Hackproof Your Cloud Responding to 2016 Threats
|
|
- Donna Bridges
- 5 years ago
- Views:
Transcription
1 Hackproof Your Cloud Responding to 2016 Threats Aaron Klein, CloudCheckr Tuesday, June 30 th , Amazon Web Services, Inc. or its Affiliates. All rights reserved.
2 Changing Your Perspective Moving to the Cloud = rethinking your perimeter security Old world: Set-up and audit perimeter security New world: Rethink security tasks: Network-based IPS/IDS Network scanning Penetration tests Vulnerability assessments Focus on securing cloud workloads Not on securing the cloud
3 AWS: What s Different? The idea of physical security morphs as infrastructure becomes virtualized by AWS APIs. In a new world of ephemeral, auto-scaling infrastructure, you need to adapt your security architecture to meet both compliance and security threats. ~ Physical assets secured at the AWS availability zone ~ ~ Must guard the AWS API ~ ~ IAM Access is your new physical security ~
4 AWS and You Share Responsibility for Security You Network Security Customer Applications & Content Inventory & Config Data Security Access Control You get to define your controls IN the Cloud AWS Foundation Services Compute Storage Database Networking AWS takes care of the security OF the Cloud Availability Zones Edge Locations AWS Global Infrastructure Regions
5 Minimizing Attack Vectors Principles don t change Reduce your surface area! Defense-in-depth Patch all known vulnerabilities Configure and manage user privileges Remove unused user accounts Some attack vectors don t change Application level user-privilege escalation, web app vulns, XSS Operating system vulnerabilities Database vulnerabilities Remove unwanted services Security Hardening Close unused open network ports Some attack vectors change Homogeneous environment Polymorphic targets/mapping Reduced network sniffing Enforce password complexity & policies
6 Perimeter Assessments In the Cloud How do I assess the perimeter of my cloud? Give me your network block Let me see your configuration Nmap Port scans Ping sweeps Etc OLD WORLD NEW WORLD List of publicly-accessible resources Security groups (Amazon EC2- Classic, Amazon EC2-VPC, Redshift, RDS, etc ) Routing tables, Network ACL VPC, subnets Amazon S3 buckets and permissions IAM policies
7 Network Security in a VPC Network ACLs (NACLs) Virtual firewalls assigned to VPC/Subnets Network ACLs are stateless; responses to allowed inbound traffic are subject to the rules for outbound traffic (and vice versa). Rules evaluated numerical ascending DENY can be overridden by ALLOW Watch for INEFFECTIVE rules Security Groups Host-based firewalls assigned to instances Stateful responses to allowed inbound traffic are not subjected to the rules for outbound traffic Rules are cumulative DENY always overrides ALLOW Assigning wrong security group to an instance exposes the entire VPC
8 Complex Connections to Amazon EC2 Amazon EC2 instance can be run inside VPCs Amazon EC2 instance can be given 1 or more private IP addresses Amazon EC2 instance can be given 1 or more public IP addresses Amazon EC2 instance can be attached to an Elastic IP address (EIP) Legacy capability to run outside VPCs Instance ID: i-001bac39 Friendly name (implemented as a tag): ISS-V2-API1 For example: This generates a DNS name ip us-west- 2.compute.internal For example: This generates a DNS name ec us-west- 2.compute.amazonaws.com For example:
9 Running VA in Cloud Environments How do I run Vulnerability Assessments? REGISTER YOUR SCAN! Gather the list of public IPs and EIPs of all resources Do I need to scan the private IP addresses and instances? Scanning an AMI Spin up a new instance, run a scan on the new instance Mark everything based on this AMI as scanned What about when an instance drifts from original AMI? Someone can reconfigure settings, install new software In an elastic, ephemeral, auto scaling environment clouds can have tens of thousands of instances
10 Patching Strategies for AWS No Patch Strategy Stay away from patching live systems Focus on patching templates/amis Deliver patches by redeploying workloads Dependent on adopting pure cloud architectures Look at AWS OS Templates Patched by Amazon Systematic Workload Reprovisioning Based on high-assurance repositories Effective battling Advanced Persistent Threats
11 Outside of your VPC: What are we missing? Don t assume attacks only happen against Amazon EC2 AWS is a complex system Over 30 different AWS services Many have unique access control systems You may have 100s of AWS accounts We need a complete inventory All publicly-accessible endpoints and resources Security breaches can happen with a single weak link
