Manage access to AWS centrally for Azure AD users with AWS Single Sign-on
New services and features were announced to help improve security, identity, and compliance controls in AWS. These include AWS Single Sign-On support for Azure AD, enhanced security between AWS applications and on-premises Active Directory using AWS Managed Microsoft AD, and new integrations for AWS Security Hub.
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...Amazon Web Services
As a leader in its industry, Legendary Entertainment is transforming into a digital business with an aggressive strategy for cloud adoption. In this session, hear from Legendary CISO Dan Meacham and McAfee VP of Cloud Engineering Slawomir Ligier as they discuss how security accelerated that transformation. Topics include Legendary’s primary focus areas for security on AWS, creating a hybrid cloud security platform, gaining visibility into workloads, preventing lateral threat movement and attacks, and building a successful DevOps workflow that integrates security.
Account automation and temporary AWS credential service - GRC328 - AWS re:Inf...Amazon Web Services
Riot Games struggled with providing new AWS accounts and API access that met its security requirements, so it built an account provisioning service to ensure that all accounts are created consistently with the required security controls. Riot also built a credential service where developers can grab temporary API keys with one command. This works wherever the developers work, and the credentials automatically expire each day. Riot now provisions new accounts with security guardrails within an hour, and the number of permanent AWS API keys is reduced by 70 percent. Learn how to build similar services using AWS Organizations, AWS Step Functions, AWS Lambda, Amazon CloudFront, and Amazon API Gateway.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Level: 100
Speaker: Don Edwards - Sr. Technical Delivery Manager, AWS
AWS supports logging in with Federated Access, using SAML or integration with Active Directory. This is integrated with user Roles in AWS which provide the permissions to access various services. in this session we will explain the options for authentication. we will cover basic access control concepts and in addition we will use AWS Systems Manager to talk about how you can also facilitate secured access to your Instances.
AWS Services: IAM, AWS SSO, Managed Active Directory, AWS Systems Manager (With Demo)
Foundations - Understanding the Critical Building Blocks of AWS Identity & Go...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop. Level 200
Security by design examines a wide range of issues, such as: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. This standardized, automated, prescriptive and repeatable design can be deployed for common use cases, security standards and audit requirements across multiple industries and workloads.
by Brad Dispensa, Sr. Solutions Architect, AWS
Navigating the various requirements of the GDPR can be complicated. In this session we will mainly focus on Article 32, Security of processing and specifically 32b "the ability to ensure the ongoing confidentiality, integrity, availability and resillience of processing system and services". We will look at various AWS services and other tools to see how security automation helps you implement solutions in regards to Article 32.
This session is focused on diving into the AWS IAM policy categories to understand the differences, learn how the policy evaluation logic works, and go over some best practices. We will then walk through how to use permission boundaries to truly delegate administration in AWS.
Driven by security: Legendary Entertainment’s high-velocity cloud transformat...Amazon Web Services
As a leader in its industry, Legendary Entertainment is transforming into a digital business with an aggressive strategy for cloud adoption. In this session, hear from Legendary CISO Dan Meacham and McAfee VP of Cloud Engineering Slawomir Ligier as they discuss how security accelerated that transformation. Topics include Legendary’s primary focus areas for security on AWS, creating a hybrid cloud security platform, gaining visibility into workloads, preventing lateral threat movement and attacks, and building a successful DevOps workflow that integrates security.
Account automation and temporary AWS credential service - GRC328 - AWS re:Inf...Amazon Web Services
Riot Games struggled with providing new AWS accounts and API access that met its security requirements, so it built an account provisioning service to ensure that all accounts are created consistently with the required security controls. Riot also built a credential service where developers can grab temporary API keys with one command. This works wherever the developers work, and the credentials automatically expire each day. Riot now provisions new accounts with security guardrails within an hour, and the number of permanent AWS API keys is reduced by 70 percent. Learn how to build similar services using AWS Organizations, AWS Step Functions, AWS Lambda, Amazon CloudFront, and Amazon API Gateway.
