Cloud security 2.0: Joko nyt pilveen voi luottaa?
|
|
- Allyson Wilson
- 6 years ago
- Views:
Transcription
1 Cloud security 2.0: Joko nyt pilveen voi luottaa?
2 Helsinki 2 Teemu Lehtonen Senior Cloud architect, Security teemu.lehtonen@nordcloud.com Nordcloud Finland Fredrikinkatu 63 a C Helsinki Finland
3 Cloud security fundamentals Case AWS
4 Security In the Cloud Environment Security is a shared responsibility Cloud Provider is responsible for the security OF the cloud YOU are responsible for the security IN the cloud
5 Target: You - Facilities - Physical Security - Physical Infrastructure - Network Infrastructure - Virtualization Infrastructure - End-points - Operating System - Applications - Security Groups - Identity and access controls - Network ACLs - Network Configuration - Account Management - Service Security Features - Incident & Risk management -. Secure Compliant Workloads
6 Reality: 10 AWS Security mistakes 1. Not protecting AWS Secret / Access keys (Identity & Access Management) 2. Not managing remote access (VPC) 3. Not using AWS WAF 4. Not having AWS asset management strategy (AWS Config, VPC) 5. Not enabling and using CloudTrail (CloudTrail and CloudWatch) 6. Not protecting secrets (KMS, Identity & Access Management, Dev Tools) 7. Not using least privilege permissions (Identity & Access Management) 8. Not running hardened AWS Images (Inspector) Keeping images up to date! 9. Ignoring vulnerability scanning (Inspector) Also Cloud account! (Trusted Advisor) 10.Using AWS root account for access (Identity & Access Management)
7 Securing the cloud approaches: Copy Cloud On Advisory premises Cloud Automation Mixed Managed Cloud-Native Cloud Copy Independent, the existing on-premises controls to the cloud as is industry leading - Follow traditional advice RMIAS to model shape your - cloud Same products strategy. as in on-premises - Integration needed to On-Premises - Follow Vendor best practises to secure the Cloud Infra itself Partially copied and partially Migration transformed and cloud - Add implementation agility and automation to RMIAS enabling you to fully - Mix of products used for securing use cloud the capabilities. Applications and Cloud Infra - Integration to On- Premises needed -Flexible Cloud native services Security products where keeping your cloud possible available, - Fully transformed optimised, and - Agility secure and Automation all everywhere times. - Infrastructure as code - Can Report as own entity
8 Security In the Cloud Environment Approach recommendations: Utilize Provider Segregation to Your Advantage Automate, including naming conventions!
9 Security in the Cloud Case AWS
10 Key AWS tools around security Identity & Access Management AWS Trusted Advisor AWS CloudWatch AWS VPC AWS Elastic Load Balancing Amazon Inspector AWS Key Management Service AWS Directory Services AWS CloudTrail AWS Config AWS Service Catalog AWS Cloud Formation
11 More tools 11 Marketplace -Cloud versions of the respective onpremises tools -Cloud native tools -Pre-hardened Images -Examples: - Anti-Malware - VPN -Pros: Drive MB not Lada -Cons: Varying nativity Nordcloud Partners - Cloud Native Anti Malware - Cloud Infra security assessment - Web Application Security
12 Identity & Access Management 12 What Market Why Place Where -Central Identity & Access management tool for Cloud Account - Integrated to Services - Grouping of resources - Grouping of Accesses - Grouping of Identities - Delegation & Federation -Not recommended for your application or Servers! - For Security & Compliancy - DataCenter access control - Auditing -For segregation - Organization - Roles -For Integration - Existing RBAC - 3rd parties - Everywhere! - Central Access Control -Multi Account Delegation - DR account integration - Managed Service RBAC - Service provider
13 Identity & Access Management Example 13 Create another AWS account for DR purposes Copy CloudTrail and Backups to the DR account for fast recovery Infrastructure as code either backed up or outside Production account Can be automated, costs only the storing App DR Data Cloud Trail Snap Shots DR Data Cloud Trail Snap Shots DBs RBAC DBs DB Front App App DR Backups
14 CloudTrail 14 What Market Why Place Where -Automatic logging tool of Cloud Infra - All Methods - All Services - All Regions - Central repository - Encrypted if needed - For Security & Compliancy - Datacenter access log -For Performance - Auto Scaling -For Auditing - Automate audit data collection - Everywhere! - Security Operations - Application optimization - Performance -Together with Cloud Watch - Automation