12 S3 (Simple Storage Service) Up to 1000 buckets in an account Unlimited number of objects (billions is not uncommon) Location Within a region, across multi-azs, not housed in a VPC Can t sit between client and storage Security Access control through IAM policies, bucket policies, ACLs, and query string authentication Server-side Encryption, HTTPS support Server-access logs (does not integrate with CloudTrail) Don t grant FULL_CONTROL, WRITE_ACP, WRITE bucket permissions to Everyone EVER!!! Create an inventory of your sensitive data
13 SQS (Simple Queuing Service) Where does SQS live? Within a region, not within a VPC Uses a URL such as: Security based on policy documents: { "Version": " ", "Id": "arn:aws:sqs:us-east-1: :mysqs/sqsdefaultpolicy", "Statement": [ { "Sid": "Sid ", "Effect": "Allow", "Principal": { "AWS": "*" }, "Action": [ "SQS:ReceiveMessage", "SQS:SendMessage" ], "Resource": "arn:aws:sqs:us-east-1: :mysqs" },
14 SNS (Simple Notification Service) SNS does not live inside your VPC Permissions based on topic policies:
15 Logs: Using AWS CloudTrail An AWS Service that records each time the AWS API is called Currently supports most AWS services Conveniently everything in AWS goes through the API Even actions in the Management Console go through the API CloudTrail writes files into an Amazon S3 bucket Near real-time (every five minutes) Files are in JSON format Get started at
16 Using CloudWatch Logs Simple method of monitoring operating system logs Ship Windows event logs and syslogs to AWS CloudWatch Types of use-case: Account Login Failure, Account Login Success, New local account creation, Excessive Login Failure (Configurable) Unauthorized Windows Admin Logon, Windows Account Lockout Attempt, Windows Computer Account Changes Windows Audit Policy Changes, Windows Event Log Cleared Non-Windows - Account Locked Out, Non-Windows - Account Unlocked, Changes to System or Audit log Get started at: atchlogs.html
17 Using Amazon VPC Flow Logs An AWS service that records each time packets enter or leave a VPC Security team comes to you and says: We need logs going to instance from IP address ranges Monitor for DENY connections Gives you both security group and NACL denies Announcement:
18 Tools For Configuring AWS Securely & Cost Effectively Generic tools fall short Purpose-built, not cloud-washed Make sure tools don t fall over in the cloud Tools have to understand dynamic, ephemeral IPs Need a deep understanding of AWS What does this means Context is important Actionable intelligence
19 CloudCheckr Unified Cost & Security Management What cloud users need Automated best practice checks covering security, availability, cost, and usage Simplified monitoring of changes in a cloud environment Actionable security and activity alerts Remediation and self-healing of security vulnerabilities Understand/Audit costs in the cloud»»»»» CloudCheckr provides Comprehensive visibility & control on security, availability, cost and usage with 350+ out-of-the-box best practice policy checks Automated reports, generated and updated daily, listing all additions, deletions, or modifications over the past 24 hours Over 100 out of the box alerts with endless customization opportunities Automation that allows users to receive alerts and delegate remediation to CloudCheckr Granular visibility to understand, deconstruct, and optimize cloud costs
20 Questions?
21 Thank You for Attending Aaron Klein, Founder of CloudCheckr 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Understanding Perimeter Security
Understanding Perimeter Security In Amazon Web Services Aaron C. Newman Founder, CloudCheckr Aaron.Newman@CloudCheckr.com Changing Your Perspective How do I securing my business applications in AWS? Moving
More informationHackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm
whitepaper Hackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm When your company s infrastructure was built on the model of a traditional on-premise data center, security was pretty
More informationGetting Started with AWS Security
Getting Started with AWS Security Tomas Clemente Sanchez Senior Consultant Security, Risk and Compliance September 21st 2017 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Move
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationAre You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus
Are You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus 1 60 Second AWS Security Review 2 AWS Terminology Identity and Access Management (IAM) - AWS Security Service to manage
More informationAmazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India
(AWS) Overview: AWS is a cloud service from Amazon, which provides services in the form of building blocks, these building blocks can be used to create and deploy various types of application in the cloud.