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Level: 100
Speaker: Don Edwards - Sr. Technical Delivery Manager, AWS
AWS supports logging in with Federated Access, using SAML or integration with Active Directory. This is integrated with user Roles in AWS which provide the permissions to access various services. in this session we will explain the options for authentication. we will cover basic access control concepts and in addition we will use AWS Systems Manager to talk about how you can also facilitate secured access to your Instances.
AWS Services: IAM, AWS SSO, Managed Active Directory, AWS Systems Manager (With Demo)
Foundations - Understanding the Critical Building Blocks of AWS Identity & Go...Amazon Web Services
by Fritz Kunstler, Sr. AWS Security Consultant, AWS
In AWS, identity comes first. Before you can provision buckets, instances, VPCs, or any other infrastructure, you have to have an identity to authenticate and authorize those API calls. In this session, we'll rapidly immerse you in the fundamental primitives, mental models, and implementation patterns of the core AWS identity services such as AWS Identity & Access Management and AWS Organizations. With this knowledge in hand you'll be able to confidently construct a solid identity foundation for your workloads to sit atop. Level 200
Security by design examines a wide range of issues, such as: control responsibilities; the automation of security baselines; the configuration of security; and the auditing of controls for AWS customer infrastructure, operating systems, services and applications. This standardized, automated, prescriptive and repeatable design can be deployed for common use cases, security standards and audit requirements across multiple industries and workloads.
by Brad Dispensa, Sr. Solutions Architect, AWS
Navigating the various requirements of the GDPR can be complicated. In this session we will mainly focus on Article 32, Security of processing and specifically 32b "the ability to ensure the ongoing confidentiality, integrity, availability and resillience of processing system and services". We will look at various AWS services and other tools to see how security automation helps you implement solutions in regards to Article 32.
This session is focused on diving into the AWS IAM policy categories to understand the differences, learn how the policy evaluation logic works, and go over some best practices. We will then walk through how to use permission boundaries to truly delegate administration in AWS.
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Amazon Web Services
"This workshop provides the opportunity for you get familiar with AWS security services and learn how to use them to identify and remediate threats in your environment. Learn how to use Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub to investigate threats during and after an attack, set up a notification and response pipeline, and add additional protections to improve your environment’s security posture.
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019 Amazon Web Services
In agile and elastic environments, having real-time visibility into instances and ensuring that they are secure and compliant is critical. Solutions must work with your DevOps tools to provide visibility without slowing down your release cadence. In this session, Qualys shares how you can implement an AWS golden AMI pipeline that is integrated with Qualys to assess your AMIs and monitor the instances for changes in production. Learn how Ancestry uses Qualys in its CI/CD pipeline to secure its applications and track-approved AMIs. Using Qualys, Ancestry was able to reduce the vulnerabilities in its application deployments by 80 percent in a few months.
Why cloud hacks will keep happening? Unless you learn AWS IAM - you run the risk of running AWS resources insecurely!
You can learn Learn How To Avoid Any Costly Security Breaches Which Can Affect Your Business In As Little As In 3 Hours Or Less" in this course Aws IAM the-cloud-engineer-secure-cloud-handbook "90% OFF" here - http://rite.ly/wTKL
About
Website: https://courses.tetranoodle.com/
Facebook: https://www.facebook.com/tetranoodletech
Twitter: https://twitter.com/TETRANOODLE
Linkedin: https://www.linkedin.com/company/tetranoodle/
YouTube: https://www.youtube.com/channel/UCAiIK20nDamhq70NMnLG8wA
Instagram: https://www.instagram.com/tetranoodle/
Udemy: https://www.udemy.com/user/manujaggarwal
AWS Security Webinar: The Key to Effective Cloud EncryptionAmazon Web Services
It’s essential to protect your private data at all times, especially when you don’t control all the hardware and software components with access to that information. Encryption is a powerful way for organisations to maintain an appropriate level of data confidentiality and integrity.
