use AWS KMS features to gain additional control over their keys and satisfy compliance requirements. Representatives from Slack join us to describe how the company used AWS KMS to give its customers increased control and visibility over the data that Slack protects on their behalf.
Detecting and responding to critical events with AWS IoT Events - SVC205 - Ch...Amazon Web Services
The vast majority of Internet of Things (IoT) customers are connecting many pieces of equipment with multiple independent sensors. For these customers, detecting a critical operational event, such as when equipment variability reduces the quality of its output, can be challenging. In this session, you learn how AWS IoT Events makes it possible to easily and cost effectively detect system-wide events and respond with appropriate actions to drive results such as optimizing manufacturing efficiency or improving production quality.
Technology as a means for compliance - GRC206 - AWS re:Inforce 2019 Amazon Web Services
For regulated data types, such as personally identifiable information, customers often ask the same questions. This session addresses questions on topics that range from deletion of data to third-party assurance reports, and it connects you with the corresponding risk discussions and the applicable AWS technology or supporting language from AWS documentation. Learn how to speed up your risk assessment by equipping yourself with facts and knowledge that will help you make informed decisions about your AWS journey.
Unified monitoring of the container environment, containers, and applications...Amazon Web Services
With Amazon EKS, AWS Fargate, and Amazon ECS, AWS makes it easy to run containerized applications. However, a perfectly running containerized environment does not ensure a perfect user experience for your customers. In this session, we explore the interdependencies between container environment and the health of containers and applications. We examine how container health can jeopardize application health and how to identify noisy neighbors that might slow down your application’s response time and impact the user’s experience. We show you how to get full insight into your container environment, containers, and applications without touching a single line of application code. This presentation is brought to you by AWS partner, Dynatrace.
Network visibility into the traffic traversing your AWS infrastructure - SVC2...Amazon Web Services
Having visibility into the Amazon VPC infrastructure is a foundational element that any cloud administrator needs to maintain and operate an AWS infrastructure that is secure and functional. Visibility into your AWS infrastructure becomes increasingly important as it scales, because it gives you the ability to make key planning decisions and maintain security. This session is intended for anyone wanting to learn about network visibility on AWS, and it includes information about partners and real-life customer use cases. Come see how you, too, can gain insights into the network traffic that is traversing your AWS infrastructure.
Top five security errors and how to avoid them - DEM09 - Santa Clara AWS Summ...Amazon Web Services
From data that analyzed millions of resources across hundreds of customers, we’ve learned that human configuration errors that might expose your AWS resources have become increasingly common. The potential impact to security can be significant, and it’s critical for everyone to play their part in managing the risks. However, it’s important to first understand what risks need managing. In this session, we describe the five most common errors that we have distilled from our experience with customers, and we share how to best avoid these errors and their potential impact.
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Amazon Web Services
The move to AWS enables new application and architectural patterns that are in a continual state of change. The only way that your infrastructure, security, and operations can keep pace with these changes is with automation. In this session, we discuss the various automation tools that can be used to deploy AWS infrastructure (as code), add the VM-Series to help protect against threats (security as code), and then automatically update the policy based on Amazon GuardDuty or AWS Security Hub findings (operations as code). A brief demonstration concludes this session.
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
The move to AWS enables new application and architectural patterns that are in a continual state of change. The only way that your infrastructure, security, and operations can keep pace with these changes is with automation. In this session, we discuss the various automation tools you can use to first deploy the AWS infrastructure (as code), add the VM-Series to protect against threats (security as code), and then automatically update the policy based on Amazon GuardDuty or AWS Security Hub finding (operations as code). A brief demonstration concludes the session. This presentation is brought to you by AWS partner, Palo Alto Networks.
In this session, learn how to address threat detection and remediation at AWS. We summarize the challenges of traditional threat-detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of key AWS services that detect and remediate threats, such as Amazon GuardDuty. Be sure to also check out the corresponding Threat Detection chalk talk.
Threat detection and mitigation at AWS - SEC301 - Santa Clara AWS SummitAmazon Web Services
In this session, learn how to address threat detection and remediation at AWS. We summarize the challenges of traditional threat detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of key AWS
AWS Summit Milano 2019 - Sicurezza in AWS automazione e best practice - Antonio Duma, Solutions Architect, AWS | Carmela Gambardella, Solutions Architect AWS
La sicurezza nel cloud, per AWS, è una priorità. I clienti che scelgono di utilizzare i servizi AWS traggono vantaggio da un'architettura di data center e di rete progettata per soddisfare i requisiti delle organizzazioni più esigenti a livello di sicurezza.Durante questa sessione vedremo quali sono gli strumenti che AWS mette a disposizione dei propri clienti per rendere le proprie applicazioni e i propri dati sicuri.
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...Amazon Web Services
In this session you will learn how to align your AWS environment to industry standard best practices for security. This session covers AWS' prescriptive recommendations for securing cloud workloads, including the the Well-Architected Framework for Security. In addition, see how AWS Security Hub simplifies the task of measuring the security of your workloads.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
Continuous security monitoring and threat detection with AWS services - SEC20...Amazon Web Services
With the volume of business conducted online increasing at an exponential rate, the need for constant diligence in data security is more important than ever. In this chalk talk, we explore several AWS services involved with threat detection and remediation. We walk through some real-world scenarios; examine the threat-detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options; and answer your questions about threat detection on AWS. For each scenario, we review threat remediation using GuardDuty, Macie, AWS Config, as well as AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, DNS logs, AWS Lambda, and Amazon Inspector.
Lock it Down: How to Secure your AWS Account and your Organization's AccountsAmazon Web Services
The cloud enables users to run workloads in a more secure fashion than what typically can be done in a traditional data-center. However, customers are still not sure how to actually harden their AWS accounts and resources and make sure compliance is being enforced. When large customers have multiple accounts, ensuring consistency around governance can also be of concern. In this session, we will review how to use automation, tools, and techniques to harden and audit your AWS account and also how to leverage AWS Organizations to ensure compliance in your enterprise.
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
Find all the threats - AWS threat detection and remediation - SEC202 - Atlant...Amazon Web Services
In this chalk talk, where we discuss a number of AWS services involved with threat detection and remediation. We walk through some real-world threat scenarios and provide recommendations on how to approach threat detection on AWS. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC Flow Logs, Amazon CloudWatch Events, Amazon SNS, Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector, and, of course, GuardDuty.
Lean and clean SecOps using AWS native services cloud - SDD301 - AWS re:Infor...Amazon Web Services
"Cloud first" and "cloud native" are the new mindsets for many IT & business teams operating on AWS. In this new world, security functions need to scale for rapidly growing AWS accounts and VPCs in the organization. In this session, we show you how to build a world-class security operations organization with the same "cloud native" mindset using AWS tools. By the end of this session, you will understand how to run a lean and clean SecOps center for a fast-paced organization. The key objective of this session is to transform the security team from "no” to everything, to "know” everything. By knowing everything, you will sleep better.
Most organizations are great at securing their network, operating system, databases, and applications. However, even for those organizations that have been in the cloud for a few years, many are still learning how to set up the proper mechanisms to identify, protect, detect, respond and recover at the AWS layer. We will explore services like AWS Identity and AWS Access and Identity Management (IAM), AWS Key Management Service (KMS), Amazon Simple Storage Service (S3), Amazon Virtual Private Cloud (VPC), Amazon CloudWatch Logs, and Amazon GuardDuty.
AWS SSA Webinar 11 - Getting started on AWS: SecurityCobus Bernard
In this session, we will take a deeper look at the security services and features available on AWS. We will look at how Identity and Access Management (IAM) works by covering IAM users, policies, roles, groups. We will also look at AWS Security groups and how they are applied to the different infrastructure components, e.g. Amazon EC2 instances, Load Balancers, Databases (via Amazon RDS). Lastly, we will take a quick look at Amazon Certificate Manager for SSL certificates and mention additional services like Amazon Detective, GuardDuty, Macie, WAF.
by Bill Reid, Sr. Manager of Solutions Architecture, AWS
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs.
An Active Case Study on Insider Threat Detection in your ApplicationsAmazon Web Services
by Nathan Case, Sr. Consultant, AWS
Insider Threat detection! Working on active systems! How can you find a threat in a current, and realistic production environment. Just like yours. Different ways to find signals in the noise. Bring your questions and logs to discuss.
Cloud security at AWS is the highest priority. As an AWS customer, you will benefit from a data center and network architecture built to meet the requirements of the most security-sensitive organizations. In this session you'll learn how to keep your data safe and meet compliance requirements, being able to scale quickly and save money.
Discover what the PROTECTED certification means for your organisation and how the status can help you build applications on Amazon Web Services (AWS) that meet the Australian government’s security requirements for highly sensitive workloads.
This session will review how to secure your enterprise adoption of AWS at scale. At AWS security is job zero and at the heart of everything we build. This session will review the patterns of usage for AWS Identity and Access Management, AWS Key Management Service, AWS CloudTrail, AWS Config, Amazon GuardDuty AWS Systems Manager Parameter Store, Amazon EC2 Run Command, AWS Single Sign-On, AWS WAF, AWS Shield, and AWS Service Catalog to an create end-to-end security approach for your AWS cloud adoption. You will gain insight how these AWS services come together to increase your security posture in ways that are unique to AWS workloads.
Join us for this hands-on workshop where you will learn about a number of AWS services you can use to identify and respond to threats in your AWS environments. Learn about the capabilities of Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub as you walk through real-world threat scenarios. For each scenario, we will review methods to detect and respond to threats both manually and automated using services like Amazon CloudWatch Events and AWS Lambda.
Similar to Threat detection and mitigation at AWS - SEC201 - New York AWS Summit (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.