Look Who s Hiring! AWS Solution Architect AWS Cloud TAM

Similar documents
SECURITY IN MICROSOFT AZURE. Marija Strazdas Sr. Solutions Engineer

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Security & Compliance in the AWS Cloud. Amazon Web Services

Security and Compliance Powered by the Cloud. Ben Friedman / Strategic Accounts Director /

Security: Michael South Americas Regional Leader, Public Sector Security & Compliance Business Acceleration

IAM Recommended Practices

Security & Compliance in the AWS Cloud. Vijay Rangarajan Senior Cloud Architect, ASEAN Amazon Web

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

Minfy MS Workloads Use Case

Total Security Management PCI DSS Compliance Guide

McAfee Skyhigh Security Cloud for Amazon Web Services

Getting Started with AWS Security

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

Simple Security for Startups. Mark Bate, AWS Solutions Architect

TRUE SECURITY-AS-A-SERVICE

Managing and Auditing Organizational Migration to the Cloud TELASA SECURITY

Security on AWS(overview) Bertram Dorn EMEA Specialized Solutions Architect Security and Compliance

Minfy MS Workloads Use Case

Cloud security 2.0: Joko nyt pilveen voi luottaa?

SIEMLESS THREAT DETECTION FOR AWS

ALIENVAULT USM FOR AWS SOLUTION GUIDE

SECURITY ON AWS 8/3/17. AWS Security Standards MORE. By Max Ellsberry

Mapping traditional security technologies to AWS Dave Walker Specialised Solutions Architect Security and Compliance Amazon Web Services UK Ltd

Adopting Modern Practices for Improved Cloud Security. Cox Automotive - Enterprise Risk & Security

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

SIEMLESS THREAT MANAGEMENT

MAKING THE CLOUD A SECURE EXTENSION OF YOUR DATACENTER

Security Camp 2016 Cloud Security. August 18, 2016

Hackproof Your Cloud Responding to 2016 Threats

Understanding Perimeter Security

Securing Microservices Containerized Security in AWS

Imperva Incapsula Website Security

ALERT LOGIC LOG MANAGER & LOG REVIEW

Unlocking the Power of the Cloud

A Security Admin's Survival Guide to the GDPR.

Carbon Black PCI Compliance Mapping Checklist

locuz.com SOC Services

EMERGING THREATS & STRATEGIES FOR DEFENSE. Paul Fletcher Cyber Security

SECURITY SERVICES SECURITY

Layer Security White Paper

Hackproof Your Cloud: Preventing 2017 Threats for a New Security Paradigm

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

AWS Security. Stephen E. Schmidt, Directeur de la Sécurité

Microsoft Networking Academy

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

The threat landscape is constantly

PCI DSS v3.2 Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD PCI DSS

Cloud Security Strategy - Adapt to Changes with Security Automation -

Magento Commerce Architecture and Security Model Last updated: Aug 2017

SIEM Solutions from McAfee

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

Title: Planning AWS Platform Security Assessment?

WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM

Building a More Secure Cloud Architecture

Securing Your Amazon Web Services Virtual Networks

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Additional Security Services on AWS

DEFINING SECURITY FOR TODAY S CLOUD ENVIRONMENTS. Security Without Compromise

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

The New Normal. Unique Challenges When Monitoring Hybrid Cloud Environments

Access Governance in a Cloudy Environment. Nabeel Nizar VP Worldwide Solutions

PCI DSS Compliance. White Paper Parallels Remote Application Server

Best Practices for Cloud Security at Scale. Phil Rodrigues Security Solutions Architect Amazon Web Services, ANZ

Mapping BeyondTrust Solutions to

AKAMAI CLOUD SECURITY SOLUTIONS

Getting started with AWS security

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

SECURITY-AS-A-SERVICE BUILT FOR AWS

25 Best Practice Tips for architecting Amazon VPC. 25 Best Practice Tips for architecting Amazon VPC. Harish Ganesan- CTO- 8KMiles

IBM Global Technology Services Provide around-the-clock expertise and protect against Internet threats.

PROTECT WORKLOADS IN THE HYBRID CLOUD

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Dynamic Datacenter Security Solidex, November 2009

Watson Developer Cloud Security Overview

Are You Sure Your AWS Cloud Is Secure? Alan Williamson Solution Architect at TriNimbus

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Architecting for Greater Security in AWS

Simple and Powerful Security for PCI DSS

Copyright 2011 Trend Micro Inc.