AWS offers many options for using encryption to protect your data in transit and at rest. A variety of features let you determine how much control you want over your encryption keys to achieve the right level of security. Join this two-hour deep dive webinar to learn which AWS encryption features are available, when to use them, and how to integrate them in your workloads.
by Bill Reid, Leader, North American Solutions Architects
Security and Compliance Specialists AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...Amazon Web Services
by Quint Van Deman, Sr. Business Development Manager, AWS
Across the AWS customer base there's a wide spectrum of experience levels. In this session, we'll dive deep into a number of advanced patterns that some of our most advanced customers are using to make themselves successful. By equipping you with these deep learnings, you'll be able to raise the bar within your organization, allowing you to achieve greater levels of control, speed, and visibility at a greatly accelerated pace. Level 400
AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...Brian Andrzejewski
AWS CloudTrail helps you discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. In this session, you learn about the AWS CloudTrail service and its value for security operations. The session dives deep into sources of data enrichment and reviews how to leverage AWS CloudTrail as part of your security operations and incident response procedures.
YouTube: https://www.youtube.com/watch?v=Tr78kq-Oa70
This workshop is an introduction to security-related services on AWS. We will discuss security services on AWS and also walk through how to import third-party security solutions from the AWS marketplace. This Workshop will include a demo and some customer case studies.
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
Slack stores lots of customer data, and it’s essential that it’s protected. Some customers need tight control over their keys, so Slack worked with AWS KMS to enable customers to revoke data access independently. With Slack’s Enterprise Key Management (EKM) capability, customers control master keys that unlock access to their data from KMS accounts. Using precise, granular KMS access controls, customers allow or deny access to individual channels, workspaces, or Slack channels and audit keys in AWS CloudTrail logs. This session covers KMS and how Slack used KMS to build the EKM capability. Learn how KMS can help you give your customers control over their data.
by Quint Van Deman, Sr. Business Development Manager, AWS
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. Amazon Cognito scales to millions of users and supports sign-in.
by Brad Dispensa, Sr. Solutions Architect, AWS
Operating a security practice on AWS brings many new challenges that haven't been faced in data center environments. The dynamic nature of infrastructure, the relationship between development team members and their applications, and the architecture paradigms have all changed as a result of building software on top of AWS. In this session we will cover how you can use secure configuration and automation to monitor, audit, and enforce your security policies within an AWS environment. Level 200
DevSecOps is the premise that everyone in the software development lifecycle is responsible for security. DevSecOps aims to embed security in every part of the development process. In this *workshop*, participants explore taking a standard CI/CD pipeline and adding security stages to improve security posture. Learn how to use AWS CodeCommit and AWS CodePipeline to build and publish golden AMI images. Also, learn how to modify pipeline flow to add security test cases. You also have to opportunity to perform CVE analysis and code analysis using Amazon Inspector and perform observational container analysis using Amazon GuardDuty.
For more training on AWS, visit: https://www.qa.com/amazon
AWS Pop-up Loft | London - Introduction to AWS Security by Ian Massingham, Chief Evangelist EMEA, 19 April 2016
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops.
Speaker: Bill Reid - Sr Mgr, Solutions Architecture, AWS
La sicurezza nel cloud, per AWS, è una priorità. I clienti che scelgono di utilizzare i servizi AWS traggono vantaggio da un'architettura di data center e di rete progettata per soddisfare i requisiti delle organizzazioni più esigenti a livello di sicurezza.Durante questa sessione vedremo quali sono gli strumenti che AWS mette a disposizione dei propri clienti per rendere le proprie applicazioni e i propri dati sicuri.