15 Cloudtrail example 15 { "Records": [{ "eventversion": "1.0", "useridentity": { "type": "IAMUser", "principalid": "EX_PRINCIPAL_ID", "arn": "arn:aws:iam:: :user/bob", "accountid": " ", "accesskeyid": "EXAMPLE_KEY_ID", "username": "Alice" }, "requestparameters": { "instancesset": { "items": [{ "instanceid": "i-ebeaf123" }] }, "force": false }, Who requested What was requested "eventtime": " T21:01:59Z", "eventsource": "ec2.amazonaws.com", "eventname": "StopInstances", "awsregion": "eu-west-1", "sourceipaddress": " ", "useragent": "ec2-api-tools ", The Response "responseelements": { "instancesset": { "items": [{ "instanceid": "i-ebeaf123", "currentstate": { "code": 64, "name": "starting" }, "previousstate": { "code": 16, "name": "stopped" } When and where requested
16 CloudWatch 16 What Why Where -Real time monitoring tool - AWS resources - Your Servers - Your Applications - Collect & monitor: - metrics - logs - Alarms / Control - Outside - Automation -For Security & Compliancy - Automatic log Analysis -For Performance management - Scaling -Enable monitoring of anything with log files -For Auditing - Proof of mitigations - Digest log Data - Everywhere! - Security Operations - Application optimization - Performance - You name it! - Install log agents! -Together with SNS and SQS - Automation
17 CloudWatch Example 17 Install CloudWatch Log Agent to push logs from your Web server Create filter patterns on source basis: OS logs vs. Application logs vs. Audit logs CloudWatch App OS Web Custom Metrics App DB Front App RBAC Log Streams
18 Virtual Private Cloud: VPC 18 What Market Why Place Where -Virtual Data Centers - Isolated multi-tiered networks - Isolated gateways - Collection of Security groups ~ FW - Collection of NACLs - Collections of Services -Architecture building block - Segregation tool - within application - within organization -Availability tool - multi zone architecture - multi region architecture - For Applications - For Testing -For Development -For Security & Management
19 Virtual Private Cloud: VPC 19 Production VPC Peering Security & Management RDS m APP WEB AD/DNS HBSS AD/DNS WSUS/Patch Management IAM CloudTrail Logs RDS s APP WEB SNMP - Log - NTP KMS Vulnerability Scanner CloudTrail Bastion 01 Bastion 02 End Users Internet
20 Key Management Service 20 What Market Why Place Where -Managed Two-tier encryption Service - Separate master key - unique data keys - Cost & AWS Integration -Compliancy needs like PCI -Stricter Internal requirements - Encrypt master images - Databases -Big Data -CloudTrail - Key rotation -Encrypt Data at Rest
21 Bringing tools together: Embedded Security 21 SSL & Encryption at rest Private Subnets Production Load Balancing with WAF (CF) Hardened images for each server type with RBAC security groups VPC Peering AD/DNS Security & Management AD/DNS Separate Management VPC IAM Fixed Content RDS m APP WEB HBSS WSUS/Patch Management CloudTrail Logs Logging CloudWatch RDS s APP WEB SNMP - Log - NTP Vulnerability Scanner KMS CloudTrail RDS snapshots ACLs and IAM policies for Static data access control Database Security groups NACLs associated with multiple subnets Web subnets with own route tables End Users Internet Bastion 01 VPN Bastion 02 Multi Factor Authentication RBAC
22 Cloud Security opportunities: Auditing
23 Auditing in the cloud: Cloud Level 23 IAM IAM SAML KMS CloudTrail Logs CloudTrail CloudTrail Lambda CloudWatch CloudWatch Application Alarms Application Alarms & Audit Alarms Audit Account Audit Targets
24 Auditing and tools in the cloud: Application Level IAM SAML IAM SAML CloudWatch Audit and security logs Inspector KMS Application logs CloudTrail CloudWatch Config Rules Lambda: Fight back Fight Back Actions WAF Security Groups SoC Account Application account
25 Cloud Security opportunities: Backups
26 Backups IAM SAML IAM SAML KMS Recovery test Lambdas Sender Lambdas (Restore requests) Instances Stacks Objects & Logs Databases Lambdas RPO & RTO in resource tags! Instance Snapshots Stacks Objects & Logs DB Snapshots Retrieve Lambdas Instance Snapshots Stacks Objects & Logs DB Snapshots Backup Account Application account
27 Cloud Security opportunities: How not to Patch
28 How not to patch APP Builders Stack Updater Hardened Base AMIs Ami Builder Application AMIs Approval Prod Dev Stage Stacks RDS m RDS s APP APP WEB WEB Logs Update Checker
29 How not to patch: Details AMIs 3000 lines CloudFormation 300 Lines Python for Builder 200 Lines Python for Checker
30 WE ARE NORDCLOUD #TheCloudRevolution
Detecting Credential Compromise in AWS
Detecting Credential Compromise in AWS William Bengtson Senior Security Engineer, Netflix Credential compromise is an important concern for anyone operating in the cloud. The concerns become more widespread
More informationAWS Well Architected Framework
AWS Well Architected Framework What We Will Cover The Well-Architected Framework Key Best Practices How to Get Started Resources Main Pillars Security Reliability Performance Efficiency Cost Optimization
More informationGetting Started with AWS Security
Getting Started with AWS Security Tomas Clemente Sanchez Senior Consultant Security, Risk and Compliance September 21st 2017 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Move
More informationArchitecting for Greater Security in AWS
Architecting for Greater Security in AWS Jonathan Desrocher Security Solutions Architect, Amazon Web Services. Guy Tzur Director of Ops, Totango. 2015, Amazon Web Services, Inc. or its affiliates. All
More informationBest Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ
Best Practices for Cloud Security at Scale Phil Rodrigues Security Solutions Architect Web Services, ANZ www.cloudsec.com #CLOUDSEC Best Practices for Security at Scale Best of the Best tips for Security
More informationAWS Security. Stephen E. Schmidt, Directeur de la Sécurité
AWS Security Stephen E. Schmidt, Directeur de la Sécurité 2014 Amazon.com, Inc. and its affiliates. All rights reserved. May not be copied, modified, or distributed in whole or in part without the express
More informationAmazon Web Services. Block 402, 4 th Floor, Saptagiri Towers, Above Pantaloons, Begumpet Main Road, Hyderabad Telangana India
(AWS) Overview: AWS is a cloud service from Amazon, which provides services in the form of building blocks, these building blocks can be used to create and deploy various types of application in the cloud.
More informationSecuring Microservices Containerized Security in AWS
Securing Microservices Containerized Security in AWS Mike Gillespie, Solutions Architect, Amazon Web Services Splitting Monoliths Ten Years Ago Splitting Monoliths Ten Years Ago XML & SOAP Splitting Monoliths
More informationEnroll Now to Take online Course Contact: Demo video By Chandra sir
Enroll Now to Take online Course www.vlrtraining.in/register-for-aws Contact:9059868766 9985269518 Demo video By Chandra sir www.youtube.com/watch?v=8pu1who2j_k Chandra sir Class 01 https://www.youtube.com/watch?v=fccgwstm-cc
More informationSecurity & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web
Security & Compliance in the AWS Cloud Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web Services @awscloud www.cloudsec.com #CLOUDSEC Security & Compliance in the AWS Cloud TECHNICAL & BUSINESS
More informationSecurity & Compliance in the AWS Cloud. Amazon Web Services
Security & Compliance in the AWS Cloud Amazon Web Services Our Culture Simple Security Controls Job Zero AWS Pace of Innovation AWS has been continually expanding its services to support virtually any
More informationTraining on Amazon AWS Cloud Computing. Course Content
Training on Amazon AWS Cloud Computing Course Content 15 Amazon Web Services (AWS) Cloud Computing 1) Introduction to cloud computing Introduction to Cloud Computing Why Cloud Computing? Benefits of Cloud
More informationAWS Solution Architect Associate
AWS Solution Architect Associate 1. Introduction to Amazon Web Services Overview Introduction to Cloud Computing History of Amazon Web Services Why we should Care about Amazon Web Services Overview of
More informationAmazon Web Services (AWS) Solutions Architect Intermediate Level Course Content
Amazon Web Services (AWS) Solutions Architect Intermediate Level Course Content Introduction to Cloud Computing A Short history Client Server Computing Concepts Challenges with Distributed Computing Introduction
More informationAmazon Web Services Training. Training Topics:
Amazon Web Services Training Training Topics: SECTION1: INTRODUCTION TO CLOUD COMPUTING A Short history Client Server Computing Concepts Challenges with Distributed Computing Introduction to Cloud Computing
More informationIntroduction to Cloud Computing
You will learn how to: Build and deploy cloud applications and develop an effective implementation strategy Leverage cloud vendors Amazon EC2 and Amazon S3 Exploit Software as a Service (SaaS) to optimize
More informationSimple Security for Startups. Mark Bate, AWS Solutions Architect
BERLIN Simple Security for Startups Mark Bate, AWS Solutions Architect Agenda Our Security Compliance Your Security Account Management (the keys to the kingdom) Service Isolation Visibility and Auditing
More informationAmazon Web Services (AWS) Training Course Content
Amazon Web Services (AWS) Training Course Content SECTION 1: CLOUD COMPUTING INTRODUCTION History of Cloud Computing Concept of Client Server Computing Distributed Computing and it s Challenges What is
More informationSecurity: Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration
Security: A Driving Force Behind Moving to the Cloud Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration 2017, Amazon Web Services, Inc. or its affiliates.
