SlideShare uma empresa Scribd logo

Amazon Macie: Data Visibility Powered by Machine Learning for Security and Compliance Workloads - SID325 - re:Invent 2017

Amazon Web Services
Amazon Web Services

In this session, Edmunds discusses how they create workflows to manage their regulated workloads with Amazon Macie, a newly-released security and compliance management service that leverages machine learning to classify your sensitive data and business-critical information. Amazon Macie uses Recurrent Neural Networks (RNN) to identify and alert potential misuse of intellectual property. They do a deep dive into machine learning within the security ecosystem.

1 de 25
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT A m azo n Mac i e : Data Vi si b i l i ty Po we r e d b y Mac hi ne L e ar ni ng f o r Se c u r i ty and Co m p l i anc e W o r kl o ads A l e x a n d e r W a t s o n , G M o f A m a z o n M a c i e A j i t Z a d g a o n k a , E x e c D i r e c t o r E n g . & O p s a t E d m u n d s . c o m Z a h e r D a n n a w i , P r o d u c t M a n a g e r o f A m a z o n M a c i e N o v e m b e r 3 0 , 2 0 1 7 SID325
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AMAZON MACIE ML-POWERED VISIBILITY SERVICE IDENTIFIES SENSITIVE INFORMATION TO HELP AUTOMATE SECURITY AND COMPLIANCE
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Macie overview Understand your data Natural Language Processing (NLP) Understand data access Predictive User Behavior Analytics (UBA)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Goals for data-centric security • Categorize new or unknown threats based on known and theorized examples • High coverage (volume of true positives) • High accuracy (few false positives) • Adaptive
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Visibility is a core security pillar • Customers have multiple contributors and collaborators • Compliance regulations (GDPR, PCI…) • Security needs – anomaly detection • Auditing needs – identifying overly permissive content
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 3D visibility into your data 1. Object visibility – size, type, date … 2. Content visibility – personal data, credentials, IP… 3. Security and compliance visibility • Identification of overly permissive data • Unauthorized access to content • Remediation of concerns
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Macie Content Classification • PII and personal data • Source code • SSL certificates, private keys • iOS and Android app signing keys • Database backups • OAuth and Cloud SAAS API Keys
8 We love helping people find their perfect car
9 Edmunds—interesting numbers 20M monthly visitors 200M+ monthly page views Over 13K+ dealer partners Over 18K+ franchise Over 5M active inventory on website
10 Journey into clouds 2011 Zen 2012 2013 2014 2016 Citrix CloudStack AWS 100% AWS Site 100% AWS ECS Docker 2017 Ops Works
11 S3 growth = S3(1 + r)t • Very easy to store data • Replicate across regions • Apply lifecycle policies, archival • Share with people
12 • Data lake • Big data analytics with EMR • Application storage • Database backups • … • In a nutshell… any kind of data S3 is storage for the Internet
13 Easy ≠ accidents • Use the bucket permissions • IAM roles and policies • Apply lifecycle policies, archival • Keep keys secure • Do not share the bucket or make public unless really needed
14 Infrastructure security • VPC, security groups • MFA • Key rotation • Auditing
15 Challenges • What data do I have in the cloud? • Where is it located? • How is data being shared and stored? • How can I classify data in near-real time? • What PII/PHI is possibly exposed? • How do I build workflow remediation for my security and compliance needs?
16 How we use Macie at Edmunds • Up to the minute data scans, and auditing reports • Access and alerting to security events and to enforce best practices • Data classification – identification of sensitive content • Integration with dev-ops workflows
17 Data classification • To know what is in data—PII, credits cards, etc. • See which risk profile and data buckets relationship • Filter and search for specific data type risks • See the access pattern
18 Macie lets me do my job more effectively, on things which otherwise were not possible. It’s helping me take compliance and security to the next level.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. MACHINE LEARNING FOR COMPLIANCE FOR PII-TYPES LIKE NAMES, ADDRESSES, USER NAMES AND PASSWORDS, A REGEX-BASED APPROACH ISN’T POSSIBLE
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Macie user behavior analytics We use behavioral analytics to baseline normal behavior patterns Contextualize by value of data being accessed Goals: • Go to great lengths to avoid false positives • Features, features • Compare peers • Tell a narrative
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. • Not just bucket policies, object policies, too! • Quickly approve or remediate open bucket and object policies • Gain visibility on your account security posture • Prioritize by PII impact and DLP risk Discover and alert on global permissions to sensitive content
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Automated actions on alerts • Simplify with Lambda • Delete the object • Revoke access—bucket or object • Perimeter guard • Update IAM policies • Suspend user
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Macie—demo 1. Where does my sensitive data exist? 2. What’s sensitive about the data? 3. How and where is my data accessed? 4. Leveraging custom and prepackaged policies for compliance
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 0. Feature extraction from event data 1. Map into user time-series 2. Cluster peer groups 3. Predict user activity, update models 4.Identify anomalies 5. Attempt to explain statistically 7. Alert and narrative explanation created Normal accesses

