Threat Detection & Remediation Workshop - Module 4

•

0 gostou•222 visualizações

by Greg McConnel, Sr. Security Solutions Architect, AWS This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future.

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Threat Detection and Remediation
Workshop
Module 4 – Review, Discussion, Questions & Cleanup

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Agenda
• Review & Discussion – 5 min
• Questions – 15 min
• Cleanup

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Review & Discussion

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The Attack

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Module 2
setup

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What
really
happened?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Questions

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Workshop questions
Why did the API calls from the “malicious host” generate GuardDuty findings?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Workshop questions
• The lab mentions you can ignore the high severity SSH brute force attack
finding? Why?
• Why is this a ”side-effect” of the simulated attack in this workshop? (hint:
how does that differ from the medium severity brute force finding we
investigated?)

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Workshop questions
• Which two AWS service provide a historical configuration change audit?
• Which service is designed (and easier to use) for analysis of configuration
changes?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Workshop questions
Let’s assume the company policy in this scenario is that EC2 instances running
Linux can only use certificate authentication. At some point somebody must
have enabled password authentication on the web server.
How could you determine when this was changed and by whom?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Workshop questions
We use Inspector as part of a remediation pipeline. Is inspector a Protect or
Detect service (or both)?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Workshop questions
• Would you consider a single SSH brute force attack finding by itself be
enough to kick off an automated action to add an ACL to block the source
of the attack?
• What combination of data points would lead you to consider
automatically terminating the compromised instances?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Workshop questions
• Macie had an alert for “S3 Bucket IAM policy grants global read rights.”
We investigated that bucket in the workshop. Were the objects in the
bucket actually publicly accessible?
• What about the encrypted objects in the bucket?

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Cleanup

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Links we discussed
https://aws.amazon.com/security/
https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en
_xg.pdf
https://www.nist.gov/cyberframework
https://d0.awsstatic.com/whitepapers/AWS_CAF_Security_Perspective.pdf
https://www.forbes.com/forbesinsights/bmc_security/index.html

© 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Thank you!

Mais conteúdo relacionado

Mais procurados

AWS Security Best Practices

Aleksandr Maklakov

Credential compromise in the cloud is not a threat that a single company faces. Rather, it is a widespread concern as more and more companies operate in the cloud. Credential compromise can lead to many different outcomes, depending on the motive of the attacker. In certain cases, this has led to erroneous AWS service usage for bitcoin mining or other nondestructive yet costly abuse. In other cases, it has led to companies shutting down due to the loss of data and infrastructure.

Detecting Credential Compromise in AWS (SEC389) - AWS re:Invent 2018

Amazon Web Services

In this session, learn how to use AWS Secrets Manager to simplify secrets management and empower your developers to move quickly while raising the security bar in your organization. Also, learn how you can use these changes to more easily meet your compliance requirements. Finally, learn how the service enables you to control access to secrets using fine-grained permissions and centrally audit secret rotation for resources in the AWS Cloud, third-party services, and on-premises.

AWS Secrets Manager: Best Practices for Managing, Retrieving, and Rotating Se...

Amazon Web Services

by Michael St. Onge, Global Cloud Security Architect, AWS Responding to an incident requires that you’re aware that an incident exists. To be aware that an incident exists, you have to know where to look and what to look for. In this session, you will learn the tools and techniques to take in the breadth of visibility that AWS offers to your environment as well as some ideas on how to inspect events of interest and identify indicators of compromise. Level 200

Introduction to Incident Response on AWS

Amazon Web Services

Intro to Threat Detection and Remediation on AWS

Amazon Web Services

Introduction to Threat Detection and Remediation on AWS: AWS Security Week at the San Francisco Loft In this talk, we will introduce several methods of threat detection and remediation on AWS, including GuardDuty, Macie, WAF, Shield, Lambda, AWS Config, Systems Manager and Inspector. We will do a brief overview of each of these services, and then talk about how to put them all together, to have a comprehensive thread detection and remediation solution. We will also discuss how to use these services across multiple AWS accounts and regions, to cover the governance needs of enterprise AWS deployments. Level: 100 Speaker: Nathan Case - Sr. Solutions Architect, AWS

Intro to Threat Detection & Remediation on AWS: AWS Security Week at the SF Loft

Amazon Web Services

by Michael St. Onge, Global Cloud Security Architect, AWS Join us for this hands-on lab where you will learn about the new service Amazon GuardDuty by walking through its capabilities and some real-world attack scenarios. You will need an AWS account to do the lab. This should be your own personal account and not an account through your company given the activity in the lab. AWS Credits will be provided to help cover any costs incurred in the lab. Level 300

Amazon GuardDuty Lab

Amazon Web Services

Amazon GuardDuty - Let's Attack My Account! - AWS Online Tech Talks

Amazon Web Services

Deep dive - AWS security by design

Richard Harvey

Performing forensics on AWS resources is a new experience for many customers who might have older runbooks based on on-premises workflows using manual steps, or perhaps no processes in place at all. In this session, get a deeper insight into the various runbooks to perform practical forensic tasks on AWS resources like Amazon EC2 instances, using a combination of industry tooling, AWS serverless services like AWS Lambda and AWS Step Functions, and managed services like Amazon Athena.

How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...

Amazon Web Services

Join us for this hands-on workshop where you learn about a number of AWS services involved with threat detection and remediation as we walk through some real-world threat scenarios. Learn about the threat detection capabilities of Amazon GuardDuty, Amazon Macie, AWS Config, and the available remediation options. For each hands-on scenario, we review methods to remediate the threat using the following services: AWS CloudFormation, Amazon S3, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch Events, Amazon SNS, Amazon Macie, DNS logs, AWS Lambda, AWS Config, Amazon Inspector and, of course, Amazon GuardDuty.

Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...

Amazon Web Services

A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security Services In this session you will learn how to build a self-defending border to protect your Internet-facing applications. We will show you how you can automatically respond to the dynamic threats facing online assets by using our managed threat detection services combined with information from applications. Shane Baldacchino, Solutions Architect, Amazon Web Services

A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...

Amazon Web Services

DevSecOps is the premise that everyone in the software development lifecycle is responsible for security. DevSecOps aims to embed security in every part of the development process. In this *workshop*, participants explore taking a standard CI/CD pipeline and adding security stages to improve security posture. Learn how to use AWS CodeCommit and AWS CodePipeline to build and publish golden AMI images. Also, learn how to modify pipeline flow to add security test cases. You also have to opportunity to perform CVE analysis and code analysis using Amazon Inspector and perform observational container analysis using Amazon GuardDuty.

Adding the Sec to Your DevOps Pipelines

Amazon Web Services

Understanding AWS Secrets Manager - AWS Online Tech Talks

Amazon Web Services

by Nathan Case, Sr. Consultant, AWS Events are precursor to incidents, but how do you decide if an event is harmful? Tuning the signal to noise means that every event needs to be inspected and its impact calculated in as short amount of time as possible to stop bad things from happening. In this session, we will dive deep into a few event types to do advanced analysis in pursuit of deciding if it is a security incident, and how to resolve it by the time the alert hits your inbox.

Incident Response - Finding a Needle in a Stack of Needles

Amazon Web Services

ThreatResponse

Amazon Web Services

by Eric Rose, Sr. Security Consultant, AWS After you have built and deployed a security infrastructure and automated key aspects of security operations, you should validate your work through an incident response simulation. In this session, you will learn about the best way to protect your logs; how and why to develop automated incident response capabilities via AWS tooling such as AWS Lambda; the importance of testing existing forensics tools to ensure efficacy in the cloud environment; and ways to test your plan early and often.

Incident Response: Preparing and Simulating Threat Response

Amazon Web Services

In this session, learn how Vanguard has matured their IAM controls and automation to support a micro-account strategy, providing further agility to developers while reducing blast radius and improving governance. You learn how Vanguard uses STS Federation at the OU level, builds common roles across all micro accounts, implements AWS Organizations SCPs, and uses different network control zones for admin vs. non-admin functions. Vanguard also shares how they are using AWS Lambda to block escalation of privilege.

IAM for Enterprises: How Vanguard Matured IAM Controls to Support Micro Accou...

Amazon Web Services

by Quint Van Deman, Sr. Business Development Manager, AWS Across the AWS customer base there's a wide spectrum of experience levels. In this session, we'll dive deep into a number of advanced patterns that some of our most advanced customers are using to make themselves successful. By equipping you with these deep learnings, you'll be able to raise the bar within your organization, allowing you to achieve greater levels of control, speed, and visibility at a greatly accelerated pace. Level 400

The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...

Amazon Web Services

Building an Automated Security Fabric in AWS

Amazon Web Services

Mais procurados (20)

AWS Security Best Practices

Detecting Credential Compromise in AWS (SEC389) - AWS re:Invent 2018

AWS Secrets Manager: Best Practices for Managing, Retrieving, and Rotating Se...

Introduction to Incident Response on AWS

Intro to Threat Detection and Remediation on AWS

Intro to Threat Detection & Remediation on AWS: AWS Security Week at the SF Loft

Amazon GuardDuty Lab

Amazon GuardDuty - Let's Attack My Account! - AWS Online Tech Talks

Deep dive - AWS security by design

How to Perform Forensics on AWS Using Serverless Infrastructure (SEC416-R1) -...

Find All the Threats: AWS Threat Detection and Remediation (SEC331) - AWS re:...

A Self-Defending Border: Protect Your Web-Facing Workloads with AWS Security ...

Adding the Sec to Your DevOps Pipelines

Understanding AWS Secrets Manager - AWS Online Tech Talks

Incident Response - Finding a Needle in a Stack of Needles

ThreatResponse

Incident Response: Preparing and Simulating Threat Response

IAM for Enterprises: How Vanguard Matured IAM Controls to Support Micro Accou...

The 1%: Identity and Governance Patterns from the Most Advanced AWS Customers...

Building an Automated Security Fabric in AWS

Semelhante a Threat Detection & Remediation Workshop - Module 4

This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future. Speaker: Michael Wasielewski - Sr. Solutions Architect

Threat Detection & Remediation Workshop

Amazon Web Services

Learn about the threat detection capabilities of Amazon GuardDuty and the available remediation options by walking through some real-world threat scenarios. First, explore a scenario where an Amazon EC2 instance is compromised, then one where IAM credentials are compromised. In each scenario, we explore a method to remediate the threat. We use the following services: AWS CloudFormation, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch events, Amazon SNS, Amazon S3, AWS Lambda, and, of course, Amazon GuardDuty. Be sure you have an AWS account. This should be your own personal account and not one through your company. We provide AWS credits to help cover any costs incurred during the lab.

Amazon GuardDuty Threat Detection and Remediation

Amazon Web Services

Automating Incident Response and Forensics in AWS

Amazon Web Services

Come discover the latest and greatest tricks for automating your incident response and forensics in the cloud. This session focuses on automating your cloud incident response processes covering external and insider threats, triggers, canaries, containment, and data loss prevention. We'll demo how to perform basic disk based forensics on an EC2 instance using open source projects. Speaker: Ben Potter, Well-Architected Security Lead, AWS

Automating Incident Response and Forensics in AWS

Amazon Web Services

Automating Incident Response and Forensics in AWS Come and learn the latest and greatest tricks for automating your incident response and forensics in the cloud. This session focuses on automating your cloud incident response processes covering external and insider threats, triggers, canaries, containment, and data loss prevention. Ben Potter, Security Lead for Well-Architected, Amazon Web Services

Automating Incident Response and Forensics in AWS - AWS Summit Sydney 2018

Amazon Web Services

This workshop is designed to expose you to a number of AWS services that can be part of a threat detection and remediation strategy. We will cover the following services: Amazon GuardDuty, Amazon Macie, Amazon Inspector, Amazon CloudWatch (Events & Logs), AWS Lambda, Amazon SNS, Amazon S3, VPC Flow Logs, DNS Logs and AWS CloudTrail. You will learn how to use these services to set up a notification and remediation pipeline, to investigate threats during and after an attack, and how to evaluate what additional alerts and automated remediations should be deployed. We will go through a simulated attack scenario that will generate real GuardDuty findings and Macie alerts. We will investigate the attack, examine the threats, remediate the attack and investigate additional automated remediations that can be used in the future. Level: 200 Speaker: Sean Leviseur - Security Architect, AWS Professional Services

Threat Detection and Remediation Workshop

Amazon Web Services

Chaos Engineering: Why Breaking Things Should Be Practiced - AWS Developer Workshop at Web Summit 2018 Ever wondered how companies delivering global services like Amazon or Netflix are architecting and testing their software systems? If you are curious and want to learn how they do it - this session is for you! With the rise of micro-services and large-scale distributed architectures, software systems have grow increasingly complex and hard to understand. Adding to that complexity, the velocity of software delivery has also dramatically increased, resulting in failures being harder to predict and contain. While the cloud allows for high availability, redundancy and fault-tolerance, no single component can guarantee 100% uptime. Therefore, we have to understand availability but especially learn how to design architectures with failure in mind. And since failures have become more and more chaotic in nature, we must turn to chaos engineering in order to identify failures before they become outages. In this talk, I will deep dive into availability, reliability and large-scale architectures and make an introduction to chaos engineering, a discipline that promotes breaking things on purpose in order to learn how to build more resilient systems. Speaker: Adrian Hornsby - Technical Evangelist, AWS

Chaos Engineering: Why Breaking Things Should Be Practiced - AWS Developer Wo...

Amazon Web Services

DevOps is currently one of the most sought after engineering models. One reason is that it helps enterprise transformations. The Amazon transformation to DevOps was born out of the desire to be even more customer obsessed, more agile, and more innovative. Come and learn from our journey as we share the playbook that helped us successfully implement and adopt DevOps as well as the lessons we learned the hard way.

Moving to DevOps the Amazon Way (DEV210-R1) - AWS re:Invent 2018

Amazon Web Services

Designing for Operability: Getting the Last Nines in Five-Nines Availability ...

Amazon Web Services

In this session, we dive deep into the actual code behind various security automation and remediation functions. We demonstrate each script, describe the use cases, and perform a code review explaining the various challenges and solutions. All use cases are based on customer and C-level feedback and challenges. We look at things like IAM policy scope reduction, alert and ticket integration for security events, forensics and research on AWS resources, secure pipelines, and more. Please join us for a speaker meet-and-greet following this session at the Speaker Lounge (ARIA East, Level 1, Willow Lounge). The meet-and-greet starts 15 minutes after the session and runs for half an hour.

Five New Security Automations Using AWS Security Services & Open Source (SEC4...

Amazon Web Services

Life of a Code Change to a Tier 1 Service - AWS Online Tech Talks

Amazon Web Services

Join us for this hands-on lab where you learn about Amazon GuardDuty by walking through some real-world threat scenarios. Learn about the threat detection capabilities of GuardDuty and the available remediation options. We first go through a scenario where an Amazon EC2 instance is compromised, followed by one where IAM credentials are compromised. In each scenario, we look at a method to remediate the threat. We use the following services: AWS CloudFormation, AWS CloudTrail, Amazon VPC flow logs, Amazon CloudWatch events, Amazon SNS, Amazon S3, AWS Lambda, and, of course, Amazon GuardDuty. Be sure you have an AWS account to do the lab. This should be your own personal account and not an account through your company. We provide AWS credits to help cover any costs incurred during the lab.

SID304 Threat Detection and Remediation with Amazon GuardDuty

Amazon Web Services

At Amazon, continuous integration and continuous delivery (CI/CD) techniques enable collaboration, increase agility, and deliver a high-quality product faster. In this talk, we walk you through the practices we use for both the CI and the CD of software delivery. For CI, we showcase how we incorporate pull requests to increase team collaboration. We also demonstrate how to optimize CI workflows for speed with caching, code analysis, and integration testing. For CD, we share example safety mechanisms, including canary testing, rollbacks, and availability zone redundancy. We use the AWS developer tools that were designed based on the internal Amazon tooling: AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, and AWS X-Ray.

Amazon CI-CD Practices for Software Development Teams

Amazon Web Services

At Amazon, continuous integration and continuous delivery (CI/CD) techniques enable collaboration, increase agility, and deliver a high-quality product faster. In this talk, we walk you through the practices we use for both the CI and the CD of software delivery. For CI, we showcase how we incorporate pull requests to increase team collaboration. We also demonstrate how to optimize CI workflows for speed with caching, code analysis, and integration testing. For CD, we share example safety mechanisms, including canary testing, rollbacks, and Availability Zone redundancy. We use the AWS developer tools that were designed based on the internal Amazon tooling: AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, and AWS X-Ray.

Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...

Amazon Web Services

With Amazon Elasticsearch Service's simplicity comes a multitude of opportunity to use it as a back end for real-time application and infrastructure monitoring. With this wealth of opportunities comes sprawl - developers in your organization are deploying Amazon Elasticsearch Service for many different workloads and many different purposes. Should you centralize into one Amazon Elasticsearch Service domain? What are the tradeoffs in scale and cost? How do you control access to the data and dashboards? How do you structure your indexes - single tenant or multi-tenant? In this session, we'll explore whether, when, and how to centralize logging across your organization to minimize cost and maximize value and learn how Autodesk has built a unified log analytics solution using Amazon Elasticsearch Service.

Build Your Own Log Analytics Solutions on AWS (ANT323-R) - AWS re:Invent 2018

Amazon Web Services

This hands-on, instructor-led lab will use the AWS Management Console to deploy a new workload, and set up estate and patch management. In this lab we will demonstrate the importance of tagging and the ways in which it can support you operations activities. You will leverage the benefits of infrastructure as code for development and deployment of your environment. You will also perform Operations as Code to gain insights to your workload status, and to maintain your environment.

Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf

Amazon Web Services

Keynote - Chaos Engineering: Why breaking things should be practiced

AWS User Group Bengaluru

At Amazon, continuous integration and continuous delivery (CI/CD) techniques enable collaboration, increase agility, and deliver a high-quality product faster. In this talk, we walk you through the practices we use for both the CI and CD of software delivery. For CI, we showcase how we incorporate pull requests to increase team collaboration. We also demonstrate how to optimize CI workflows for speed with caching, code analysis, and integration testing. For CD, we share example safety mechanisms, including canary testing, rollbacks, and Availability Zone redundancy. We use the AWS developer tools whose designs were based on the internal Amazon tooling: AWS CodeCommit, AWS CodeBuild, AWS CodePipeline, AWS CodeDeploy, and AWS X-Ray.

Amazon CI/CD Practices for Software Development Teams - SRV320 - Chicago AWS ...

Amazon Web Services

Landing Zones: Creating a Foundation for Your AWS Migrations When migrating lots of applications to the cloud, it's important to architect cloud environments that are efficient, secure and compliant. AWS Landing Zones are a prescriptive set of instructions for deploying an AWS-recommended foundation of interrelated AWS accounts, networks, and core services for your initial AWS application environments. This session will review the benefits and best practices. Ali Juzer, Cloud Architect, Professional Services, Amazon Web Services

Landing Zones Creating a Foundation - AWS Summit Sydney 2018

Amazon Web Services

Come join us as we take a deeper look at Amazon's approach to releasing mission-critical software. In this session, we take a journey through the release process of an AWS Tier 1 service on its way to production. We follow a single code change from idea to release, and we focus on how Amazon updates critical software quickly and safely for its global customers. Throughout the talk, we demonstrate how our internal software release processes map to AWS developer tools, and we highlight how you can leverage AWS CI/CD services to create your own robust release process.

Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018

Amazon Web Services

Semelhante a Threat Detection & Remediation Workshop - Module 4 (20)

Threat Detection & Remediation Workshop

Amazon GuardDuty Threat Detection and Remediation

Automating Incident Response and Forensics in AWS

Automating Incident Response and Forensics in AWS - AWS Summit Sydney 2018

Threat Detection and Remediation Workshop

Chaos Engineering: Why Breaking Things Should Be Practiced - AWS Developer Wo...

Moving to DevOps the Amazon Way (DEV210-R1) - AWS re:Invent 2018

Designing for Operability: Getting the Last Nines in Five-Nines Availability ...

Five New Security Automations Using AWS Security Services & Open Source (SEC4...

Life of a Code Change to a Tier 1 Service - AWS Online Tech Talks

SID304 Threat Detection and Remediation with Amazon GuardDuty

Amazon CI-CD Practices for Software Development Teams

Amazon CI/CD Practices for Software Development Teams - SRV320 - Anaheim AWS ...

Build Your Own Log Analytics Solutions on AWS (ANT323-R) - AWS re:Invent 2018

Nirav Kothari: Well-Architected - Operational Excellence Instructor Led Lab.pdf

Keynote - Chaos Engineering: Why breaking things should be practiced

Amazon CI/CD Practices for Software Development Teams - SRV320 - Chicago AWS ...

Landing Zones Creating a Foundation - AWS Summit Sydney 2018

Releasing Mission-Critical Software at Amazon (DEV209-R1) - AWS re:Invent 2018

Mais de Amazon Web Services

Il Forecasting è un processo importante per tantissime aziende e viene utilizzato in vari ambiti per cercare di prevedere in modo accurato la crescita e distribuzione di un prodotto, l’utilizzo delle risorse necessarie nelle linee produttive, presentazioni finanziarie e tanto altro. Amazon utilizza delle tecniche avanzate di forecasting, in parte questi servizi sono stati messi a disposizione di tutti i clienti AWS. In questa sessione illustreremo come pre-processare i dati che contengono una componente temporale e successivamente utilizzare un algoritmo che a partire dal tipo di dato analizzato produce un forecasting accurato.

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Amazon Web Services

La varietà e la quantità di dati che si crea ogni giorno accelera sempre più velocemente e rappresenta una opportunità irripetibile per innovare e creare nuove startup. Tuttavia gestire grandi quantità di dati può apparire complesso: creare cluster Big Data su larga scala sembra essere un investimento accessibile solo ad aziende consolidate. Ma l’elasticità del Cloud e, in particolare, i servizi Serverless ci permettono di rompere questi limiti. Vediamo quindi come è possibile sviluppare applicazioni Big Data rapidamente, senza preoccuparci dell’infrastruttura, ma dedicando tutte le risorse allo sviluppo delle nostre le nostre idee per creare prodotti innovativi.

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Amazon Web Services

Ora puoi utilizzare Amazon Elastic Kubernetes Service (EKS) per eseguire pod Kubernetes su AWS Fargate, il motore di elaborazione serverless creato per container su AWS. Questo rende più semplice che mai costruire ed eseguire le tue applicazioni Kubernetes nel cloud AWS.In questa sessione presenteremo le caratteristiche principali del servizio e come distribuire la tua applicazione in pochi passaggi

Esegui pod serverless con Amazon EKS e AWS Fargate

Amazon Web Services

Vent'anni fa Amazon ha attraversato una trasformazione radicale con l'obiettivo di aumentare il ritmo dell'innovazione. In questo periodo abbiamo imparato come cambiare il nostro approccio allo sviluppo delle applicazioni ci ha permesso di aumentare notevolmente l'agilità, la velocità di rilascio e, in definitiva, ci ha consentito di creare applicazioni più affidabili e scalabili. In questa sessione illustreremo come definiamo le applicazioni moderne e come la creazione di app moderne influisce non solo sull'architettura dell'applicazione, ma sulla struttura organizzativa, sulle pipeline di rilascio dello sviluppo e persino sul modello operativo. Descriveremo anche approcci comuni alla modernizzazione, compreso l'approccio utilizzato dalla stessa Amazon.com.

Costruire Applicazioni Moderne con AWS

Amazon Web Services

L’utilizzo dei container è in continua crescita. Se correttamente disegnate, le applicazioni basate su Container sono molto spesso stateless e flessibili. I servizi AWS ECS, EKS e Kubernetes su EC2 possono sfruttare le istanze Spot, portando ad un risparmio medio del 70% rispetto alle istanze On Demand. In questa sessione scopriremo insieme quali sono le caratteristiche delle istanze Spot e come possono essere utilizzate facilmente su AWS. Impareremo inoltre come Spreaker sfrutta le istanze spot per eseguire applicazioni di diverso tipo, in produzione, ad una frazione del costo on-demand!

Come spendere fino al 90% in meno con i container e le istanze spot

Amazon Web Services

In recent months, many customers have been asking us the question – how to monetise Open APIs, simplify Fintech integrations and accelerate adoption of various Open Banking business models. Therefore, AWS and FinConecta would like to invite you to Open Finance marketplace presentation on October 20th. Event Agenda : Open banking so far (short recap) • PSD2, OB UK, OB Australia, OB LATAM, OB Israel Intro to Open Finance marketplace • Scope • Features • Tech overview and Demo The role of the Cloud The Future of APIs • Complying with regulation • Monetizing data / APIs • Business models • Time to market One platform for all: a Strategic approach Q&A

Open banking as a service

Amazon Web Services

Per creare valore e costruire una propria offerta differenziante e riconoscibile, le startup di successo sanno come combinare tecnologie consolidate con componenti innovativi creati ad hoc. AWS fornisce servizi pronti all'utilizzo e, allo stesso tempo, permette di personalizzare e creare gli elementi differenzianti della propria offerta. Concentrandoci sulle tecnologie di Machine Learning, vedremo come selezionare i servizi di intelligenza artificiale offerti da AWS e, anche attraverso una demo, come costruire modelli di Machine Learning personalizzati utilizzando SageMaker Studio.

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

Amazon Web Services

Con l'approccio tradizionale al mondo IT per molti anni è stato difficile implementare tecniche di DevOps, che finora spesso hanno previsto attività manuali portando di tanto in tanto a dei downtime degli applicativi interrompendo l'operatività dell'utente. Con l'avvento del cloud, le tecniche di DevOps sono ormai a portata di tutti a basso costo per qualsiasi genere di workload, garantendo maggiore affidabilità del sistema e risultando in dei significativi miglioramenti della business continuity. AWS mette a disposizione AWS OpsWork come strumento di Configuration Management che mira ad automatizzare e semplificare la gestione e i deployment delle istanze EC2 per mezzo di workload Chef e Puppet. Scopri come sfruttare AWS OpsWork a garanzia e affidabilità del tuo applicativo installato su Instanze EC2.

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Amazon Web Services

Vuoi conoscere le opzioni per eseguire Microsoft Active Directory su AWS? Quando si spostano carichi di lavoro Microsoft in AWS, è importante considerare come distribuire Microsoft Active Directory per supportare la gestione, l'autenticazione e l'autorizzazione dei criteri di gruppo. In questa sessione, discuteremo le opzioni per la distribuzione di Microsoft Active Directory su AWS, incluso AWS Directory Service per Microsoft Active Directory e la distribuzione di Active Directory su Windows su Amazon Elastic Compute Cloud (Amazon EC2). Trattiamo argomenti quali l'integrazione del tuo ambiente Microsoft Active Directory locale nel cloud e l'utilizzo di applicazioni SaaS, come Office 365, con AWS Single Sign-On.

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Amazon Web Services

Computer Vision con AWS

Amazon Web Services

Amazon Web Services e VMware organizzano un evento virtuale gratuito il prossimo mercoledì 14 Ottobre dalle 12:00 alle 13:00 dedicato a VMware Cloud ™ on AWS, il servizio on demand che consente di eseguire applicazioni in ambienti cloud basati su VMware vSphere® e di accedere ad una vasta gamma di servizi AWS, sfruttando a pieno le potenzialità del cloud AWS e tutelando gli investimenti VMware esistenti. Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali.

Database Oracle e VMware Cloud on AWS i miti da sfatare

Amazon Web Services

Molte aziende oggi, costruiscono applicazioni con funzionalità di tipo ledger ad esempio per verificare lo storico di accrediti o addebiti nelle transazioni bancarie o ancora per tenere traccia del flusso supply chain dei propri prodotti. Alla base di queste soluzioni ci sono i database ledger che permettono di avere un log delle transazioni trasparente, immutabile e crittograficamente verificabile, ma sono strumenti complessi e onerosi da gestire. Amazon QLDB elimina la necessità di costruire sistemi personalizzati e complessi fornendo un database ledger serverless completamente gestito. In questa sessione scopriremo come realizzare un'applicazione serverless completa che utilizzi le funzionalità di QLDB.

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

Amazon Web Services

Con l’ascesa delle architetture di microservizi e delle ricche applicazioni mobili e Web, le API sono più importanti che mai per offrire agli utenti finali una user experience eccezionale. In questa sessione impareremo come affrontare le moderne sfide di progettazione delle API con GraphQL, un linguaggio di query API open source utilizzato da Facebook, Amazon e altro e come utilizzare AWS AppSync, un servizio GraphQL serverless gestito su AWS. Approfondiremo diversi scenari, comprendendo come AppSync può aiutare a risolvere questi casi d’uso creando API moderne con funzionalità di aggiornamento dati in tempo reale e offline. Inoltre, impareremo come Sky Italia utilizza AWS AppSync per fornire aggiornamenti sportivi in tempo reale agli utenti del proprio portale web.