More informationCloud Computing /AWS Course Content
Cloud Computing /AWS Course Content 1. Amazon VPC What is Amazon VPC? How to Get Started with Amazon VPC Create New VPC Launch an instance (Server) to use this VPC Security in Your VPC Networking in Your
More informationWe are ready to serve Latest IT Trends, Are you ready to learn? New Batches Info
We are ready to serve Latest IT Trends, Are you ready to learn? New Batches Info START DATE : TIMINGS : DURATION : TYPE OF BATCH : FEE : FACULTY NAME : LAB TIMINGS : Storage & Database Services : Introduction
More informationSecurity Camp 2016 Cloud Security. August 18, 2016
Security Camp 2016 Cloud Security What I ll be discussing Cloud Security Topics Cloud overview The VPC and structures Cloud Access Methods Who owns your data? Cover your Cloud trail? Protection approaches
More informationActiveNET. #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD
ActiveNET #202, Manjeera Plaza, Opp: Aditya Park Inn, Ameerpetet HYD-500018 9848111288 activesurya@ @gmail.com wwww.activenetinformatics.com y Suryanaray yana By AWS Course Content 1. Introduction to Cloud
More informationCloud Security Strategy - Adapt to Changes with Security Automation -
SESSION ID: CMI-F03 Cloud Security Strategy - Adapt to Changes with Security Automation - Hayato Kiriyama Security Solutions Architect Amazon Web Services Japan K.K. @hkiriyam1 Agenda New Normal of Security
More informationLift and Shift, Don t Lift and Pray: Pragmatic Cloud Migration Strategies
SESSION ID: STR-T08 Lift and Shift, Don t Lift and Pray: Pragmatic Cloud Migration Strategies Rich Mogull Analyst/CEO Securosis VP of Product DisruptOps rmogull@securosis.com Reality Bites There is relentless
More informationManaging and Auditing Organizational Migration to the Cloud TELASA SECURITY
Managing and Auditing Organizational Migration to the Cloud 1 TELASA SECURITY About Me Brian Greidanus bgreidan@telasasecurity.com 18+ years of security and compliance experience delivering consulting
More informationIntroduction to cloud computing
Introduction to cloud computing History of cloud Different vendors of Cloud computing Importance of cloud computing Advantages and disadvantages of cloud computing Cloud deployment methods Private cloud
More informationTitle: Planning AWS Platform Security Assessment?
Title: Planning AWS Platform Security Assessment? Name: Rajib Das IOU: Cyber Security Practices TCS Emp ID: 231462 Introduction Now-a-days most of the customers are working in AWS platform or planning
More informationLog Analytics with Amazon Elasticsearch Service. Christoph Schmitter
Log Analytics with Amazon Elasticsearch Service Christoph Schmitter (csc@amazon.de) What we'll cover Understanding Elasticsearch capabilities Elasticsearch, the technology Aggregations; ad-hoc analysis
More informationAmazon WorkDocs. Administration Guide
Amazon WorkDocs Administration Guide Amazon WorkDocs: Administration Guide Copyright 2018 Amazon Web Services, Inc. and/or its affiliates. All rights reserved. Amazon's trademarks and trade dress may not
More informationNetwork Security & Access Control in AWS
Network Security & Access Control in AWS Ian Massingham, Technical Evangelist @IanMmmm 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Account Security Day One Governance Account
More informationPrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps
PrepAwayExam http://www.prepawayexam.com/ High-efficient Exam Materials are the best high pass-rate Exam Dumps Exam : SAA-C01 Title : AWS Certified Solutions Architect - Associate (Released February 2018)
More informationAWS Security Overview. Bill Shinn Principal Security Solutions Architect
AWS Security Overview Bill Shinn Principal Security Solutions Architect Accelerating Security with AWS AWS Overview / Risk Management / Compliance Overview Identity / Privilege Isolation Roles for EC2
More informationLaunching a Highly-regulated Startup in the Cloud
Launching a Highly-regulated Startup in the Cloud Poornaprajna Udupi (@poornaudupi) 1 Starting in the 86%by 2020 Cloud Cisco Global Cloud Index: Forecast and Methodology, 2015 2020 2 Building blocks, Cost,
More informationLook Who s Hiring! AWS Solution Architect AWS Cloud TAM
Look Who s Hiring! AWS Solution Architect https://www.amazon.jobs/en/jobs/362237 AWS Cloud TAM https://www.amazon.jobs/en/jobs/347275 AWS Principal Cloud Architect (Professional Services) http://www.reqcloud.com/jobs/701617/?k=wxb6e7km32j+es2yp0jy3ikrsexr
More informationOptiSol FinTech Platforms
OptiSol FinTech Platforms Payment Solutions Cloud enabled Web & Mobile Platform for Fund Transfer OPTISOL BUSINESS SOLUTIONS PRIVATE LIMITED #87/4, Arcot Road, Vadapalani, Chennai 600026, Tamil Nadu. India
More informationIntroduction to AWS GoldBase. A Solution to Automate Security, Compliance, and Governance in AWS
Introduction to AWS GoldBase A Solution to Automate Security, Compliance, and Governance in AWS September 2015 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved. Notices This document
More informationCompute - 36 PCPUs (72 vcpus) - Intel Xeon E5 2686 v4 (Broadwell) - 512GB RAM - 8 x 2TB NVMe local SSD - Dedicated Host vsphere Features - vsphere HA - vmotion - DRS - Elastic DRS Storage - ESXi boot-from-ebs
More informationMapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd
Berlin Mapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd AWS Compliance Display Cabinet Certificates: Programmes:
More informationSecurity on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Overview AWS Regions Availability Zones Shared Responsibility Security Features Best Practices
More informationAWS 101. Patrick Pierson, IonChannel
AWS 101 Patrick Pierson, IonChannel What is AWS? Amazon Web Services (AWS) is a secure cloud services platform, offering compute power, database storage, content delivery and other functionality to help
More informationHPE Digital Learner AWS Certified SysOps Administrator (Intermediate) Content Pack
Content Pack data sheet HPE Digital Learner AWS Certified SysOps Administrator (Intermediate) Content Pack HPE Content Pack number Content Pack length Content Pack category Learn more CP017 20 Hours Category
More informationCogniFit Technical Security Details
Security Details CogniFit Technical Security Details CogniFit 2018 Table of Contents 1. Security 1.1 Servers........................ 3 1.2 Databases............................3 1.3 Network configuration......................
More informationAWS Agility + Splunk Visibility = Cloud Success. Splunk App for AWS Demo. Laura Ripans, AWS Alliance Manager
AWS Agility + Splunk Visibility = Cloud Success Splunk App for AWS Demo Laura Ripans, AWS Alliance Manager Disruptive innovation and business transformation starts with data I HAVE BEEN GIVEN AN AWS ACCOUNT!!!
More informationHigh School Technology Services myhsts.org Certification Courses
AWS Associate certification training Last updated on June 2017 a- AWS Certified Solutions Architect (40 hours) Amazon Web Services (AWS) Certification is fast becoming the must have certificates for any
More informationCLOUD SECURITY CRASH COURSE
CLOUD SECURITY CRASH COURSE ADDRESSING REAL WORLD CONCERNS Joel Friedman, CTSO ABOUT ME Name: Joel Friedman Title: Chief Technology & Security Officer of Datapipe Certifications: CISSP, CISA, CISM, CRISC,
More informationAWS Administration. Suggested Pre-requisites Basic IT Knowledge
Course Description Amazon Web Services Administration (AWS Administration) course starts your Cloud Journey. If you are planning to learn Cloud Computing and Amazon Web Services in particular, then this
More informationOperational Logging & Compliance in AWS
Operational Logging & Compliance in AWS Neeraj Verma, Enterprise Solutions Architect 05/18/16 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security is foundational at AWS Architected
More informationARCHITECTING WEB APPLICATIONS FOR THE CLOUD: DESIGN PRINCIPLES AND PRACTICAL GUIDANCE FOR AWS
ARCHITECTING WEB APPLICATIONS FOR THE CLOUD: DESIGN PRINCIPLES AND PRACTICAL GUIDANCE FOR AWS Dr Adnene Guabtni, Senior Research Scientist, NICTA/Data61, CSIRO Adnene.Guabtni@csiro.au EC2 S3 ELB RDS AMI
More informationNGF0502 AWS Student Slides
NextGen Firewall AWS Use Cases Barracuda NextGen Firewall F Implementation Guide Architectures and Deployments Based on four use cases Edge Firewall Secure Remote Access Office to Cloud / Hybrid Cloud
More informationHackproof Your Cloud Responding to 2016 Threats
Hackproof Your Cloud Responding to 2016 Threats Aaron Klein, CloudCheckr Tuesday, June 30 th 2016 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Changing Your Perspective Moving
More informationUsing SQL Server on Amazon Web Services
Using SQL Server on Amazon Web Services High Availability and Reliability in the Cloud Michael Barras, Sr. Database Engineer August 26, 2017 2017, Amazon Web Services, Inc. or its Affiliates. All rights
More informationAWS Solutions Architect Exam Tips
AWS Solutions Architect Exam Tips This is not a brain dump! Questions and Answers are not given here, rather guidelines for further research, reviewing the Architecting on AWS courseware and AWS documentation.
More informationAWS Webinar. Navigating GDPR Compliance on AWS. Christian Hesse Amazon Web Services
AWS Webinar Navigating GDPR Compliance on AWS Christian Hesse Amazon Web Services What is the GDPR? What is the GDPR? The "GDPR" is the General Data Protection Regulation, a significant new EU Data Protection
More informationLINUX, WINDOWS(MCSE),
Virtualization Foundation Evolution of Virtualization Virtualization Basics Virtualization Types (Type1 & Type2) Virtualization Demo (VMware ESXi, Citrix Xenserver, Hyper-V, KVM) Cloud Computing Foundation
More informationCPM. Quick Start Guide V2.4.0
CPM Quick Start Guide V2.4.0 1 Content 1 Introduction... 3 Launching the instance... 3 CloudFormation... 3 CPM Server Instance Connectivity... 3 2 CPM Server Instance Configuration... 4 CPM Server Configuration...
More informationGetting started with AWS security
Getting started with AWS security Take a prescriptive approach Stella Lee Manager, Enterprise Business Development $ 2 0 B + R E V E N U E R U N R A T E (Annualized from Q4 2017) 4 5 % Y / Y G R O W T
More informationAWS Storage Gateway. Amazon S3. Amazon EFS. Amazon Glacier. Amazon EBS. Amazon EC2 Instance. storage. File Block Object. Hybrid integrated.
AWS Storage Amazon EFS Amazon EBS Amazon EC2 Instance storage Amazon S3 Amazon Glacier AWS Storage Gateway File Block Object Hybrid integrated storage Amazon S3 Amazon Glacier Amazon EBS Amazon EFS Durable
More informationAWS Solutions Architect Associate (SAA-C01) Sample Exam Questions
1) A company is storing an access key (access key ID and secret access key) in a text file on a custom AMI. The company uses the access key to access DynamoDB tables from instances created from the AMI.
More informationAWS Course Syllabus. Linux Fundamentals. Installation and Initialization:
AWS Course Syllabus Linux Fundamentals Installation and Initialization: Installation, Package Selection Anatomy of a Kickstart File, Command line Introduction to Bash Shell System Initialization, Starting
More informationSecurity Aspekts on Services for Serverless Architectures. Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance
Security Aspekts on Services for Serverless Architectures Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance Agenda: Security in General Services in Scope Aspects of Services for
More informationAWS Landing Zone. AWS User Guide. November 2018
AWS Landing Zone AWS User Guide November 2018 Copyright (c) 2018 by Amazon.com, Inc. or its affiliates. AWS Landing Zone User Guide is licensed under the terms of the Amazon Software License available
More informationAt Course Completion Prepares you as per certification requirements for AWS Developer Associate.
[AWS-DAW]: AWS Cloud Developer Associate Workshop Length Delivery Method : 4 days : Instructor-led (Classroom) At Course Completion Prepares you as per certification requirements for AWS Developer Associate.
More informationBuilding a Self-Defending Border. Shane Baldacchino, Solutions Architect, AWS Marcus Santos, Solutions Architect, AWS
Building a Self-Defending Border Shane Baldacchino, Solutions Architect, AWS Marcus Santos, Solutions Architect, AWS www.cloudsec.com #cloudsec Building A Defending Borders Protect Your Web-facing Workloads
More informationAmazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect. Amazon.com, Inc. and its affiliates. All rights reserved.
Amazon Web Services 101 April 17 th, 2014 Joel Williams Solutions Architect Amazon.com, Inc. and its affiliates. All rights reserved. Learning about Cloud Computing with AWS What is Cloud Computing and
More informationHow the Cloud is Enabling the Disruption of the Construction Industry. AWS Case Study Construction Industry. Abstract
Case Study Construction Industry How the Cloud is Enabling the Disruption of the Construction Industry Abstract A Minfy-architected cloud solution is helping iquippo, a digital marketplace for the construction
More informationTECHNICAL WORKBOOK. PCI Compliance in the AWS Cloud A NITIAN. Report Date: October 17, Jordan Wiseman, QSA
TECHNICAL WORKBOOK PCI Compliance in the AWS Cloud Report Date: October 17, 2016 Authors: Adam Gaydosh, QSA Jordan Wiseman, QSA A NITIAN COPYRIGHT Copyright 2016 by Anitian Corporation All rights reserved.
More informationAWS FREQUENTLY ASKED QUESTIONS (FAQ)
UCPATH @ AWS FREQUENTLY ASKED QUESTIONS (FAQ) ARCHITECTURE WHAT WILL CHANGE DURING THIS MOVE TO AWS? All environments use a standardized format using Cloud Formation Scripts. They are also all encapsulated
More informationAbout Intellipaat. About the Course. Why Take This Course?
About Intellipaat Intellipaat is a fast growing professional training provider that is offering training in over 150 most sought-after tools and technologies. We have a learner base of 600,000 in over
More informationUnderstanding Perimeter Security
Understanding Perimeter Security In Amazon Web Services Aaron C. Newman Founder, CloudCheckr Aaron.Newman@CloudCheckr.com Changing Your Perspective How do I securing my business applications in AWS? Moving
More informationAmazon. Exam Questions AWS-Certified-Solutions-Architect- Professional. AWS-Certified-Solutions-Architect-Professional.
Amazon Exam Questions AWS-Certified-Solutions-Architect- Professional AWS-Certified-Solutions-Architect-Professional Version:Demo 1.. The MySecureData company has five branches across the globe. They want
More informationSignalFx Platform: Security and Compliance MARZENA FULLER. Chief Security Officer
SignalFx Platform: Security and Compliance MARZENA FULLER Chief Security Officer SignalFx Platform: Security and Compliance INTRODUCTION COMPLIANCE PROGRAM GENERAL DATA PROTECTION DATA SECURITY Data types
More information25 Best Practice Tips for architecting Amazon VPC
25 Best Practice Tips for architecting Amazon VPC 25 Best Practice Tips for architecting Amazon VPC Amazon VPC is one of the most important feature introduced by AWS. We have been using AWS from 2008 and
More informationProtecting Your Data in AWS. 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Protecting Your Data in AWS 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Encrypting Data in AWS AWS Key Management Service, CloudHSM and other options What to expect from this
More informationStreamline AWS Security Incidents
IMF 2018 Streamline AWS Security Incidents Asif Matadar @d1r4c #whoami Director of Endpoint Detection & Response (EDR), EMEA at Tanium Seasoned Incident Response professional with over 7 years experience
More informationHow can you implement this through a script that a scheduling daemon runs daily on the application servers?
You ve been tasked with implementing an automated data backup solution for your application servers that run on Amazon EC2 with Amazon EBS volumes. You want to use a distributed data store for your backups
More informationAdditional Security Services on AWS
Additional Security Services on AWS Bertram Dorn Specialized Solutions Architect Security / Compliance / DataProtection AWS EMEA The Landscape The Paths Application Data Path Path Cloud Managed by Customer
More informationStandardized Architecture for PCI DSS on the AWS Cloud
AWS Enterprise Accelerator Compliance Standardized Architecture for PCI DSS on the AWS Cloud Quick Start Reference Deployment AWS Professional Services AWS Quick Start Reference Team May 2016 (last update:
More informationHackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm
whitepaper Hackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm When your company s infrastructure was built on the model of a traditional on-premise data center, security was pretty
More informationCrypto-Options on AWS. Bertram Dorn Specialized Solutions Architect Security/Compliance Network/Databases Amazon Web Services Germany GmbH
Crypto-Options on AWS Bertram Dorn Specialized Solutions Architect Security/Compliance Network/Databases Amazon Web Services Germany GmbH Amazon.com, Inc. and its affiliates. All rights reserved. Agenda
More informationMid-Atlantic CIO Forum
Mid-Atlantic CIO Forum Agenda Security of the Cloud Security In the Cloud Your Product and Services Roadmap (innovation) AWS and Cloud Services Growth and Expansion at AWS Questions & Discussion Shared
More informationVMware Cloud on AWS The Next Generation Hybrid Cloud Architecture
ware Cloud on AWS The Next Generation Hybrid Cloud Architecture David Lim Head Consulting and MSP Partners, AWS APAC Frank Fan Partner Solution Architect, AWS ANZ Disclaimer This presentation may contain
More informationCertificate of Registration
Certificate of Registration THIS IS TO CERTIFY THAT 2001 8th Ave, Seattle, WA 98121 USA operates AWS using IaaS model (Amazon CloudFront, Amazon Elastic Block Store (EBS), Amazon Elastic Compute Cloud
More informationAWS Solution Architect (AWS SA)