More informationSecurity on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Overview AWS Regions Availability Zones Shared Responsibility Security Features Best Practices
More informationTraining on Amazon AWS Cloud Computing. Course Content
Training on Amazon AWS Cloud Computing Course Content 15 Amazon Web Services (AWS) Cloud Computing 1) Introduction to cloud computing Introduction to Cloud Computing Why Cloud Computing? Benefits of Cloud
More informationAmazon Web Services Training. Training Topics:
Amazon Web Services Training Training Topics: SECTION1: INTRODUCTION TO CLOUD COMPUTING A Short history Client Server Computing Concepts Challenges with Distributed Computing Introduction to Cloud Computing
More informationAmazon Web Services (AWS) Solutions Architect Intermediate Level Course Content
Amazon Web Services (AWS) Solutions Architect Intermediate Level Course Content Introduction to Cloud Computing A Short history Client Server Computing Concepts Challenges with Distributed Computing Introduction
More informationNetwork Security & Access Control in AWS
Network Security & Access Control in AWS Ian Massingham, Technical Evangelist @IanMmmm 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Account Security Day One Governance Account
More informationAWS Well Architected Framework
AWS Well Architected Framework What We Will Cover The Well-Architected Framework Key Best Practices How to Get Started Resources Main Pillars Security Reliability Performance Efficiency Cost Optimization
More informationAWS Security. Stephen E. Schmidt, Directeur de la Sécurité
AWS Security Stephen E. Schmidt, Directeur de la Sécurité 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express
More informationCreating your Virtual Data Centre
Creating your Virtual Data Centre VPC Fundamentals and Connectivity Options Paul Burne, Senior Technical Account Manager, Enterprise Support - 28 th June 2017 2016, Amazon Web Services, Inc. or its Affiliates.
More informationBuilding a Modular and Scalable Virtual Network Architecture with Amazon VPC
Building a Modular and Scalable Virtual Network Architecture with Amazon VPC Quick Start Reference Deployment Santiago Cardenas Solutions Architect, AWS Quick Start Reference Team August 2016 (revisions)
More informationAmazon Web Services (AWS) Training Course Content
Amazon Web Services (AWS) Training Course Content SECTION 1: CLOUD COMPUTING INTRODUCTION History of Cloud Computing Concept of Client Server Computing Distributed Computing and it s Challenges What is
More information25 Best Practice Tips for architecting Amazon VPC
25 Best Practice Tips for architecting Amazon VPC 25 Best Practice Tips for architecting Amazon VPC Amazon VPC is one of the most important feature introduced by AWS. We have been using AWS from 2008 and
More informationCogniFit Technical Security Details
Security Details CogniFit Technical Security Details CogniFit 2018 Table of Contents 1. Security 1.1 Servers........................ 3 1.2 Databases............................3 1.3 Network configuration......................
More informationLook Who s Hiring! AWS Solution Architect AWS Cloud TAM
Look Who s Hiring! AWS Solution Architect https://www.amazon.jobs/en/jobs/362237 AWS Cloud TAM https://www.amazon.jobs/en/jobs/347275 AWS Principal Cloud Architect (Professional Services) http://www.reqcloud.com/jobs/701617/?k=wxb6e7km32j+es2yp0jy3ikrsexr
More informationArchitecting for Greater Security in AWS
Architecting for Greater Security in AWS Jonathan Desrocher Security Solutions Architect, Amazon Web Services. Guy Tzur Director of Ops, Totango. 2015, Amazon Web Services, Inc. or its affiliates. All
More informationEnroll Now to Take online Course Contact: Demo video By Chandra sir
Enroll Now to Take online Course www.vlrtraining.in/register-for-aws Contact:9059868766 9985269518 Demo video By Chandra sir www.youtube.com/watch?v=8pu1who2j_k Chandra sir Class 01 https://www.youtube.com/watch?v=fccgwstm-cc
More informationSecurity: Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration
Security: A Driving Force Behind Moving to the Cloud Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration 2017, Amazon Web Services, Inc. or its affiliates.