Recomendados

How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...
How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...
How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...Amazon Web Services
 
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...Amazon Web Services
 
Amazon Macie Demo
Amazon Macie DemoAmazon Macie Demo
Amazon Macie DemoAmazon Web Services
 
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...Amazon Web Services
 
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...Amazon Web Services
 
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...From Obstacle to Advantage: The Changing Role of Security & Compliance in You...
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...Amazon Web Services
 
Using AWS CloudTrail to Enhance Governance and Compliance of Amazon S3 - DEV3...
Using AWS CloudTrail to Enhance Governance and Compliance of Amazon S3 - DEV3...Using AWS CloudTrail to Enhance Governance and Compliance of Amazon S3 - DEV3...
Using AWS CloudTrail to Enhance Governance and Compliance of Amazon S3 - DEV3...Amazon Web Services
 
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Amazon Web Services
 

Recomendados

How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...
How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...
How Dow Jones Identifies, Analyzes, and Remediates Security Issues with Hamme...Amazon Web Services
 
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...
How Zocdoc Achieved Security and Compliance at Scale With Infrastructure as C...Amazon Web Services
 
Amazon Macie Demo
Amazon Macie DemoAmazon Macie Demo
Amazon Macie DemoAmazon Web Services
 
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...
Security at Scale: How Autodesk Leverages Native AWS Technologies to Provide ...Amazon Web Services
 
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...
The 1%: Identity and Governance Patterns From the Most Advanced AWS Customers...Amazon Web Services
 
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...From Obstacle to Advantage: The Changing Role of Security & Compliance in You...
From Obstacle to Advantage: The Changing Role of Security & Compliance in You...Amazon Web Services
 
Using AWS CloudTrail to Enhance Governance and Compliance of Amazon S3 - DEV3...
Using AWS CloudTrail to Enhance Governance and Compliance of Amazon S3 - DEV3...Using AWS CloudTrail to Enhance Governance and Compliance of Amazon S3 - DEV3...
Using AWS CloudTrail to Enhance Governance and Compliance of Amazon S3 - DEV3...Amazon Web Services
 
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Foundations: Understanding the Critical Building Blocks of AWS Identity and G...
Foundations: Understanding the Critical Building Blocks of AWS Identity and G...Amazon Web Services
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSAmazon Web Services
 
HLC309_The American Heart Association and How to Build a Secure and Collabora...
HLC309_The American Heart Association and How to Build a Secure and Collabora...HLC309_The American Heart Association and How to Build a Secure and Collabora...
HLC309_The American Heart Association and How to Build a Secure and Collabora...Amazon Web Services
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017Amazon Web Services
 
SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...
SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...
SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...Amazon Web Services
 
Tape Replacement
Tape ReplacementTape Replacement
Tape ReplacementAmazon Web Services
 
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Amazon Web Services
 
Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017Amazon Web Services
 
Building an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSBuilding an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSAmazon Web Services
 
The Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityThe Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityAmazon Web Services
 
Amazon Macie Demo
Amazon Macie DemoAmazon Macie Demo
Amazon Macie DemoAmazon Web Services
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at RestAmazon Web Services
 
Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Amazon Web Services
 
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Amazon Web Services
 
2019 community day__chennai_aws_secrets_manager_v0.1.pptx
2019 community day__chennai_aws_secrets_manager_v0.1.pptx2019 community day__chennai_aws_secrets_manager_v0.1.pptx
2019 community day__chennai_aws_secrets_manager_v0.1.pptxVijayaNirmalaGopal
 
Stop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually MatterStop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually MatterAmazon Web Services
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWSAmazon Web Services
 
Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019
Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019 Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019
Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019 Amazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Amazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019 Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019 Amazon Web Services
 
Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...
Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...
Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...Amazon Web Services
 

Mais conteúdo relacionado

Mais procurados

Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSAmazon Web Services
 
HLC309_The American Heart Association and How to Build a Secure and Collabora...
HLC309_The American Heart Association and How to Build a Secure and Collabora...HLC309_The American Heart Association and How to Build a Secure and Collabora...
HLC309_The American Heart Association and How to Build a Secure and Collabora...Amazon Web Services
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017Amazon Web Services
 
SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...
SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...
SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...Amazon Web Services
 
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Amazon Web Services
 
Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017Amazon Web Services
 
Building an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSBuilding an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSAmazon Web Services
 
The Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityThe Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityAmazon Web Services
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at RestAmazon Web Services
 
Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Amazon Web Services
 
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Amazon Web Services
 
2019 community day__chennai_aws_secrets_manager_v0.1.pptx
2019 community day__chennai_aws_secrets_manager_v0.1.pptx2019 community day__chennai_aws_secrets_manager_v0.1.pptx
2019 community day__chennai_aws_secrets_manager_v0.1.pptxVijayaNirmalaGopal
 
Stop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually MatterStop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually MatterAmazon Web Services
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWSAmazon Web Services
 
Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019
Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019 Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019
Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019 Amazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Amazon Web Services
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityAmazon Web Services
 

Mais procurados (20)

Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWS
 
HLC309_The American Heart Association and How to Build a Secure and Collabora...
HLC309_The American Heart Association and How to Build a Secure and Collabora...HLC309_The American Heart Association and How to Build a Secure and Collabora...
HLC309_The American Heart Association and How to Build a Secure and Collabora...
 
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
How Chick-fil-A Embraces DevSecOps on AWS - SID306 - re:Invent 2017
 
SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...
SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...
SRV423 [new launch] Introducing Amazon Macie — Visibility and Security for yo...
 
Tape Replacement
Tape ReplacementTape Replacement
Tape Replacement
 
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
Cloud Adoption Framework: Security Perspective - CAF Data Protection in Trans...
 
Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017Incident Response in the Cloud - SID319 - re:Invent 2017
Incident Response in the Cloud - SID319 - re:Invent 2017
 
Building an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWSBuilding an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWS
 
The Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information SecurityThe Future of Securing Access Controls in Information Security
The Future of Securing Access Controls in Information Security
 
Amazon Macie Demo
Amazon Macie DemoAmazon Macie Demo
Amazon Macie Demo
 
Data Protection in Transit and at Rest
Data Protection in Transit and at RestData Protection in Transit and at Rest
Data Protection in Transit and at Rest
 
Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017Moving from the Shadows to the Throne - SID310 - re:Invent 2017
Moving from the Shadows to the Throne - SID310 - re:Invent 2017
 
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
Cloud Adoption Framework: Security Persepctive - Incident Response: Preparing...
 
2019 community day__chennai_aws_secrets_manager_v0.1.pptx
2019 community day__chennai_aws_secrets_manager_v0.1.pptx2019 community day__chennai_aws_secrets_manager_v0.1.pptx
2019 community day__chennai_aws_secrets_manager_v0.1.pptx
 
Stop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually MatterStop Wasting Your Time: Focus on Security Practices that Actually Matter
Stop Wasting Your Time: Focus on Security Practices that Actually Matter
 
How Redlock Automates Security on AWS
How Redlock Automates Security on AWSHow Redlock Automates Security on AWS
How Redlock Automates Security on AWS
 
Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019
Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019 Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019
Amazon FreeRTOS security best practices - FND212 - AWS re:Inforce 2019
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS Security
 
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
Introduction to the Security Perspectives of the Cloud Adoption Framework (CAF)
 
Identity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS SecurityIdentity and Access Management: The First Step in AWS Security
Identity and Access Management: The First Step in AWS Security
 

Semelhante a Amazon Macie: Data Visibility Powered by Machine Learning for Security and Compliance Workloads - SID325 - re:Invent 2017

Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019 Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019 Amazon Web Services
 
Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...
Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...
Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...Amazon Web Services
 
ABD310 big data aws and security no notes
ABD310 big data aws and security no notesABD310 big data aws and security no notes
ABD310 big data aws and security no notesAmazon Web Services
 
Data Privacy & Governance in the Age of Big Data: Deploy a De-Identified Data...
Data Privacy & Governance in the Age of Big Data: Deploy a De-Identified Data...Data Privacy & Governance in the Age of Big Data: Deploy a De-Identified Data...
Data Privacy & Governance in the Age of Big Data: Deploy a De-Identified Data...Amazon Web Services
 
Achieving Compliance and Selling to Regulated Markets on AWS
Achieving Compliance and Selling to Regulated Markets on AWSAchieving Compliance and Selling to Regulated Markets on AWS
Achieving Compliance and Selling to Regulated Markets on AWSAmazon Web Services
 
Data Driven Decisions: Building an Insight Driven Culture
Data Driven Decisions: Building an Insight Driven CultureData Driven Decisions: Building an Insight Driven Culture
Data Driven Decisions: Building an Insight Driven CultureAmazon Web Services
 
GPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data AnalyticsGPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data AnalyticsAmazon Web Services
 
Maximising Data Governance in the Cloud
Maximising Data Governance in the CloudMaximising Data Governance in the Cloud
Maximising Data Governance in the CloudAmazon Web Services
 
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWSAmazon Web Services
 
Threat Detection and Mitigation at Scale on AWS
Threat Detection and Mitigation at Scale on AWS Threat Detection and Mitigation at Scale on AWS
Threat Detection and Mitigation at Scale on AWS Amazon Web Services
 
GPSTEC311_Enhancing customer security using AIML on AWS
GPSTEC311_Enhancing customer security using AIML on AWSGPSTEC311_Enhancing customer security using AIML on AWS
GPSTEC311_Enhancing customer security using AIML on AWSAmazon Web Services
 
A Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionA Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionAmazon Web Services
 
Secure and Automate AWS Deployments with Next Generation Security
Secure and Automate AWS Deployments with Next Generation SecuritySecure and Automate AWS Deployments with Next Generation Security
Secure and Automate AWS Deployments with Next Generation SecurityAmazon Web Services
 
AI ﹑大數據媒體應用和利用機器學習與 AWS 媒體服務實現自動化內容生成
AI ﹑大數據媒體應用和利用機器學習與 AWS 媒體服務實現自動化內容生成AI ﹑大數據媒體應用和利用機器學習與 AWS 媒體服務實現自動化內容生成
AI ﹑大數據媒體應用和利用機器學習與 AWS 媒體服務實現自動化內容生成Amazon Web Services
 
Navigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in ChinaNavigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in ChinaAmazon Web Services
 
Privacy, ethics, and engineering in emerging technology - SEP204 - AWS re:Inf...
Privacy, ethics, and engineering in emerging technology - SEP204 - AWS re:Inf...Privacy, ethics, and engineering in emerging technology - SEP204 - AWS re:Inf...
Privacy, ethics, and engineering in emerging technology - SEP204 - AWS re:Inf...Amazon Web Services
 
ATC302_How to Leverage AWS Machine Learning Services to Analyze and Optimize ...
ATC302_How to Leverage AWS Machine Learning Services to Analyze and Optimize ...ATC302_How to Leverage AWS Machine Learning Services to Analyze and Optimize ...
ATC302_How to Leverage AWS Machine Learning Services to Analyze and Optimize ...Amazon Web Services
 
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?Amazon Web Services
 

Semelhante a Amazon Macie: Data Visibility Powered by Machine Learning for Security and Compliance Workloads - SID325 - re:Invent 2017 (20)

Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019 Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
Protect customer privacy with AWS - GRC351 - AWS re:Inforce 2019
 
Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...
Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...
Is Your SaaS Covered? Best Practices for Preventing Data Loss in Microsoft Of...
 
ABD310 big data aws and security no notes
ABD310 big data aws and security no notesABD310 big data aws and security no notes
ABD310 big data aws and security no notes
 
Data Privacy & Governance in the Age of Big Data: Deploy a De-Identified Data...
Data Privacy & Governance in the Age of Big Data: Deploy a De-Identified Data...Data Privacy & Governance in the Age of Big Data: Deploy a De-Identified Data...
Data Privacy & Governance in the Age of Big Data: Deploy a De-Identified Data...
 
Achieving Compliance and Selling to Regulated Markets on AWS
Achieving Compliance and Selling to Regulated Markets on AWSAchieving Compliance and Selling to Regulated Markets on AWS
Achieving Compliance and Selling to Regulated Markets on AWS
 
Data Driven Decisions: Building an Insight Driven Culture
Data Driven Decisions: Building an Insight Driven CultureData Driven Decisions: Building an Insight Driven Culture
Data Driven Decisions: Building an Insight Driven Culture
 
GPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data AnalyticsGPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data Analytics
 
Keynote
KeynoteKeynote
Keynote
 
GDPR and Automation Overview
GDPR and Automation OverviewGDPR and Automation Overview
GDPR and Automation Overview
 
Maximising Data Governance in the Cloud
Maximising Data Governance in the CloudMaximising Data Governance in the Cloud
Maximising Data Governance in the Cloud
 
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
How BrightEdge Achieves End-to-End Security Visibility with Splunk and AWS
 
Threat Detection and Mitigation at Scale on AWS
Threat Detection and Mitigation at Scale on AWS Threat Detection and Mitigation at Scale on AWS
Threat Detection and Mitigation at Scale on AWS
 
GPSTEC311_Enhancing customer security using AIML on AWS
GPSTEC311_Enhancing customer security using AIML on AWSGPSTEC311_Enhancing customer security using AIML on AWS
GPSTEC311_Enhancing customer security using AIML on AWS
 
A Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionA Case Study on Insider Threat Detection
A Case Study on Insider Threat Detection
 
Secure and Automate AWS Deployments with Next Generation Security
Secure and Automate AWS Deployments with Next Generation SecuritySecure and Automate AWS Deployments with Next Generation Security
Secure and Automate AWS Deployments with Next Generation Security
 
AI ﹑大數據媒體應用和利用機器學習與 AWS 媒體服務實現自動化內容生成
AI ﹑大數據媒體應用和利用機器學習與 AWS 媒體服務實現自動化內容生成AI ﹑大數據媒體應用和利用機器學習與 AWS 媒體服務實現自動化內容生成
AI ﹑大數據媒體應用和利用機器學習與 AWS 媒體服務實現自動化內容生成
 
Navigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in ChinaNavigating GDPR Compliance on AWS & Data Regulations in China
Navigating GDPR Compliance on AWS & Data Regulations in China
 
Privacy, ethics, and engineering in emerging technology - SEP204 - AWS re:Inf...
Privacy, ethics, and engineering in emerging technology - SEP204 - AWS re:Inf...Privacy, ethics, and engineering in emerging technology - SEP204 - AWS re:Inf...
Privacy, ethics, and engineering in emerging technology - SEP204 - AWS re:Inf...
 
ATC302_How to Leverage AWS Machine Learning Services to Analyze and Optimize ...
ATC302_How to Leverage AWS Machine Learning Services to Analyze and Optimize ...ATC302_How to Leverage AWS Machine Learning Services to Analyze and Optimize ...
ATC302_How to Leverage AWS Machine Learning Services to Analyze and Optimize ...
 
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
How Do I Plan for Security, Risk and Compliance when Migrating to AWS?
 

Mais de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mais de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Amazon Macie: Data Visibility Powered by Machine Learning for Security and Compliance Workloads - SID325 - re:Invent 2017

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT A m azo n Mac i e : Data Vi si b i l i ty Po we r e d b y Mac hi ne L e ar ni ng f o r Se c u r i ty and Co m p l i anc e W o r kl o ads A l e x a n d e r W a t s o n , G M o f A m a z o n M a c i e A j i t Z a d g a o n k a , E x e c D i r e c t o r E n g . & O p s a t E d m u n d s . c o m Z a h e r D a n n a w i , P r o d u c t M a n a g e r o f A m a z o n M a c i e N o v e m b e r 3 0 , 2 0 1 7 SID325
  • 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AMAZON MACIE ML-POWERED VISIBILITY SERVICE IDENTIFIES SENSITIVE INFORMATION TO HELP AUTOMATE SECURITY AND COMPLIANCE
  • 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Macie overview Understand your data Natural Language Processing (NLP) Understand data access Predictive User Behavior Analytics (UBA)
  • 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Goals for data-centric security • Categorize new or unknown threats based on known and theorized examples • High coverage (volume of true positives) • High accuracy (few false positives) • Adaptive
  • 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Visibility is a core security pillar • Customers have multiple contributors and collaborators • Compliance regulations (GDPR, PCI…) • Security needs – anomaly detection • Auditing needs – identifying overly permissive content
  • 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 3D visibility into your data 1. Object visibility – size, type, date … 2. Content visibility – personal data, credentials, IP… 3. Security and compliance visibility • Identification of overly permissive data • Unauthorized access to content • Remediation of concerns
  • 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Macie Content Classification • PII and personal data • Source code • SSL certificates, private keys • iOS and Android app signing keys • Database backups • OAuth and Cloud SAAS API Keys
  • 8. 8 We love helping people find their perfect car
  • 9. 9 Edmunds—interesting numbers 20M monthly visitors 200M+ monthly page views Over 13K+ dealer partners Over 18K+ franchise Over 5M active inventory on website
  • 10. 10 Journey into clouds 2011 Zen 2012 2013 2014 2016 Citrix CloudStack AWS 100% AWS Site 100% AWS ECS Docker 2017 Ops Works
  • 11. 11 S3 growth = S3(1 + r)t • Very easy to store data • Replicate across regions • Apply lifecycle policies, archival • Share with people
  • 12. 12 • Data lake • Big data analytics with EMR • Application storage • Database backups • … • In a nutshell… any kind of data S3 is storage for the Internet
  • 13. 13 Easy ≠ accidents • Use the bucket permissions • IAM roles and policies • Apply lifecycle policies, archival • Keep keys secure • Do not share the bucket or make public unless really needed
  • 14. 14 Infrastructure security • VPC, security groups • MFA • Key rotation • Auditing
  • 15. 15 Challenges • What data do I have in the cloud? • Where is it located? • How is data being shared and stored? • How can I classify data in near-real time? • What PII/PHI is possibly exposed? • How do I build workflow remediation for my security and compliance needs?
  • 16. 16 How we use Macie at Edmunds • Up to the minute data scans, and auditing reports • Access and alerting to security events and to enforce best practices • Data classification – identification of sensitive content • Integration with dev-ops workflows
  • 17. 17 Data classification • To know what is in data—PII, credits cards, etc. • See which risk profile and data buckets relationship • Filter and search for specific data type risks • See the access pattern
  • 18. 18 Macie lets me do my job more effectively, on things which otherwise were not possible. It’s helping me take compliance and security to the next level.
  • 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. MACHINE LEARNING FOR COMPLIANCE FOR PII-TYPES LIKE NAMES, ADDRESSES, USER NAMES AND PASSWORDS, A REGEX-BASED APPROACH ISN’T POSSIBLE
  • 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Macie user behavior analytics We use behavioral analytics to baseline normal behavior patterns Contextualize by value of data being accessed Goals: • Go to great lengths to avoid false positives • Features, features • Compare peers • Tell a narrative
  • 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. • Not just bucket policies, object policies, too! • Quickly approve or remediate open bucket and object policies • Gain visibility on your account security posture • Prioritize by PII impact and DLP risk Discover and alert on global permissions to sensitive content
  • 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Automated actions on alerts • Simplify with Lambda • Delete the object • Revoke access—bucket or object • Perimeter guard • Update IAM policies • Suspend user
  • 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Amazon Macie—demo 1. Where does my sensitive data exist? 2. What’s sensitive about the data? 3. How and where is my data accessed? 4. Leveraging custom and prepackaged policies for compliance
  • 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!
  • 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. 0. Feature extraction from event data 1. Map into user time-series 2. Cluster peer groups 3. Predict user activity, update models 4.Identify anomalies 5. Attempt to explain statistically 7. Alert and narrative explanation created Normal accesses