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
Identity and Access Management (IAM) is first step towards AWS cloud adoption because in the cloud, first you grant access and only then can you provision infrastructure (the opposite approach of on-premises). In this session, you will learn how to define fine-grained access to AWS resources via users, roles, and groups; design privileged user and multi-factor authentication mechanisms; and operate IAM at scale.
Level: 100
Speaker: Don Edwards - Sr. Technical Delivery Manager, AWS
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
Amazon GuardDuty is a threat detection system that is reimagined and purpose-built for the cloud. Once enabled, GuardDuty immediately starts analyzing continuous streams of account and network activity in near real-time and at scale. You do not have to deploy or manage any additional security software, sensors, or network appliances. Threat intelligence is pre-integrated into the service and is continuously updated and maintained. This session introduces you to GuardDuty, walks you through the detection of an event, and discusses the various ways you can react and remediate.
How You Can Use AWS Identity Services to Be Successful on Your AWS Cloud JourneyAmazon Web Services
by Ron Cully, Manager, Product Management, AWS
Every journey to the AWS Cloud is unique. Some customers are migrating existing applications, while others are building new applications using cloud-native services. Along each of these journeys, identity and access management helps customers protect their applications and resources. In this session, you will learn how AWS’ Identity Services provide you a secure, flexible, and easy solution for managing identities and access on the AWS Cloud. With AWS’ Identity Services, you do not have to adapt to AWS. Instead, you have a choice of services designed to meet you anywhere along your journey to the AWS Cloud.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Amazon Web Services
"This workshop provides the opportunity for you get familiar with AWS security services and learn how to use them to identify and remediate threats in your environment. Learn how to use Amazon GuardDuty, Amazon Macie, Amazon Inspector, and AWS Security Hub to investigate threats during and after an attack, set up a notification and response pipeline, and add additional protections to improve your environment’s security posture.
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019 Amazon Web Services
In agile and elastic environments, having real-time visibility into instances and ensuring that they are secure and compliant is critical. Solutions must work with your DevOps tools to provide visibility without slowing down your release cadence. In this session, Qualys shares how you can implement an AWS golden AMI pipeline that is integrated with Qualys to assess your AMIs and monitor the instances for changes in production. Learn how Ancestry uses Qualys in its CI/CD pipeline to secure its applications and track-approved AMIs. Using Qualys, Ancestry was able to reduce the vulnerabilities in its application deployments by 80 percent in a few months.
Why cloud hacks will keep happening? Unless you learn AWS IAM - you run the risk of running AWS resources insecurely!
You can learn Learn How To Avoid Any Costly Security Breaches Which Can Affect Your Business In As Little As In 3 Hours Or Less" in this course Aws IAM the-cloud-engineer-secure-cloud-handbook "90% OFF" here - http://rite.ly/wTKL
About
Website: https://courses.tetranoodle.com/
Facebook: https://www.facebook.com/tetranoodletech
Twitter: https://twitter.com/TETRANOODLE
Linkedin: https://www.linkedin.com/company/tetranoodle/
YouTube: https://www.youtube.com/channel/UCAiIK20nDamhq70NMnLG8wA
Instagram: https://www.instagram.com/tetranoodle/
Udemy: https://www.udemy.com/user/manujaggarwal
AWS Security Webinar: The Key to Effective Cloud EncryptionAmazon Web Services
It’s essential to protect your private data at all times, especially when you don’t control all the hardware and software components with access to that information. Encryption is a powerful way for organisations to maintain an appropriate level of data confidentiality and integrity.
AWS offers many options for using encryption to protect your data in transit and at rest. A variety of features let you determine how much control you want over your encryption keys to achieve the right level of security. Join this two-hour deep dive webinar to learn which AWS encryption features are available, when to use them, and how to integrate them in your workloads.
by Bill Reid, Leader, North American Solutions Architects
Security and Compliance Specialists AWS
Join us for four days of security and compliance sessions and hands-on labs led by our AWS security pros during AWS Security Week at the San Francisco Loft. Join us for all four days, or pick just the days that are most relevant to you. We'll open on Monday with Security 101 day, followed by sessions Tuesday on Identity and Access Management, our popular Threat Detection and Remediation day Wednesday will feature an updated GuardDuty lab, and we'll end Thursday with Incident Response sessions, labs, and a talk by Netflix on their new open source IR tool. This week will also feature Dome9 as a sponsor, and you can hear them speak and present a hands-on workshop Monday during Security 101 day.
The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...Amazon Web Services
by Quint Van Deman, Sr. Business Development Manager, AWS
Across the AWS customer base there's a wide spectrum of experience levels. In this session, we'll dive deep into a number of advanced patterns that some of our most advanced customers are using to make themselves successful. By equipping you with these deep learnings, you'll be able to raise the bar within your organization, allowing you to achieve greater levels of control, speed, and visibility at a greatly accelerated pace. Level 400
AWS ReInvent 2020: SEC313 - A security operator’s guide to practical AWS Clou...Brian Andrzejewski
AWS CloudTrail helps you discover and troubleshoot security and operational issues by capturing a comprehensive history of changes that occurred in your AWS account within a specified period of time. In this session, you learn about the AWS CloudTrail service and its value for security operations. The session dives deep into sources of data enrichment and reviews how to leverage AWS CloudTrail as part of your security operations and incident response procedures.
YouTube: https://www.youtube.com/watch?v=Tr78kq-Oa70
This workshop is an introduction to security-related services on AWS. We will discuss security services on AWS and also walk through how to import third-party security solutions from the AWS marketplace. This Workshop will include a demo and some customer case studies.
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
Slack stores lots of customer data, and it’s essential that it’s protected. Some customers need tight control over their keys, so Slack worked with AWS KMS to enable customers to revoke data access independently. With Slack’s Enterprise Key Management (EKM) capability, customers control master keys that unlock access to their data from KMS accounts. Using precise, granular KMS access controls, customers allow or deny access to individual channels, workspaces, or Slack channels and audit keys in AWS CloudTrail logs. This session covers KMS and how Slack used KMS to build the EKM capability. Learn how KMS can help you give your customers control over their data.
by Quint Van Deman, Sr. Business Development Manager, AWS
Amazon Cognito lets you add user sign-up, sign-in, and access control to your web and mobile apps quickly and easily. Amazon Cognito scales to millions of users and supports sign-in.
by Brad Dispensa, Sr. Solutions Architect, AWS
Operating a security practice on AWS brings many new challenges that haven't been faced in data center environments. The dynamic nature of infrastructure, the relationship between development team members and their applications, and the architecture paradigms have all changed as a result of building software on top of AWS. In this session we will cover how you can use secure configuration and automation to monitor, audit, and enforce your security policies within an AWS environment. Level 200
DevSecOps is the premise that everyone in the software development lifecycle is responsible for security. DevSecOps aims to embed security in every part of the development process. In this *workshop*, participants explore taking a standard CI/CD pipeline and adding security stages to improve security posture. Learn how to use AWS CodeCommit and AWS CodePipeline to build and publish golden AMI images. Also, learn how to modify pipeline flow to add security test cases. You also have to opportunity to perform CVE analysis and code analysis using Amazon Inspector and perform observational container analysis using Amazon GuardDuty.
For more training on AWS, visit: https://www.qa.com/amazon
AWS Pop-up Loft | London - Introduction to AWS Security by Ian Massingham, Chief Evangelist EMEA, 19 April 2016
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops.
Speaker: Bill Reid - Sr Mgr, Solutions Architecture, AWS
La sicurezza nel cloud, per AWS, è una priorità. I clienti che scelgono di utilizzare i servizi AWS traggono vantaggio da un'architettura di data center e di rete progettata per soddisfare i requisiti delle organizzazioni più esigenti a livello di sicurezza.Durante questa sessione vedremo quali sono gli strumenti che AWS mette a disposizione dei propri clienti per rendere le proprie applicazioni e i propri dati sicuri.