More informationIntroduction to Cloud Computing
You will learn how to: Build and deploy cloud applications and develop an effective implementation strategy Leverage cloud vendors Amazon EC2 and Amazon S3 Exploit Software as a Service (SaaS) to optimize
More informationCreating Your Virtual Data Center
NET201 Creating Your Virtual Data Center VPC Fundamentals and Connectivity Options Becky Weiss, Principal Engineer, EC2 Networking October 2015 2015, Amazon Web Services, Inc. or its Affiliates. All rights
More informationTitle: Planning AWS Platform Security Assessment?
Title: Planning AWS Platform Security Assessment? Name: Rajib Das IOU: Cyber Security Practices TCS Emp ID: 231462 Introduction Now-a-days most of the customers are working in AWS platform or planning
More informationSecurity Camp 2016 Cloud Security. August 18, 2016
Security Camp 2016 Cloud Security What I ll be discussing Cloud Security Topics Cloud overview The VPC and structures Cloud Access Methods Who owns your data? Cover your Cloud trail? Protection approaches
More informationAWS Solutions Architect Associate (SAA-C01) Sample Exam Questions
1) A company is storing an access key (access key ID and secret access key) in a text file on a custom AMI. The company uses the access key to access DynamoDB tables from instances created from the AMI.
More informationLINUX, WINDOWS(MCSE),
Virtualization Foundation Evolution of Virtualization Virtualization Basics Virtualization Types (Type1 & Type2) Virtualization Demo (VMware ESXi, Citrix Xenserver, Hyper-V, KVM) Cloud Computing Foundation
More informationAdditional Security Services on AWS
Additional Security Services on AWS Bertram Dorn Specialized Solutions Architect Security / Compliance / DataProtection AWS EMEA The Landscape The Paths Application Data Path Path Cloud Managed by Customer
More informationGetting started with AWS security
Getting started with AWS security Take a prescriptive approach Stella Lee Manager, Enterprise Business Development $ 2 0 B + R E V E N U E R U N R A T E (Annualized from Q4 2017) 4 5 % Y / Y G R O W T
More informationStandardized Architecture for PCI DSS on the AWS Cloud
AWS Enterprise Accelerator Compliance Standardized Architecture for PCI DSS on the AWS Cloud Quick Start Reference Deployment AWS Professional Services AWS Quick Start Reference Team May 2016 (last update:
More informationNGF0502 AWS Student Slides
NextGen Firewall AWS Use Cases Barracuda NextGen Firewall F Implementation Guide Architectures and Deployments Based on four use cases Edge Firewall Secure Remote Access Office to Cloud / Hybrid Cloud
More informationCLOUD WORKLOAD SECURITY
SOLUTION OVERVIEW CLOUD WORKLOAD SECURITY Bottom line: If you re in IT today, you re already in the cloud. As technology becomes an increasingly important element of business success, the adoption of highly
More informationBest Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ
Best Practices for Cloud Security at Scale Phil Rodrigues Security Solutions Architect Web Services, ANZ www.cloudsec.com #CLOUDSEC Best Practices for Security at Scale Best of the Best tips for Security
More informationCloud security 2.0: Joko nyt pilveen voi luottaa?
Cloud security 2.0: Joko nyt pilveen voi luottaa? www.nordcloud.com 11 04 2017 Helsinki 2 Teemu Lehtonen Senior Cloud architect, Security teemu.lehtonen@nordcloud.com +358 40 6329445 Nordcloud Finland
More informationWho done it: Gaining visibility and accountability in the cloud
Who done it: Gaining visibility and accountability in the cloud By Ryan Nolette Squirrel Edition $whoami 10+ year veteran of IT, Security Operations, Threat Hunting, Incident Response, Threat Research,
More informationINTRO TO AWS: SECURITY
INTRO TO AWS: SECURITY Rob Whitmore Solutions Architect 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Security is the foundation Familiar security model Validated by security experts
More informationMonitoring Serverless Architectures in AWS
Monitoring Serverless Architectures in AWS The introduction of serverless architectures is a positive development from a security perspective. Splitting up services into single-purpose functions with well-defined
More informationCIT 668: System Architecture. Amazon Web Services
CIT 668: System Architecture Amazon Web Services Topics 1. AWS Global Infrastructure 2. Foundation Services 1. Compute 2. Storage 3. Database 4. Network 3. AWS Economics Amazon Services Architecture Regions
More informationAbout Intellipaat. About the Course. Why Take This Course?
About Intellipaat Intellipaat is a fast growing professional training provider that is offering training in over 150 most sought-after tools and technologies. We have a learner base of 600,000 in over
More informationGetting started with AWS security
Getting started with AWS security Take a prescriptive approach Stephen Quigg Principal Security Solutions Architect 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why is enterprise
More informationAWS Landing Zone. AWS User Guide. November 2018
AWS Landing Zone AWS User Guide November 2018 Copyright (c) 2018 by Amazon.com, Inc. or its affiliates. AWS Landing Zone User Guide is licensed under the terms of the Amazon Software License available
More informationAWS Solution Architect Associate
AWS Solution Architect Associate 1. Introduction to Amazon Web Services Overview Introduction to Cloud Computing History of Amazon Web Services Why we should Care about Amazon Web Services Overview of
More informationSimple Security for Startups. Mark Bate, AWS Solutions Architect
BERLIN Simple Security for Startups Mark Bate, AWS Solutions Architect Agenda Our Security Compliance Your Security Account Management (the keys to the kingdom) Service Isolation Visibility and Auditing
More informationCloud Infrastructure Security Report. Prepared for Acme Corp
Cloud Infrastructure Security Report Prepared for Acme Corp From: Jul 24, 2016 at 09:08 PDT To: Jul 24, 2017 at 09:08 PDT Cloud Account(s): Dev Account, Staging Account, Production Account Table of Contents
More informationSecurity Aspekts on Services for Serverless Architectures. Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security Aspekts on Services for Serverless Architectures Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Security in General Services in Scope Aspects of Services for
More informationALIENVAULT USM FOR AWS SOLUTION GUIDE
ALIENVAULT USM FOR AWS SOLUTION GUIDE Summary AlienVault Unified Security Management (USM) for AWS is a unified security platform providing threat detection, incident response, and compliance management
More informationHow can you implement this through a script that a scheduling daemon runs daily on the application servers?
You ve been tasked with implementing an automated data backup solution for your application servers that run on Amazon EC2 with Amazon EBS volumes. You want to use a distributed data store for your backups
More informationAWS Security Overview. Bill Shinn Principal Security Solutions Architect
AWS Security Overview Bill Shinn Principal Security Solutions Architect Accelerating Security with AWS AWS Overview / Risk Management / Compliance Overview Identity / Privilege Isolation Roles for EC2
More informationSignalFx Platform: Security and Compliance MARZENA FULLER. Chief Security Officer
SignalFx Platform: Security and Compliance MARZENA FULLER Chief Security Officer SignalFx Platform: Security and Compliance INTRODUCTION COMPLIANCE PROGRAM GENERAL DATA PROTECTION DATA SECURITY Data types
