SlideShare uma empresa Scribd logo

Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Superhero

Amazon Web Services
Amazon Web Services

While security is a top concern in every organization these days, it often gets a bad rap. In many minds, security has the reputation of the bothersome villain who attempts to hinder performance or restrain agility. In this session we will outline three strategies to protect your valuable workloads, without falling into traditional security traps. We will walk through three stories of EC2 security superheroes who saved the day by overcoming compliance and design challenges, using a (not so) secret arsenal of AWS and Trend Micro security tools. Key takeaways from this session include how to: - Design a workload-centric security architecture - Improve visibility of AWS-only or hybrid environments - Stop patching live instances but still prevent exploits Speaker: Sasha Pavlovic, Director, Cloud & Datacentre Security, Asia Pacific, Trend Micro

Tecnologia
1 de 54
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Sasha Pavlovic | Director, Hybrid Cloud Security, APAC 3 Secrets to Becoming a Cloud Security Superhero
This is you…
Shapeshift Design a workload-centric security architecture Superpower #1
Cloud
Before Firewall IPS Load Balancer Web Tier App Tier DB Tier On-premises
S3 DynamoDB RDS … After Firewall IPS AWS Web Tier on EC2 App Tier on EC2 Elastic Load Balancer VPC & Security Groups Load Balancer DB Tier Web Tier App Tier IAM CloudTrail
Traditional Responsibility Model You Physical Infrastructure Network Virtualization Operating System Applications Data Service Configuration
Shared Responsibility Model AWS Physical Infrastructure Network Virtualization You Operating System Applications Data Service Configuration More at aws.amazon.com/security
Hybrid IT
Crypt-o
Crypt-o
EC2
24h 48h 72h Attack Source IP – CVE-2014-6271, 7169, 6277, 6278 Disclosure
24h 48h 72h Attack Source IP – CVE-2014-6271, 7169, 6277, 6278 Disclosure
24h 48h 72h Disclosure Attack Source IP – CVE-2014-6271, 7169, 6277, 6278
Don’t Replicate… Warning: Single Point of Failure Limited Throughput
Shapeshift Mission Accomplished: No Single Point of Failure UN-Limited Throughput
VPC & Security Groups S3 DynamoDB RDS … AWS Web Tier on EC2 App Tier on EC2 Elastic Load Balancer IAM CloudTrail
Shapeshift for Amazon Web Services • Security inside each workload • Protect instance-to-instance traffic • Make it context sensitive (fast and low false-positive) • No bottleneck • No single point of failure = CLOUD FRIENDLY IPS
Invisibility Automate and blend in, don’t bolt on Superpower #2
Creating an audit trail, before Servers Storage Area Network On-premises Firewall IPS Central logging Change Records Report
Payment Client Data On-premises AWS Amazon CloudTrail EC2 instances Central management Amazon S3 Amazon CloudFrontAmazon RDS Creating an audit trail, after Report
Audit-o CloudTrail & AWS Config Security Tools
Make Security Invisible for Amazon Web Services • Build it in, not bolt on • Fully automate security • Automate record keeping for auditors = SECURITY DESIGNED FOR AWS
X-Ray Vision Improve visibility of AWS and hybrid environments Superpower #3
Integrity Monitoring
Use X-ray vision on Amazon Web Services • Use Integrity Monitoring and Log monitoring to see inside instances • Detect suspicious changes that are indicators of compromise and unintended changes = Total visibility
AWS is continuously independently audited GxP ISO 13485 AS9100 ISO/TS 16949 AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations AWS is responsible for the security OF the Cloud
AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network, & Firewall Configuration Customer applications & content Customers have their choice of security configurations IN the Cloud AWS is responsible for the security OF the Cloud Security is shared between AWS and customersCustomers Partner solutions – including Trend Micro