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
Identity and Access Management (IAM) is first step towards AWS cloud adoption because in the cloud, first you grant access and only then can you provision infrastructure (the opposite approach of on-premises). In this session, you will learn how to define fine-grained access to AWS resources via users, roles, and groups; design privileged user and multi-factor authentication mechanisms; and operate IAM at scale.
Level: 100
Speaker: Don Edwards - Sr. Technical Delivery Manager, AWS
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
Amazon GuardDuty is a threat detection system that is reimagined and purpose-built for the cloud. Once enabled, GuardDuty immediately starts analyzing continuous streams of account and network activity in near real-time and at scale. You do not have to deploy or manage any additional security software, sensors, or network appliances. Threat intelligence is pre-integrated into the service and is continuously updated and maintained. This session introduces you to GuardDuty, walks you through the detection of an event, and discusses the various ways you can react and remediate.
How You Can Use AWS Identity Services to Be Successful on Your AWS Cloud JourneyAmazon Web Services
by Ron Cully, Manager, Product Management, AWS
Every journey to the AWS Cloud is unique. Some customers are migrating existing applications, while others are building new applications using cloud-native services. Along each of these journeys, identity and access management helps customers protect their applications and resources. In this session, you will learn how AWS’ Identity Services provide you a secure, flexible, and easy solution for managing identities and access on the AWS Cloud. With AWS’ Identity Services, you do not have to adapt to AWS. Instead, you have a choice of services designed to meet you anywhere along your journey to the AWS Cloud.
In this webinar, you'll learn about the foundational security blocks and how to start using them effectively to create robust and secure architectures. Discover how Identity and Access management is done and how it integrates with other AWS services. In addition, learn how to improve governance by using AWS Security Hub, AWS Config and CloudTrail to gain unprecedented visibility of activity in the account. Subsequently use AWS Config rules to rectify configuration issues quickly and effectively.
Iolaire Mckinnon, Senior Consultant, Security, Risk & Compliance, AWS
A Deep Dive into the best practice guidelines for securing your workloads in AWS cloud.
In this webinar, you'll learn how to create security workspaces for multiple teams through your AWS account. Discover how IAM works and find out how it integrates with AWS services. In addition, learn how AWS Config rules and AWS Cloud Trial can help you identify and rectify misconfiguration issues quickly and effectively.
Best practices for choosing identity solutions for applications + workloads -...Amazon Web Services
Identity requirements for consumer-facing applications differ significantly from those for workforce applications and cloud resources. Learn the best practices for choosing the right identity platform on AWS for your consumer-facing applications and for centrally managing access to all your business applications and AWS resources. Come learn about the proper use cases for implementing single sign-on (SSO) and Amazon Cognito, security best practices, and configuration guidance.
In order to ensure security best practices in your AWS accounts, you must establish a security baseline and then enforce it across all of these accounts. In this session, you will learn how to use AWS CloudFormation and AWS Organizations to execute security best practices (AWS CloudTrail, AWS Config, Flow Logs, S3 Access logs, etc...) in scenarios where you are managing many AWS accounts across an organization. You will see how to leverage Service Catalog across multiple accounts. Learn how to store all of these logs in a centralized logging system such as Amazon ElasticSearch Service, set up alerts, and drift detection on anomalous or high-risk activity.
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Amazon Web Services
Securing your data platforms in job zero. Powerful encryption capabilities are available in the core services of the AWS cloud. AWS continues to innovate and release enhancements to encryption-specific services, and expand the encryption capabilities in new services to make encryption easy for everyone. Learn how to take advantage of these services and features to protect and secure your data in the cloud.
AWS Security, Identity, & Compliance - An Overview: AWS Security Week at the San Francisco Loft
Presenter: William Reid, CISM, FIP
Head of Security and Compliance Solution Architecture, AWS
In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments.