More informationAmazon Virtual Private Cloud. Getting Started Guide
Amazon Virtual Private Cloud Getting Started Guide Amazon Virtual Private Cloud: Getting Started Guide Copyright 2017 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks
More informationCloud Security Strategy - Adapt to Changes with Security Automation -
SESSION ID: CMI-F03 Cloud Security Strategy - Adapt to Changes with Security Automation - Hayato Kiriyama Security Solutions Architect Amazon Web Services Japan K.K. @hkiriyam1 Agenda New Normal of Security
More informationSECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry
SECURITY ON AWS By Max Ellsberry AWS Security Standards The IT infrastructure that AWS provides has been designed and managed in alignment with the best practices and meets a variety of standards. Below
More informationExam Questions AWS-Certified- Developer-Associate
Exam Questions AWS-Certified- Developer-Associate Amazon AWS Certified Developer Associate https://www.2passeasy.com/dumps/aws-certified- Developer-Associate/ 1. When using Amazon SQS how much data can
More informationMake Cloud the Most Secure Environment for Business. Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks)
Make Cloud the Most Secure Environment for Business Seth Hammerman, Systems Engineer Mvision Cloud (formerly Skyhigh Networks) Enterprise cloud apps Consumer cloud apps The average organization now uses
More informationPracticeDump. Free Practice Dumps - Unlimited Free Access of practice exam
PracticeDump http://www.practicedump.com Free Practice Dumps - Unlimited Free Access of practice exam Exam : AWS-Developer Title : AWS Certified Developer - Associate Vendor : Amazon Version : DEMO Get
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : SAA-C01 Title : AWS Certified Solutions Architect - Associate (Released February 2018)
More informationAmazon Web Services Course Outline
Amazon Web Services Course Outline Tr Real Time Trainers 100% Placement Assistance Small Training Batch Hands on Experience Certification Support Video Tutorials will be provided Life Time Support will
More informationBEST PRACTICES TO PROTECTING AWS CLOUD RESOURCES
E-Guide BEST PRACTICES TO PROTECTING AWS CLOUD RESOURCES SearchAWS T here is no catch-all for securing a cloud network. Administrators should take a comprehensive approach to protect AWS cloud resources
More informationSecuring Microservices Containerized Security in AWS
Securing Microservices Containerized Security in AWS Mike Gillespie, Solutions Architect, Amazon Web Services Splitting Monoliths Ten Years Ago Splitting Monoliths Ten Years Ago XML & SOAP Splitting Monoliths
More informationDatabricks Enterprise Security Guide
Databricks Enterprise Security Guide 1 Databricks is committed to building a platform where data scientists, data engineers, and data analysts can trust that their data is secure. Through implementing
More informationCommunity Edition Getting Started Guide. July 25, 2018
Community Edition Getting Started Guide July 25, 2018 Copyright 2018 by Qualys, Inc. All Rights Reserved. Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks are the
More informationCreating an AWS Account: Beyond the Basics
Creating an AWS Account: Beyond the Basics Best practices to build a strong foundation for enterprise cloud adoption Updated August 2016 Aaron Wilson Table of Contents Introduction... 3 Before You Begin...
More informationCPM. Quick Start Guide V2.4.0
CPM Quick Start Guide V2.4.0 1 Content 1 Introduction... 3 Launching the instance... 3 CloudFormation... 3 CPM Server Instance Connectivity... 3 2 CPM Server Instance Configuration... 4 CPM Server Configuration...
More informationOvercoming the Challenges of Automating Security in a DevOps Environment
SESSION ID: LAB-W02 Overcoming the Challenges of Automating Security in a DevOps Environment Murray Goldschmidt Chief Operating Officer Sense of Security @ITsecurityAU Michael McKinnon Director, Commercial
More informationRED TEAM VS. BLUE TEAM ON AWS
SESSION ID: CSV-R12 RED TEAM VS. BLUE TEAM ON AWS Teri Radichel CEO 2nd Sight Lab @teriradichel Kolby Allen DevOps Engineer Zipwhip @kolbyallen Attacker vs. Defender 2 Cloud Admin Duh Duh Duh. 3 Would
More informationData Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle
Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government
More informationS U M M I T B e r l i n
Berlin SessionID ECS + Fargate Deep Dive Ric Harvey Technical Developer Evangelist Amazon Web Services rjh@amazon.com @ric Harvey https://gitlab.com/ric_harvey/bl_practical_fargate CONTAINERS, CONTAINERS,
More informationForeScout CounterACT. (AWS) Plugin. Configuration Guide. Version 1.3
ForeScout CounterACT Hybrid Cloud Module: Amazon Web Services (AWS) Plugin Version 1.3 Table of Contents Amazon Web Services Plugin Overview... 4 Use Cases... 5 Providing Consolidated Visibility... 5 Dynamic
More informationMyIGW Main. Oregon. MyVPC /16. MySecurityGroup / us-west-2b. Type Port Source SSH /0 HTTP
MyIGW Main Oregon MyVPC 10.0.0.0/16 10.0.1.0/24 10.0.1.0 -- us-west-2a MySecurityGroup 10.0.2.0/24 10.0.2.0 -- us-west-2b MyWebServer1 MyDBServer DMZ MyInternetRouteTable 0.0.0.0/0 IGW Type Port Source
More information25 Best Practice Tips for architecting Amazon VPC. 25 Best Practice Tips for architecting Amazon VPC. Harish Ganesan- CTO- 8KMiles
25 Best Practice Tips for architecting Amazon VPC 25 Best Practice Tips for architecting Amazon VPC Amazon VPC is one of the most important feature introduced by AWS. We have been using AWS from 2008 and
More informationFilters AWS CLI syntax, 43 Get methods, 43 Where-Object command, 43
Index Symbols AWS Architecture availability zones (AZs), 3 cloud computing, 1 regions amazon global infrastructure, 2 Govcloud, 3 list and locations, 3 services compute, 5 management, 4 monitoring, 6 network,
More informationCompleting your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT
Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Introduction Amazon Web Services (AWS) provides Infrastructure as a Service (IaaS) cloud offerings for organizations. Using AWS,
More informationSecuring Amazon Web Services (AWS) EC2 Instances with Dome9. A Whitepaper by Dome9 Security, Ltd.
Securing Amazon Web Services (AWS) EC2 Instances with Dome9 A Whitepaper by Dome9 Security, Ltd. Amazon Web Services (AWS) provides business flexibility for your company as you move to the cloud, but new
More informationBuilding a Self-Defending Border. Shane Baldacchino, Solutions Architect, AWS Marcus Santos, Solutions Architect, AWS
Building a Self-Defending Border Shane Baldacchino, Solutions Architect, AWS Marcus Santos, Solutions Architect, AWS www.cloudsec.com #cloudsec Building A Defending Borders Protect Your Web-facing Workloads
More informationOptiSol FinTech Platforms
OptiSol FinTech Platforms Payment Solutions Cloud enabled Web & Mobile Platform for Fund Transfer OPTISOL BUSINESS SOLUTIONS PRIVATE LIMITED #87/4, Arcot Road, Vadapalani, Chennai 600026, Tamil Nadu. India
More informationAWS Data Security Security Update
AWS Data Security Security Update December 1 st 2015 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Data Security Agenda 1:00 pm AWS Security Overview + What s New 2:00 pm Network
More information8/3/17. Encryption and Decryption centralized Single point of contact First line of defense. Bishop
Bishop Encryption and Decryption centralized Single point of contact First line of defense If working with VPC Creation and management of security groups Provides additional networking and security options
More informationHigh School Technology Services myhsts.org Certification Courses
AWS Associate certification training Last updated on June 2017 a- AWS Certified Solutions Architect (40 hours) Amazon Web Services (AWS) Certification is fast becoming the must have certificates for any
More informationTestkingPass. Reliable test dumps & stable pass king & valid test questions
TestkingPass http://www.testkingpass.com Reliable test dumps & stable pass king & valid test questions Exam : AWS-Solutions-Architect- Associate Title : AWS Certified Solutions Architect - Associate Vendor
More informationForeScout Amazon Web Services (AWS) Plugin
ForeScout Amazon Web Services (AWS) Plugin Version 1.1.1 and above Table of Contents Amazon Web Services Plugin Overview... 4 Use Cases... 5 Providing Consolidated Visibility... 5 Dynamic Segmentation
More informationSecuring Your Amazon Web Services Virtual Networks
Securing Your Amazon Web Services s IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up a workload,
More informationTIBCO Cloud Integration Security Overview
TIBCO Cloud Integration Security Overview TIBCO Cloud Integration is secure, best-in-class Integration Platform as a Service (ipaas) software offered in a multi-tenant SaaS environment with centralized
More informationHashiCorp Vault on the AWS Cloud
HashiCorp Vault on the AWS Cloud Quick Start Reference Deployment November 2016 Last update: April 2017 (revisions) Cameron Stokes, HashiCorp, Inc. Tony Vattathil and Brandon Chavis, Amazon Web Services
More informationDeep Freeze Cloud. Architecture and Security Overview
Deep Freeze Cloud Architecture and Security Overview 2018 Faronics Corporation or its affiliates. All rights reserved. NOTICE: This document is provided for informational purposes only. It represents Faronics
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationAmazon AWS-Solutions-Architect-Professional Exam
Volume: 392 Questions Question: 1 By default, Amazon Cognito maintains the last-written version of the data. You can override this behavior and resolve data conflicts programmatically. In addition, push
More information10 FOCUS AREAS FOR BREACH PREVENTION
10 FOCUS AREAS FOR BREACH PREVENTION Keith Turpin Chief Information Security Officer Universal Weather and Aviation Why It Matters Loss of Personally Identifiable Information (PII) Loss of Intellectual
More informationCloud Computing /AWS Course Content
Cloud Computing /AWS Course Content 1. Amazon VPC What is Amazon VPC? How to Get Started with Amazon VPC Create New VPC Launch an instance (Server) to use this VPC Security in Your VPC Networking in Your
More informationStandardized Architecture for NIST-based Assurance Frameworks in the AWS Cloud
AWS Enterprise Accelerator Compliance Standardized Architecture for NIST-based Assurance Frameworks in the AWS Cloud Quick Start Reference Deployment AWS Professional Services AWS Quick Start Reference
More informationAWS Certifications. Columbus Amazon Web Services Meetup - February 2018
AWS Certifications Columbus Amazon Web Services Meetup - February 2018 Presenter: Andrew May Senior Solutions Architect & Cloud Solutions Lead @ Leading EDJE Java developer since 2000 2 ½ years AWS experience
More informationDreamFactory Security Guide
DreamFactory Security Guide This white paper is designed to provide security information about DreamFactory. The sections below discuss the inherently secure characteristics of the platform and the explicit
More informationAWS Administration. Suggested Pre-requisites Basic IT Knowledge
Course Description Amazon Web Services Administration (AWS Administration) course starts your Cloud Journey. If you are planning to learn Cloud Computing and Amazon Web Services in particular, then this
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationINTRODUCING CISCO SECURITY FOR AWS
SESSION ID: SPO1-T08 INTRODUCING CISCO SECURITY FOR AWS Patrick Crowley CTO Cisco, Stealthwatch Cloud @p_crowley Who am I? I work for Cisco Systems, in the Security Business Group Founder, Observable Networks:
More informationOracle WebLogic Server 12c on AWS. December 2018
Oracle WebLogic Server 12c on AWS December 2018 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document is provided for informational purposes only. It represents
More informationCrear un centro de datos virtual en AWS
Crear un centro de datos virtual en AWS Fundamentos de VPC y opciones de conectividad Damián Arregui, Solutions Architect, AWS Jueves 1ro de Junio 2016 2016, Amazon Web Services, Inc. or its Affiliates.
More informationMcAfee Cloud Workload Security Product Guide
Revision B McAfee Cloud Workload Security 5.1.0 Product Guide (McAfee epolicy Orchestrator) COPYRIGHT Copyright 2018 McAfee, LLC TRADEMARK ATTRIBUTIONS McAfee and the McAfee logo, McAfee Active Protection,
More informationAWS Solution Architect (AWS SA)
AWS Solution Architect (AWS SA) From Length: Approx 4-5 weeks/40+ hours Audience: Students with or without IT experience or knowledge Student Location To students from around the world Delivery Method:
More informationManaging Your Privileged Identities: The Choke Point of Advanced Attacks
Managing Your Privileged Identities: The Choke Point of Advanced Attacks Shirief Nosseir EMEA Alliances Director Identity & API Management Tuesday, 16 May 2017 Agenda Why Privileged Access Management Why
More information