SANS/CIS TOP 20 CRITICAL SECURITY CONTROLS 1. Inventory of Authorized & Unauthorized Devices 11. Secure Configurations for Network Devices 2. Inventory of Authorized & Unauthorized Software 12. Boundary Defense 3. Secure Configurations for Hardware & Software on Mobile Devices, Laptops, Workstations, & Servers 13. Data Protection 4. Continuous Vulnerability Assessment & Remediation 14. Controlled Access Base on the Need to Know 5. Controlled Use of Administrative Privileges 15. Wireless Access Control 6. Maintenance, Monitoring, & Analysis of Audit Logs 16. Account Monitoring & Control 7. Email and Web Browser Protections 17. Security Skills Assessment & Appropriate Training to Fill Gaps 8. Malware Defenses 18. Application Software Security 9. Limitation and Control of Network Ports, Protocols, and Services 19. Incident Response Management 10. Data Recovery Capability 20. Penetration Tests & Red Team Exercises
Your new superpowers… Shapeshifting X-ray VisionInvisibility
Inspired by real-life Security Superheros
Gartner Best Practices Best Practices for Securing Workloads in Amazon Web Services http://bit.ly/1pxaFTL
Now to Introduce a Real World Superhero! Chris Harwood Healthdirect Australia
A little bit about Healthdirect No matter where people live, or what time of the day or night it is, they can talk to a professional, find trusted advice online about how to manage their issue, and locate the closest appropriate and open service that meets their needs. mindhealthconnect after hours GP helpline My Aged Care Carer Gateway healthdirect Pregnancy, Birth and Baby National Health Services Directory
Healthdirect Australia Timeline mindhealthconnect (mental health website) 2012 after hours GP helpline 2011 Pregnancy, Birth and Baby service 2010healthdirect 24/7 nurse triage helpline 2008 Established as the National Health Call Centre Network 2006/ 2007 Carer Gateway 2015 My Aged Care Gateway 2013/ 2014 National Health Services Directory 2012
Risks of Healthdirect’s Traditional Environment Risk Description Rating Insufficient capacity Scalability is limited by physical hardware High Limited environments Sufficient environments too expensive High Ageing servers Existing servers will need replacement within two years Moderate Lack of agility New work is continually changing what is required of our infrastructure Moderate Difficult to manage No consistency of management and service quality in the previously fragmented solution Moderate Inability to respond timeously Procurement lead times too long and inability to try new things Extreme Cost inefficiency Over investment is required in order to manage peak loads Moderate
Drivers for Amazon Web Services Improved security The world is software Easily Scale Up and Down Improve Agility & Time to Market Pay only for what you use Ability to optimise Performance Increased Availability Reduced skills requirements
Security is critical for Healthdirect Australia Together Government and Healthcare made up over 40% of all data breaches in 2015 Trend Micro Follow The Data Report
Security Challenges • Information Security Manual Compliance • HIDS/HIPS mandatory • Patching controls • Small security staff complement for large diverse platform • Privacy Act and sensitive data protection • Perimeter is NOT good enough any more
Security Challenges • Understanding the shared responsibility model • Moving security staff from gatekeepers to participants • Effective management of log and monitoring data
Trend Micro Deep Security to the Rescue • DISA certified • Host based firewalling and intrusion prevention • Antivirus and anti-malware • File integrity monitoring • Log inspection
Trend Micro Deep Security to the Rescue (cont…) • Server and desktop/laptop protection • Single management ‘pane of glass’ • Trusted SSL certificate issuing
Why Deep Security Works for Us • Healthdirect ISM accredited on AWS in 2015 • Virtual patching provides a compensating control • Agent based fits with continuous delivery practices and secures AMIs above the hypervisor
Why Deep Security Works for Us (cont…) • Usage based licensing fits with AWS autoscaling and instance scheduling • Minimised security impact on each node • Great support and easy to configure
For an opportunity to: • Learn more about Trend Micro; • Q&A with the experts, and; • Get started with a Deep Security trial Come and speak to us at the Trend Micro booth. Booth# P1
trendmicro.com/aws

Recomendados

Hybrid IT Approach and Technologies with the AWS Cloud
Hybrid IT Approach and Technologies with the AWS CloudHybrid IT Approach and Technologies with the AWS Cloud
Hybrid IT Approach and Technologies with the AWS CloudAmazon Web Services
 
Next-Generation Security Operations with AWS
Next-Generation Security Operations with AWSNext-Generation Security Operations with AWS
Next-Generation Security Operations with AWSAmazon Web Services
 
Next-Generation Security Operations with AWS | AWS Public Sector Summit 2016
Next-Generation Security Operations with AWS | AWS Public Sector Summit 2016Next-Generation Security Operations with AWS | AWS Public Sector Summit 2016
Next-Generation Security Operations with AWS | AWS Public Sector Summit 2016Amazon Web Services
 
NEW LAUNCH! AWS Shield—A Managed DDoS Protection Service
NEW LAUNCH! AWS Shield—A Managed DDoS Protection ServiceNEW LAUNCH! AWS Shield—A Managed DDoS Protection Service
NEW LAUNCH! AWS Shield—A Managed DDoS Protection ServiceAmazon Web Services
 
Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...
Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...
Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...Amazon Web Services
 
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...Amazon Web Services
 
Introducing “Well-Architected” For Developers - Technical 101
Introducing “Well-Architected” For Developers - Technical 101Introducing “Well-Architected” For Developers - Technical 101
Introducing “Well-Architected” For Developers - Technical 101Amazon Web Services
 
AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial ServicesAmazon Web Services
 

Recomendados

Hybrid IT Approach and Technologies with the AWS Cloud
Hybrid IT Approach and Technologies with the AWS CloudHybrid IT Approach and Technologies with the AWS Cloud
Hybrid IT Approach and Technologies with the AWS CloudAmazon Web Services
 
Next-Generation Security Operations with AWS
Next-Generation Security Operations with AWSNext-Generation Security Operations with AWS
Next-Generation Security Operations with AWSAmazon Web Services
 
Next-Generation Security Operations with AWS | AWS Public Sector Summit 2016
Next-Generation Security Operations with AWS | AWS Public Sector Summit 2016Next-Generation Security Operations with AWS | AWS Public Sector Summit 2016
Next-Generation Security Operations with AWS | AWS Public Sector Summit 2016Amazon Web Services
 
NEW LAUNCH! AWS Shield—A Managed DDoS Protection Service
NEW LAUNCH! AWS Shield—A Managed DDoS Protection ServiceNEW LAUNCH! AWS Shield—A Managed DDoS Protection Service
NEW LAUNCH! AWS Shield—A Managed DDoS Protection ServiceAmazon Web Services
 
Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...
Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...
Hybrid IT Approach and Technologies with the AWS Cloud | AWS Public Sector Su...Amazon Web Services
 
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...
Hack-Proof Your Cloud: Responding to 2016 Threats | AWS Public Sector Summit ...Amazon Web Services
 
Introducing “Well-Architected” For Developers - Technical 101
Introducing “Well-Architected” For Developers - Technical 101Introducing “Well-Architected” For Developers - Technical 101
Introducing “Well-Architected” For Developers - Technical 101Amazon Web Services
 
AWS Security for Financial Services
AWS Security for Financial ServicesAWS Security for Financial Services
AWS Security for Financial ServicesAmazon Web Services
 
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Amazon Web Services
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
 
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...Amazon Web Services
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWSCloudHesive
 
Dev ops on aws deep dive on continuous delivery - Toronto
Dev ops on aws deep dive on continuous delivery - TorontoDev ops on aws deep dive on continuous delivery - Toronto
Dev ops on aws deep dive on continuous delivery - TorontoAmazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Amazon Web Services
 
Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Amazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)Amazon Web Services
 
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Amazon Web Services
 
(GEN117) AWS Compliance Summit
(GEN117) AWS Compliance Summit(GEN117) AWS Compliance Summit
(GEN117) AWS Compliance SummitAmazon Web Services
 
Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Amazon Web Services
 
Breaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoBreaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoAmazon Web Services
 
IAM Recommended Practices
IAM Recommended PracticesIAM Recommended Practices
IAM Recommended PracticesAmazon Web Services
 
protecting your data in aws
protecting your data in aws protecting your data in aws
protecting your data in aws Amazon Web Services
 
Shared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account StructuresShared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account StructuresAmazon Web Services
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
Optimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSOptimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSAmazon Web Services
 
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupSecurity on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupCloudHesive
 
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access ManagementAWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access ManagementAmazon Web Services
 
AWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWSAWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWSAmazon Web Services
 
Grow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS CloudGrow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS CloudAmazon Web Services
 

Mais conteúdo relacionado

Mais procurados

Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Amazon Web Services
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
 
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...Amazon Web Services
 
Dev ops on aws deep dive on continuous delivery - Toronto
Dev ops on aws deep dive on continuous delivery - TorontoDev ops on aws deep dive on continuous delivery - Toronto
Dev ops on aws deep dive on continuous delivery - TorontoAmazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Amazon Web Services
 
Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Amazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the CloudAmazon Web Services
 
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)Amazon Web Services
 
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Amazon Web Services
 
Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Amazon Web Services
 
Breaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoBreaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoAmazon Web Services
 
Shared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account StructuresShared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account StructuresAmazon Web Services
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAmazon Web Services
 
Optimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSOptimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSAmazon Web Services
 
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupSecurity on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupCloudHesive
 
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access ManagementAWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access ManagementAmazon Web Services
 

Mais procurados (20)

Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
 
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
AWS re:Invent 2016: [JK REPEAT] The Enterprise Fast Lane - What Your Competit...
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWS
 
Dev ops on aws deep dive on continuous delivery - Toronto
Dev ops on aws deep dive on continuous delivery - TorontoDev ops on aws deep dive on continuous delivery - Toronto
Dev ops on aws deep dive on continuous delivery - Toronto
 
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
Getting Started with AWS Lambda and the Serverless Cloud by Jim Tran, Princip...
 
Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016Getting Started with Managed Services | AWS Public Sector Summit 2016
Getting Started with Managed Services | AWS Public Sector Summit 2016
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
 
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
 
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
 
(GEN117) AWS Compliance Summit
(GEN117) AWS Compliance Summit(GEN117) AWS Compliance Summit
(GEN117) AWS Compliance Summit
 
Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201Creating your Hybrid Cloud with AWS -Technical 201
Creating your Hybrid Cloud with AWS -Technical 201
 
Breaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - TorontoBreaking down the economics and tco of migrating to aws - Toronto
Breaking down the economics and tco of migrating to aws - Toronto
 
IAM Recommended Practices
IAM Recommended PracticesIAM Recommended Practices
IAM Recommended Practices
 
protecting your data in aws
protecting your data in aws protecting your data in aws
protecting your data in aws
 
Shared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account StructuresShared Responsibility and Setting Up Secure Account Structures
Shared Responsibility and Setting Up Secure Account Structures
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in Practice
 
Optimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWSOptimize Developer Agility & App Delivery on AWS
Optimize Developer Agility & App Delivery on AWS
 
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition MeetupSecurity on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition Meetup
 
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access ManagementAWSome Day 2016 - Module 3: Security, Identity, and Access Management
AWSome Day 2016 - Module 3: Security, Identity, and Access Management
 

Destaque

AWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWSAWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWSAmazon Web Services
 
Grow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS CloudGrow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS CloudAmazon Web Services
 
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and RecoveryAmazon Web Services
 
AWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAmazon Web Services
 
Sony DAD NMS & Our Migration to the AWS Cloud
Sony DAD NMS & Our Migration to the AWS CloudSony DAD NMS & Our Migration to the AWS Cloud
Sony DAD NMS & Our Migration to the AWS CloudAmazon Web Services
 