API moderne real-time per applicazioni mobili e web

Amazon Web Services

Molte organizzazioni sfruttano i vantaggi del cloud migrando i propri carichi di lavoro Oracle e assicurandosi notevoli vantaggi in termini di agilità ed efficienza dei costi. La migrazione di questi carichi di lavoro, può creare complessità durante la modernizzazione e il refactoring delle applicazioni e a questo si possono aggiungere rischi di prestazione che possono essere introdotti quando si spostano le applicazioni dai data center locali. In queste slide, gli esperti AWS e VMware presentano semplici e pratici accorgimenti per facilitare e semplificare la migrazione dei carichi di lavoro Oracle accelerando la trasformazione verso il cloud, approfondiranno l’architettura e dimostreranno come sfruttare a pieno le potenzialità di VMware Cloud ™ on AWS.

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Amazon Web Services

Tools for building your MVP on AWS

Amazon Web Services

How to Build a Winning Pitch Deck

Amazon Web Services

Building a web application without servers

Amazon Web Services

Fundraising Essentials

Amazon Web Services

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...

Amazon Web Services

Amazon Elastic Container Service (Amazon ECS) è un servizio di gestione dei container altamente scalabile, che semplifica la gestione dei contenitori Docker attraverso un layer di orchestrazione per il controllo del deployment e del relativo lifecycle. In questa sessione presenteremo le principali caratteristiche del servizio, le architetture di riferimento per i differenti carichi di lavoro e i semplici passi necessari per poter velocemente migrare uno o più dei tuo container.

Introduzione a Amazon Elastic Container Service

Amazon Web Services

Mais de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...

Big Data per le Startup: come creare applicazioni Big Data in modalità Server...

Esegui pod serverless con Amazon EKS e AWS Fargate

Costruire Applicazioni Moderne con AWS

Come spendere fino al 90% in meno con i container e le istanze spot

Open banking as a service

Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...

OpsWorks Configuration Management: automatizza la gestione e i deployment del...

Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads

Computer Vision con AWS

Database Oracle e VMware Cloud on AWS i miti da sfatare

Crea la tua prima serverless ledger-based app con QLDB e NodeJS

API moderne real-time per applicazioni mobili e web

Database Oracle e VMware Cloud™ on AWS: i miti da sfatare

Tools for building your MVP on AWS

How to Build a Winning Pitch Deck

Building a web application without servers

Fundraising Essentials

AWS_HK_StartupDay_Building Interactive websites while automating for efficien...

Introduzione a Amazon Elastic Container Service

Threat Detection & Remediation Workshop - Module 4

9. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Workshop questions • The lab mentions you can ignore the high severity SSH brute force attack finding? Why? • Why is this a ”side-effect” of the simulated attack in this workshop? (hint: how does that differ from the medium severity brute force finding we investigated?)

10. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Workshop questions • Which two AWS service provide a historical configuration change audit? • Which service is designed (and easier to use) for analysis of configuration changes?

11. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Workshop questions Let’s assume the company policy in this scenario is that EC2 instances running Linux can only use certificate authentication. At some point somebody must have enabled password authentication on the web server. How could you determine when this was changed and by whom?

13. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Workshop questions • Would you consider a single SSH brute force attack finding by itself be enough to kick off an automated action to add an ACL to block the source of the attack? • What combination of data points would lead you to consider automatically terminating the compromised instances?

14. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Workshop questions • Macie had an alert for “S3 Bucket IAM policy grants global read rights.” We investigated that bucket in the workshop. Were the objects in the bucket actually publicly accessible? • What about the encrypted objects in the bucket?

16. © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Links we discussed https://aws.amazon.com/security/ https://www.verizonenterprise.com/resources/reports/rp_DBIR_2018_Report_en _xg.pdf https://www.nist.gov/cyberframework https://d0.awsstatic.com/whitepapers/AWS_CAF_Security_Perspective.pdf https://www.forbes.com/forbesinsights/bmc_security/index.html

Threat Detection & Remediation Workshop - Module 4

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a Threat Detection & Remediation Workshop - Module 4

Semelhante a Threat Detection & Remediation Workshop - Module 4 (20)

Mais de Amazon Web Services

Mais de Amazon Web Services (20)

Threat Detection & Remediation Workshop - Module 4