Daxko s PCI DSS Responsibilities

Enterprise & Cloud Security

Cloud Computing /AWS Course Content

Cybersecurity Roadmap: Global Healthcare Security Architecture

25 Best Practice Tips for architecting Amazon VPC

SYMANTEC DATA CENTER SECURITY

OptiSol FinTech Platforms

AWS Well Architected Framework

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

CogniFit Technical Security Details

Securing Your Cloud Introduction Presentation

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

LOGmanager and PCI Data Security Standard v3.2 compliance

Securing Privileged Access and the SWIFT Customer Security Controls Framework (CSCF)

AWS Solutions Architect Associate (SAA-C01) Sample Exam Questions

Pass4suresVCE. Pass4sures exam vce dumps for guaranteed success with high scores

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

SECURING AWS ACCESS WITH MODERN IDENTITY SOLUTIONS

the SWIFT Customer Security

EC-Council Certified Network Defender (CND) Duration: 5 Days Method: Instructor-Led

Transcription:

Look Who s Hiring! AWS Solution Architect https://www.amazon.jobs/en/jobs/362237 AWS Cloud TAM https://www.amazon.jobs/en/jobs/347275 AWS Principal Cloud Architect (Professional Services) http://www.reqcloud.com/jobs/701617/?k=wxb6e7km32j+es2yp0jy3ikrsexr VGaOWIhaklSw9idiTA8gCkJ2cKsaJL40SLqgBI/yqgZ6WtJiObPVOM6A6g==&utm _source=linkedin&utm_campaign=reqcloud_jobpost

AWS & Alert Logic Minoo Duraipandy, Solution Architect, AWS David Hillock, Territory Manager, Alert Logic

Grab beer and food Introduction to AWS Security AWS Shared Security Model AWS & Alert Logic Top 13 must-do security hardening measures Show & Tell sessions (hopefully it will work!) AWS Network Security (will we have time to get here?) Leave you with reference docs and videos

Job Zero Physical Security Network Security Platform Security People & Procedures

constantly improving GxP ISO 13485 AS9100 ISO/TS 16949 AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Availability Zones Regions Edge Locations AWS is responsible for the security OF the Cloud

SHARED

Customers shared responsibility Customer applications & content Platform, Applications, Identity & Access Management Operating System, Network, & Firewall Configuration Client-side Data Encryption AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Server-side Data Encryption Availability Zones Regions Network Traffic Protection Edge Locations Customers have their choice of security configurations IN the Cloud AWS is responsible for the security OF the Cloud

ALERT LOGIC MANAGED SECURITY AS A SERVICE David Hillock Territory Manager

Leading Provider of Security & Compliance for the Cloud Providing fully managed and monitored security and compliance for cloud, hybrid, and on-premises infrastructure, with the benefits of deep insight, continuous protection, and lower costs Deep Security Insight Continuous Protection Lower Total Costs Revenue: $91M+/year Growth rate: 42% Customers: 3,600+ Founded: 2002 Employees: 650+ Headquarters: Houston, Texas INDUSTRY RECOGNITION and CERTIFICATIONS

Over 3,500 Organizations Worldwide Trust Alert Logic

CYBER SECURITY LANDSCAPE

Security Risks are Escalating Rapidly AT A GLANCE: CYBERCRIME TODAY $1.3 185 $158 205 MILLION MAJOR MILLION DAYS AVERAGE YEARLY SECURITY INCIDENTS DIRECT LOSSES ON AVERAGE BEFORE COST OF BREACHES PER ORGANIZATION (1) COMPANIES DEAL WITH EACH YEAR (1) FROM BREACH FOR TARGET DETECTION OF COMPROMISE (2) Sources: 1) IDC Cybercrime The Credentials Connection. 2014. 2) mtrends Threat Report 2015.

Today s Attacks are Becoming More Complex The Impact Identify & Recon Initial Attack Command & Control Discover & Spread Extract & Exfiltrate Financial loss Harm brand and reputation Scrutiny from regulators Attacks are multi-stage using multiple threat vectors Takes organizations months to identify they have been compromised 205 days on average before detection of compromise 1 Over two-thirds of organizations find out from a 3 rd party they have been compromised 2 1 IDC Worldwide Security and Vulnerability Management 2014 2018 Forecast 2 M-Trends 2015: A View from the Front Lines

Security in the Cloud is a Shared Responsibility Apps Secure coding and best practices Software and virtual patching Configuration management Access management Application level attack monitoring Hosts Hardened hypervisor System image library Root access for customer Access management Patch management Configuration hardening Security monitoring Log analysis Customer Responsibility Cloud Service Provider Responsibility Networks Logical network segmentation Perimeter security services External DDoS, spoofing, and scanning prevented Network threat detection Security monitoring Foundation Services Compute Storage DB Network