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and RecoveryGetting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and RecoveryAmazon Web Services
 
AWS Summit Auckland- Developing Applications for IoT
AWS Summit Auckland- Developing Applications for IoTAWS Summit Auckland- Developing Applications for IoT
AWS Summit Auckland- Developing Applications for IoTAmazon Web Services
 
Getting started with amazon aurora - Toronto
Getting started with amazon aurora - TorontoGetting started with amazon aurora - Toronto
Getting started with amazon aurora - TorontoAmazon Web Services
 
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity Options
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity Options Creating Your Virtual Data Center: VPC Fundamentals and Connectivity Options
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity OptionsAmazon Web Services
 
Expanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureExpanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureAmazon Web Services
 
Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS
Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS
Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS Amazon Web Services
 
Hack-Proof Your Cloud: Responding to 2016 Threats
Hack-Proof Your Cloud: Responding to 2016 ThreatsHack-Proof Your Cloud: Responding to 2016 Threats
Hack-Proof Your Cloud: Responding to 2016 ThreatsAmazon Web Services
 
Next-Generation Firewall Services VPC Integration
Next-Generation Firewall Services VPC IntegrationNext-Generation Firewall Services VPC Integration
Next-Generation Firewall Services VPC IntegrationAmazon Web Services
 
Another Day, Another Billion Packets
Another Day, Another Billion PacketsAnother Day, Another Billion Packets
Another Day, Another Billion PacketsAmazon Web Services
 
Time to Science/Time to Results: Transforming Research in the Cloud
Time to Science/Time to Results: Transforming Research in the CloudTime to Science/Time to Results: Transforming Research in the Cloud
Time to Science/Time to Results: Transforming Research in the CloudAmazon Web Services
 
AWS Webcast - Explore the AWS Cloud
AWS Webcast - Explore the AWS CloudAWS Webcast - Explore the AWS Cloud
AWS Webcast - Explore the AWS CloudAmazon Web Services
 
AWS Customers Saving Lives with Mobile Technology | AWS Public Sector Summit ...
AWS Customers Saving Lives with Mobile Technology | AWS Public Sector Summit ...AWS Customers Saving Lives with Mobile Technology | AWS Public Sector Summit ...
AWS Customers Saving Lives with Mobile Technology | AWS Public Sector Summit ...Amazon Web Services
 
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAmazon Web Services
 

Destaque (20)

AWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWSAWS Summit Auckland - Building a Server-less Data Lake on AWS
AWS Summit Auckland - Building a Server-less Data Lake on AWS
 
Grow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS CloudGrow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS Cloud
 
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
 
AWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - VocusAWS Summit Auckland Sponsor Presentation - Vocus
AWS Summit Auckland Sponsor Presentation - Vocus
 
Sony DAD NMS & Our Migration to the AWS Cloud
Sony DAD NMS & Our Migration to the AWS CloudSony DAD NMS & Our Migration to the AWS Cloud
Sony DAD NMS & Our Migration to the AWS Cloud
 
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and RecoveryGetting Started with the Hybrid Cloud: Enterprise Backup and Recovery
Getting Started with the Hybrid Cloud: Enterprise Backup and Recovery
 
Deep Dive on Amazon S3
Deep Dive on Amazon S3Deep Dive on Amazon S3
Deep Dive on Amazon S3
 
AWS Summit Auckland- Developing Applications for IoT
AWS Summit Auckland- Developing Applications for IoTAWS Summit Auckland- Developing Applications for IoT
AWS Summit Auckland- Developing Applications for IoT
 
Getting started with amazon aurora - Toronto
Getting started with amazon aurora - TorontoGetting started with amazon aurora - Toronto
Getting started with amazon aurora - Toronto
 
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity Options
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity Options Creating Your Virtual Data Center: VPC Fundamentals and Connectivity Options
Creating Your Virtual Data Center: VPC Fundamentals and Connectivity Options
 
Expanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud InfrastructureExpanding Your Data Center with Hybrid Cloud Infrastructure
Expanding Your Data Center with Hybrid Cloud Infrastructure
 
Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS
Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS
Deep Dive: Developing, Deploying & Operating Mobile Apps with AWS
 
Hack-Proof Your Cloud: Responding to 2016 Threats
Hack-Proof Your Cloud: Responding to 2016 ThreatsHack-Proof Your Cloud: Responding to 2016 Threats
Hack-Proof Your Cloud: Responding to 2016 Threats
 
S'étendre à l'international
S'étendre à l'internationalS'étendre à l'international
S'étendre à l'international
 
Next-Generation Firewall Services VPC Integration
Next-Generation Firewall Services VPC IntegrationNext-Generation Firewall Services VPC Integration
Next-Generation Firewall Services VPC Integration
 
Another Day, Another Billion Packets
Another Day, Another Billion PacketsAnother Day, Another Billion Packets
Another Day, Another Billion Packets
 
Time to Science/Time to Results: Transforming Research in the Cloud
Time to Science/Time to Results: Transforming Research in the CloudTime to Science/Time to Results: Transforming Research in the Cloud
Time to Science/Time to Results: Transforming Research in the Cloud
 
AWS Webcast - Explore the AWS Cloud
AWS Webcast - Explore the AWS CloudAWS Webcast - Explore the AWS Cloud
AWS Webcast - Explore the AWS Cloud
 
AWS Customers Saving Lives with Mobile Technology | AWS Public Sector Summit ...
AWS Customers Saving Lives with Mobile Technology | AWS Public Sector Summit ...AWS Customers Saving Lives with Mobile Technology | AWS Public Sector Summit ...
AWS Customers Saving Lives with Mobile Technology | AWS Public Sector Summit ...
 
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
 

Semelhante a Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Superhero

3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...Amazon Web Services
 
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...Amazon Web Services
 
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CloudIDSummit
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud securityRaj Sarode
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 
AWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAmazon Web Services
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero Amazon Web Services
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security OperationsAmazon Web Services
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security OperationsEvident.io
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observabilityitnewsafrica
 
00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3Eoin Keary
 
Information Security
Information SecurityInformation Security
Information SecurityMohit8780
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitecturePriyanka Aash
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxsarah david
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Crew
 
Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorAmazon Web Services
 
Maturing Your Organization from DevOps to DevSecOps
Maturing Your Organization from DevOps to DevSecOpsMaturing Your Organization from DevOps to DevSecOps
Maturing Your Organization from DevOps to DevSecOpsAmazon Web Services
 
Maturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOpsMaturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOpsAmazon Web Services
 

Semelhante a Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Superhero (20)

3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...
3 Secrets to Becoming a Cloud Security Superhero - Session Sponsored by Trend...
 
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
McAfee Skyhigh: Elevating Your AWS Security Posture (SEC307-S) - AWS re:Inven...
 
Practical Security for the Cloud
Practical Security for the CloudPractical Security for the Cloud
Practical Security for the Cloud
 
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
CIS 2015 Identity and Data Security : Breaking the Boundaries - Nathanael Cof...
 
Chap 6 cloud security
Chap 6 cloud securityChap 6 cloud security
Chap 6 cloud security
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
 
AWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App SecurityAWS Webcast - Top 3 Ways to Improve Web App Security
AWS Webcast - Top 3 Ways to Improve Web App Security
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security ObservabilityGlenn Lazarus- Why Your Observability Strategy Needs Security Observability
Glenn Lazarus- Why Your Observability Strategy Needs Security Observability
 
00. introduction to app sec v3
00. introduction to app sec v300. introduction to app sec v3
00. introduction to app sec v3
 
Rik Ferguson
Rik FergusonRik Ferguson
Rik Ferguson
 
Information Security
Information SecurityInformation Security
Information Security
 
Take It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security ArchitectureTake It to the Cloud: The Evolution of Security Architecture
Take It to the Cloud: The Evolution of Security Architecture
 
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptxthe_role_of_resilience_data_in_ensuring_cloud_security.pptx
the_role_of_resilience_data_in_ensuring_cloud_security.pptx
 
Risk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the CloudRisk Factory: PCI Compliance in the Cloud
Risk Factory: PCI Compliance in the Cloud
 
Demystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public SectorDemystifying Cloud Security: Lessons Learned for the Public Sector
Demystifying Cloud Security: Lessons Learned for the Public Sector
 
Maturing Your Organization from DevOps to DevSecOps
Maturing Your Organization from DevOps to DevSecOpsMaturing Your Organization from DevOps to DevSecOps
Maturing Your Organization from DevOps to DevSecOps
 
Maturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOpsMaturing your organization from DevOps to DevSecOps
Maturing your organization from DevOps to DevSecOps
 

Mais de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mais de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Último

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 

Último (20)

A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 

Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Superhero

  • 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Sasha Pavlovic | Director, Hybrid Cloud Security, APAC 3 Secrets to Becoming a Cloud Security Superhero
  • 3.
  • 9. Shared Responsibility Model AWS Physical Infrastructure Network Virtualization You Operating System Applications Data Service Configuration More at aws.amazon.com/security
  • 11.
  • 13.
  • 15. EC2
  • 16. 24h 48h 72h Attack Source IP – CVE-2014-6271, 7169, 6277, 6278 Disclosure
  • 17. 24h 48h 72h Attack Source IP – CVE-2014-6271, 7169, 6277, 6278 Disclosure
  • 18. 24h 48h 72h Disclosure Attack Source IP – CVE-2014-6271, 7169, 6277, 6278
  • 19. Don’t Replicate… Warning: Single Point of Failure Limited Throughput
  • 20. Shapeshift Mission Accomplished: No Single Point of Failure UN-Limited Throughput
  • 22. Shapeshift for Amazon Web Services • Security inside each workload • Protect instance-to-instance traffic • Make it context sensitive (fast and low false-positive) • No bottleneck • No single point of failure = CLOUD FRIENDLY IPS
  • 23. Invisibility Automate and blend in, don’t bolt on Superpower #2
  • 24.
  • 25.
  • 26. Creating an audit trail, before Servers Storage Area Network On-premises Firewall IPS Central logging Change Records Report
  • 27. Payment Client Data On-premises AWS Amazon CloudTrail EC2 instances Central management Amazon S3 Amazon CloudFrontAmazon RDS Creating an audit trail, after Report
  • 29. Make Security Invisible for Amazon Web Services • Build it in, not bolt on • Fully automate security • Automate record keeping for auditors = SECURITY DESIGNED FOR AWS
  • 30. X-Ray Vision Improve visibility of AWS and hybrid environments Superpower #3
  • 31.
  • 33. Use X-ray vision on Amazon Web Services • Use Integrity Monitoring and Log monitoring to see inside instances • Detect suspicious changes that are indicators of compromise and unintended changes = Total visibility
  • 34. AWS is continuously independently audited GxP ISO 13485 AS9100 ISO/TS 16949 AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations AWS is responsible for the security OF the Cloud
  • 35. AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network, & Firewall Configuration Customer applications & content Customers have their choice of security configurations IN the Cloud AWS is responsible for the security OF the Cloud Security is shared between AWS and customersCustomers Partner solutions – including Trend Micro