AWS Summit Milano 2019 - Sicurezza in AWS automazione e best practice - Antonio Duma, Solutions Architect, AWS | Carmela Gambardella, Solutions Architect AWS
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Identity Round Robin Workshop - Serverless Round: Security Week at the SF LoftAmazon Web Services
Identity Round Robin Workshop - Serverless Round: Security Week at the San Francisco Loft
Start the day off by learning how to properly configure identity and access controls for a serverless application built with Amazon S3, Amazon CloudFront, and Amazon Cognito. With a combination of talking and hands-on exercises we will be diving into AWS IAM policy types to better understand the differences and learn how the policy evaluation logic works. We will also be diving into how you can use Cognito User Pools for user management within your serverless applications.
Level: 300
Speaker: Jesse Fuchs - Sr. Solutions Architect, AWS
AWS Shared Security Model
Identity Access Management (IAM)
Governance and Compliance
AWS CloudTrail for audit and change management
AWS Config and Config Rules
Introduction to AWS Security: Security Week at the SF LoftAmazon Web Services
Introduction to AWS Security: Security Week at the San Francisco Loft
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and workshops. We will also provide an overview of the Security pillar of the AWS Cloud Adoption Framework (CAF) and talk about how AWS keeps humans away from data—and how you can, too.
Level: 100
Speaker: Bill Reid - Sr. Manager, Solutions Architecture, AWS
by Brad Dispensa, Sr.SA–Security and Compliance
At AWS, security is job zero and we have architected our infrastructure for the most data-sensitive organizations in the world. In this session, we will cover our Shared Responsibility Model in relation to Security and our Compliance Program, and what that means for our customers when using our suite of storage services.
Evolving perimeters with guardrails, not gates: Improving developer agility -...Amazon Web Services
In this session, Comcast discusses its AWS cloud governance strategy, focusing on self-service tooling and account management, and explaining how it improved the developer experience by leveraging federated identities, AWS Organizations, and AWS Identity and Access Management permissions boundaries.
Threat detection and mitigation at AWS - SEC301 - Santa Clara AWS SummitAmazon Web Services
In this session, learn how to address threat detection and remediation at AWS. We summarize the challenges of traditional threat detection efforts and explain how AWS helps you address them in a cloud environment. We also provide an overview of key AWS
by Bill Reid, Sr. Manager of Solutions Architecture, AWS
This session is designed to introduce you to fundamental cloud computing and AWS security concepts that will help you prepare for the Security Week sessions, demos, and labs.
Similar to What's New in AWS Security Features (20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS.
In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup.
Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti.
Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.
Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi
Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
L’utilizzo dei container è in continua crescita.
Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili.
I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!
In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th.
Event Agenda :
Open banking so far (short recap)
• PSD2, OB UK, OB Australia, OB LATAM, OB Israel
Intro to Open Finance marketplace
• Scope
• Features
• Tech overview and Demo
The role of the Cloud
The Future of APIs
• Complying with regulation
• Monetizing data / APIs
• Business models
• Time to market
One platform for all: a Strategic approach
Q&A
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc.
AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta.
Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity.
AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet.
Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.
Dal riconoscimento facciale al riconoscimento di frodi o difetti di fabbricazione, l'analisi di immagini e video che sfruttano tecniche di intelligenza artificiale, si stanno evolvendo e raffinando a ritmi elevati. In questo webinar esploreremo le possibilità messe a disposizione dai servizi AWS per applicare lo stato dell'arte delle tecniche di computer vision a scenari reali.
Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti.
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti.
Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire.
Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito.
In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.
Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline.
Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi.
La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.
In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.
Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.
22. Indicator search
Amazon Detective example use cases
Did this suspicious user agent issue any
API calls?
Did this IP address from this
threat report communicate
with any of my instances over
the last year?