ALERT LOGIC: SECURITY PARTNER

Closing the Gap for Cloud Security Alert Logic Cloud Defender Review and Escalation by our Security Analysts Analytics Engine to find potential threats Real-time Security Monitoring of Network, Log, and Web App Traffic Research into known and emerging, as well as AWS-specific, threats Audit and Compliance reporting Alert Logic Cloud Insight Vulnerabilities on the Instances AWS Best Practices AWS Config Visibility of the AWS Environment AWS CloudTrail

How Cloud Defender Works A L E R T L O G I C C L O U D D E F E N D E R Network incidents Vulnerability Scans Web application events OS/App log data Big Data Analytics Platform Threat Intelligence & Security Content 24 x 7 Monitoring & Escalation Identify Attacks & Protect Customers Customer IT Environment AWS Log data Alert Logic ActiveAnalytics Alert Logic ActiveIntelligence Alert Logic ActiveWatch Cloud, Hybrid On-Premises

ActiveAnalytics: Security Analytics Big Data Grid Optimized for Large Scale Storage & Processing Collects, stores, and parses all data collected Optimized for scale more than 1000 processing cores Supports multiple workloads on shared infrastructure Real-time Processing & Analytics Platform Automated incident creation with actionable intelligence Removes false positives 3-tiered analysis: Real-time Monitoring Pre-cursor Deep Forensics Multi-Tier Security Content Identifies Hard to Detect Incidents Correlation rules Anomaly detection Threat intelligence Reputation-based Signature-based Vulnerability context

ActiveIntelligence: Threat Intelligence & Content Data Sources Honey Pot Network Flow based Forensic Analysis Security Operations Center 24/7 INCIDENTS Malware Forensic Sandboxing Intelligence Harvesting Grid Alert Logic Threat Manager Data Security Content Alert Logic Log Manager Data Alert Logic Web Security Manager Data INPUTS Applied Analytics Customer Alert Logic ScanWatch Data Threat Intelligence Asset Model Data Customer Business Data Research

ActiveWatch: 24x7 Security Monitoring 24x7 Security and Availability Coverage Expert review, investigation, and analysis by certified security experts Incident response, escalation, and recommendations for resolution NOC monitors all security infrastructure for availability Ongoing tuning delivers protection and application availability Tuning in response to changing attacks and customer application changes Identification of new attack patterns and creation of new security content Expert Certification

Compliance without Complexity Alert Logic Solution Alert Logic Web Security Manager Alert Logic Log Manager Alert Logic Threat Manager PCI DSS SOX HIPAA & HITECH 6.5.d Have processes in place to protect applications from common vulnerabilities such as injection flaws, buffer overflows and others 6.6 Address new threats and vulnerabilities on an ongoing basis by installing a web application firewall in front of public-facing web applications. 10.2 Automated audit trails 10.3 Capture audit trails 10.5 Secure logs 10.6 Review logs at least daily 10.7 Maintain logs online for three months 10.7 Retain audit trail for at least one year 5.1.1 Monitor zero day attacks not covered by anti-virus 6.2 Identify newly discovered security vulnerabilities 11.2 Perform network vulnerability scans quarterly by an ASV or after any significant network change 11.4 Maintain IDS/IPS to monitor and alert personnel; keep engines up to date DS 5.10 Network Security AI 3.2 Infrastructure resource protection and availability DS 5.5 Security Testing, Surveillance and Monitoring DS5.9 Malicious Software Prevention, Detection and Correction DS 5.6 Security Incident Definition DS 5.10 Network Security 164.308(a)(1) Security Management Process 164.308(a)(6) Security Incident Procedures 164.308 (a)(1)(ii)(d) Information System Activity Review 164.308 (a)(6)(i) Login Monitoring 164.312 (b) Audit Controls 164.308 (a)(1)(ii)(a) Risk Analysis 164.308 (a)(1)(ii)(b) Risk Management 164.308 (a)(5)(ii)(b) Protection from Malicious Software 164.308 (a)(6)(iii) Response & Reporting Alert Logic Security Operations Center providing Monitoring, Protection, and Reporting

Basic user and permission management Credential management Delegation

Basic user and permission management 0. Create individual users. Benefits Unique credentials Individual credential rotation Individual permissions

Basic user and permission management 1. Grant least privilege. Benefits Less chance of people making mistakes Easier to relax than tighten up More granular control

Basic user and permission management 2. Manage permissions with groups. Benefits Easier to assign the same permissions to multiple users Simpler to reassign permissions based on change in responsibilities Only one change to update permissions for multiple users

Basic user and permission management 3. Restrict privileged access further with conditions. Benefits Additional granularity when defining permissions Can be enabled for any AWS service API Minimizes chances of accidentally performing privileged actions

Basic user and permission management 4. Enable AWS CloudTrail to get logs of API calls. Benefits Visibility into your user activity by recording AWS API calls to an Amazon S3 bucket

It s really easy to set it up! Turn AWS CloudTrail On Apply to all AWS Regions Price = $0.00002/event Or $2 for 100,000 events

That brings us to our 1 st Show & Tell Price = $0.00002/event Or $2 for 100,000 events

Credential management 4. Enable AWS CloudTrail to get logs of API calls. 5. Configure a strong password policy. Benefits Ensures your users and your data are protected

Credential management Benefits Normal best practice 4. Enable AWS CloudTrail to get logs of API calls. 6. Rotate security credentials regularly.