AWS Solution Architect (AWS SA) From Length: Approx 4-5 weeks/40+ hours Audience: Students with or without IT experience or knowledge Student Location To students from around the world Delivery Method:
More informationArchitecting Microsoft Azure Solutions (proposed exam 535)
Architecting Microsoft Azure Solutions (proposed exam 535) IMPORTANT: Significant changes are in progress for exam 534 and its content. As a result, we are retiring this exam on December 31, 2017, and
More informationMicrosoft Azure for AWS Experts
Microsoft Azure for AWS Experts OD40390B; On-Demand, Video-based Course Description This course provides an in-depth discussion and practical hands-on training of Microsoft Azure Infrastructure Services
More informationCloud Computing. Amazon Web Services (AWS)
Cloud Computing What is Cloud Computing? Benefit of cloud computing Overview of IAAS, PAAS, SAAS Types Of Cloud private, public & hybrid Amazon Web Services (AWS) Introduction to Cloud Computing. Introduction
More informationWhat s New at AWS? looking at just a few new things for Enterprise. Philipp Behre, Enterprise Solutions Architect, Amazon Web Services
What s New at AWS? looking at just a few new things for Enterprise Philipp Behre, Enterprise Solutions Architect, Amazon Web Services 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
More informationAWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS
AWS: Basic Architecture Session SUNEY SHARMA Solutions Architect: AWS suneys@amazon.com AWS Core Infrastructure and Services Traditional Infrastructure Amazon Web Services Security Security Firewalls ACLs
More informationPRAGMATIC SECURITY AUTOMATION FOR CLOUD
SESSION ID: CSV-R04 PRAGMATIC SECURITY AUTOMATION FOR CLOUD Rich Mogull Analyst/VP of Product Securosis/DisruptOPS rmogull@disruptops.com @rmogull Cloud is Fundamentally Different Abstraction Automation
More informationSAA-C01. AWS Solutions Architect Associate. Exam Summary Syllabus Questions
SAA-C01 AWS Solutions Architect Associate Exam Summary Syllabus Questions Table of Contents Introduction to SAA-C01 Exam on AWS Solutions Architect Associate... 2 AWS SAA-C01 Certification Details:...
More informationPass4test Certification IT garanti, The Easy Way!
Pass4test Certification IT garanti, The Easy Way! http://www.pass4test.fr Service de mise à jour gratuit pendant un an Exam : SOA-C01 Title : AWS Certified SysOps Administrator - Associate Vendor : Amazon
More informationGetting started with AWS security
Getting started with AWS security Take a prescriptive approach Stephen Quigg Principal Security Solutions Architect 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why is enterprise
More informationPCI in the Sky (or Running Secure Workloads in the Public Cloud) ISACA Controls & Compliance 2017 May 9, 2017
PCI in the Sky (or Running Secure Workloads in the Public Cloud) ISACA Controls & Compliance 2017 May 9, 2017 DREAM BUILD SOAR SECURITY CLOUD DEVELOPMENT WEB DESIGN COMPLIANCE COMMUNICATIONS 2 Our Mission
More informationCloud Security Best Practices
Cloud Security Best Practices Cohesive Networks - your applications secured Our family of security and connectivity solutions, VNS3, protects cloud-based applications from exploitation by hackers, criminal
More informationMicrosoft Best Practices on AWS
Microsoft Best Practices on AWS Julien Lépine, Solutions Architect, AWS EMEA September 22 nd, 2016 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why Customers Choose AWS for Windows
More informationOverview of AWS Security - Database Services
Overview of AWS Security - Database Services June 2016 (Please consult http://aws.amazon.com/security/ for the latest version of this paper) 2016, Amazon Web Services, Inc. or its affiliates. All rights
More informationThe Orion Papers. AWS Solutions Architect (Associate) Exam Course Manual. Enter
AWS Solutions Architect (Associate) Exam Course Manual Enter Linux Academy Keller, Texas United States of America March 31, 2017 To All Linux Academy Students: Welcome to Linux Academy's AWS Certified
More informationCloud Infrastructure Security Report. Prepared for Acme Corp
Cloud Infrastructure Security Report Prepared for Acme Corp From: Jul 24, 2016 at 09:08 PDT To: Jul 24, 2017 at 09:08 PDT Cloud Account(s): Dev Account, Staging Account, Production Account Table of Contents
More informationAre You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus
Are You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus 1 60 Second AWS Security Review 2 AWS Terminology Identity and Access Management (IAM) - AWS Security Service to manage
More information