  • 36. SANS/CIS TOP 20 CRITICAL SECURITY CONTROLS 1. Inventory of Authorized & Unauthorized Devices 11. Secure Configurations for Network Devices 2. Inventory of Authorized & Unauthorized Software 12. Boundary Defense 3. Secure Configurations for Hardware & Software on Mobile Devices, Laptops, Workstations, & Servers 13. Data Protection 4. Continuous Vulnerability Assessment & Remediation 14. Controlled Access Base on the Need to Know 5. Controlled Use of Administrative Privileges 15. Wireless Access Control 6. Maintenance, Monitoring, & Analysis of Audit Logs 16. Account Monitoring & Control 7. Email and Web Browser Protections 17. Security Skills Assessment & Appropriate Training to Fill Gaps 8. Malware Defenses 18. Application Software Security 9. Limitation and Control of Network Ports, Protocols, and Services 19. Incident Response Management 10. Data Recovery Capability 20. Penetration Tests & Red Team Exercises
  • 37. Your new superpowers… Shapeshifting X-ray VisionInvisibility
  • 38.
  • 39. Inspired by real-life Security Superheros
  • 40. Gartner Best Practices Best Practices for Securing Workloads in Amazon Web Services http://bit.ly/1pxaFTL
  • 41. Now to Introduce a Real World Superhero! Chris Harwood Healthdirect Australia
  • 42. A little bit about Healthdirect No matter where people live, or what time of the day or night it is, they can talk to a professional, find trusted advice online about how to manage their issue, and locate the closest appropriate and open service that meets their needs. mindhealthconnect after hours GP helpline My Aged Care Carer Gateway healthdirect Pregnancy, Birth and Baby National Health Services Directory
  • 43. Healthdirect Australia Timeline mindhealthconnect (mental health website) 2012 after hours GP helpline 2011 Pregnancy, Birth and Baby service 2010healthdirect 24/7 nurse triage helpline 2008 Established as the National Health Call Centre Network 2006/ 2007 Carer Gateway 2015 My Aged Care Gateway 2013/ 2014 National Health Services Directory 2012
  • 44. Risks of Healthdirect’s Traditional Environment Risk Description Rating Insufficient capacity Scalability is limited by physical hardware High Limited environments Sufficient environments too expensive High Ageing servers Existing servers will need replacement within two years Moderate Lack of agility New work is continually changing what is required of our infrastructure Moderate Difficult to manage No consistency of management and service quality in the previously fragmented solution Moderate Inability to respond timeously Procurement lead times too long and inability to try new things Extreme Cost inefficiency Over investment is required in order to manage peak loads Moderate
  • 45. Drivers for Amazon Web Services Improved security The world is software Easily Scale Up and Down Improve Agility & Time to Market Pay only for what you use Ability to optimise Performance Increased Availability Reduced skills requirements
  • 46. Security is critical for Healthdirect Australia Together Government and Healthcare made up over 40% of all data breaches in 2015 Trend Micro Follow The Data Report
  • 47. Security Challenges • Information Security Manual Compliance • HIDS/HIPS mandatory • Patching controls • Small security staff complement for large diverse platform • Privacy Act and sensitive data protection • Perimeter is NOT good enough any more
  • 48. Security Challenges • Understanding the shared responsibility model • Moving security staff from gatekeepers to participants • Effective management of log and monitoring data
  • 49. Trend Micro Deep Security to the Rescue • DISA certified • Host based firewalling and intrusion prevention • Antivirus and anti-malware • File integrity monitoring • Log inspection
  • 50. Trend Micro Deep Security to the Rescue (cont…) • Server and desktop/laptop protection • Single management ‘pane of glass’ • Trusted SSL certificate issuing
  • 51. Why Deep Security Works for Us • Healthdirect ISM accredited on AWS in 2015 • Virtual patching provides a compensating control • Agent based fits with continuous delivery practices and secures AMIs above the hypervisor
  • 52. Why Deep Security Works for Us (cont…) • Usage based licensing fits with AWS autoscaling and instance scheduling • Minimised security impact on each node • Great support and easy to configure
  • 53. For an opportunity to: • Learn more about Trend Micro; • Q&A with the experts, and; • Get started with a Deep Security trial Come and speak to us at the Trend Micro booth. Booth# P1