Credential management Benefits Supplements user name and password to require a one-time code during authentication 4. Enable AWS CloudTrail to get logs of API calls. 7. Enable MFA for privileged users & root user.

Delegation 4. Enable AWS CloudTrail to get logs of API calls. 7. Enable MFA for privileged users & root user. 8. Use IAM roles to share access. Benefits No need to share security credentials No need to store long-term credentials Use cases - Cross-account access - Intra-account delegation - Federation

IMPORTANT: Never share security credentials

More Show & Tell!

Delegation 4. Enable AWS CloudTrail to get logs of API calls. Benefits Easy to manage access keys on EC2 instances Automatic key rotation Assign least privilege to the application AWS SDKs fully integrated AWS CLI fully integrated 7. Enable MFA for privileged users & root user. 9. Use IAM roles for Amazon EC2 instances.

Delegation Benefits Reduce potential for misuse of credentials 4. Enable AWS CloudTrail to get logs of API calls. 7. Enable MFA for privileged users & root user. 10. Reduce or remove use of root.

Turning MFA on AWS Root Acct

Benefits Automates security controls Streamlines auditing 4. Enable AWS CloudTrail to get logs of API calls. 7. Enable MFA for privileged users. 11. Use Config & Config Rules

Enabling AWS Config

Setting up Config Rules

Setting up Config Rules

Benefits Automates security controls Streamlines auditing 4. Enable AWS CloudTrail to get logs of API calls. 7. Enable MFA for privileged users. 11. Use Config & Config Rules 12. Have EC2 SSH key diversity

13 0. Users 1. Permissions 2. Groups 3. Conditions 4. Auditing 5. Password 6. Rotate 7. MFA 8. Sharing 9. Roles 10. Root 11. Use Config & Config Rules 12. Have EC2 SSH key diversity

NETWORK

Availability Zone A Availability Zone B AWS Virtual Private Cloud Provision a logically isolated AWS network security AWS network will prevent spoofing and other common section of the AWS cloud You choose a private IP range for your VPC Segment this into subnets to deploy your compute instances layer 2 attacks You cannot sniff anything but your own EC2 host network interface Control all external routing and connectivity

Web App Web DB

Web App Allow Web Deny all traffic DB

Web Port 443 App Port 443 Web DB

PUBLIC PRIVATE Web PRIVATE App Web DB REPLICATE ON-PREM

Big Data Analytics Digital Websites AWS VPC Peering Enterprise Apps Common Services Route traffic between VPCs in private and peer specific subnets between each VPC Even between AWS accounts

resiliently and directly Digital Websites Dev and Test AWS Internet VPN Big Data Analytics Enterprise Apps YOUR AWS ENVIRONMENT AWS Direct Connect YOUR PREMISES

Physical Data Center AWS VPC VLANs/Subnets Subnets Routers Route Tables Stateful Firewalls Security Groups Stateless Firewalls or Network ACLs Network ACLs Network Interface Card Elastic Network Interface (ENI) Web Application Firewall AWS WAF or other products (like Alert Logic) Internet Connection Internet Gateway (IGW) NAT (probably on firewall) NAT Gateway Service or NAT Instance Inter Datacenter connectivity IPSec VPN, OpenVPN (for users), Direct Connect Private IP (RFC 1918) Private IP (RFC 1918) persistent for the life (EC2) Public/External IP Public IP (dynamic), Elastic IP (static) Network based IDS/IPS Host based IPS/IDS DHCP Server Managed DHCP Service (DHCP Options Set) DNS Server Managed or self-hosted DNS (DHCP Options Set) Intra-Network Isolation or Connectivity VPC Peering

http://media.amazonwebservices.com/aws_security_best_practices.pdf http://docs.aws.amazon.com/iam/latest/userguide/best-practices.html http://docs.aws.amazon.com/iam/latest/userguide/cloudtrailintegration.html http://docs.aws.amazon.com/iam/latest/userguide/id_credentials_delegatepermissions_examples.html

https://youtu.be/fch4r3s4thq https://youtu.be/5_bq6dgk6k8 https://youtu.be/ykmqjgldml4 https://youtu.be/3qln2u1vr2e https://youtu.be/_wigpbqgcju

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback