SlideShare uma empresa Scribd logo

AWS Webcast - Top 3 Ways to Improve Web App Security

Amazon Web Services
Amazon Web Services

In this session you will learn why you need to shift from vulnerability detection only to a holistic web application defense strategy. We’ll outline the top three ways to improve your web app security and share how others have developed an integrated, comprehensive strategy that reduces costs and improves the balance between security and app functionality.

Tecnologia
1 de 28
Baixar para ler offline
Top 3 Ways to Improve Web App Security in AWS
Ryan Holland Sr Manager, Partner Solution Architects Amazon Web Services
AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Customer applications & content Customers Security & Compliance is a Shared Responsibility Customers are responsible for their security IN the Cloud AWS is responsible for the security OF the Cloud
AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Customer applications & content Culture of security and continual improvement Ongoing audit and assurance program Your content Your controls AWS Marketplace Security & Compliance is a Shared Responsibility Customers
Every customer has access to the same security capabilities AWS maintains a formal control environment •SOC 1 (SSAE 16 & ISAE 3402) Type II (was SAS70) •SOC 2 Security •ISO 27001 Certification •Certified PCI DSS Level 1 Service Provider •FedRAMP(FISMA), ITAR, FIPS 140-2 •HIPAA and MPAA capable Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations
Let AWS take care of the heavy lifting for you Facilities Physical security Compute infrastructure Storage infrastructure Network infrastructure Virtualization layer (EC2) Hardened service endpoints Rich IAM capabilities Network configuration Security groups OS firewalls Operating systems Applications Proper service configuration AuthN & acct management Authorization policies + = Customer Customers get to choose the right level of security for their business. As an AWS customer you can focus on your business and not be distracted by the muck.
AWS partners can help you build secure solutions Facilities Physical security Compute infrastructure Storage infrastructure Network infrastructure Virtualization layer (EC2) Hardened service endpoints Fine-grained IAM capability + = AWS partner solutions These products and more are available on the AWS marketplace -WAF, VPN, IPS, AV, API gateways, data encryption, user management Your secure AWS solutions
Top 3 Ways to Improve Web App Security in AWS Dawn Smeaton Product Marketing, Web App Security
Cloud Security is a Shared Responsibility Copyright 2014 Trend Micro Inc. Cloud Service Provider Facilities Physical security Physical infrastructure Network infrastructure Virtualization infrastructure Cloud User Operation System Applications Data Identity & Access Security Groups
Anti-malware Intrusion Prevention Host Firewall Integrity Monitoring Log Inspection Application Scanning Data Encryption ADAPTIVE Intelligent, dynamic provisioning & policy enforcement CONTEXT Workload & application-aware SCALABLE Auto-detect new instances and rapidly applies security PLATFORM Comprehensive capabilities across data center & cloud Copyright 2014 Trend Micro Inc.
Web Apps are a Favorite Target Copyright 2014 Trend Micro Inc. Easy to develop exploits High value of data
Ripped from the headlines Copyright © 2014 Trend Micro Inc. 1.2 billion internet credentials stolen by Russian hackers 4.5 million Healthcare records stolen by exploiting Heartbleedvulnerability
SQL Injection example 1. Application presents a form 2. Attacker enters a SQL query in the form data 3. Application forwards query to database Account Summary Acct:5424-6066-2134-4334 Acct:4128-7574-3921-0192 Acct:5424-9383-2039-4029 Acct:4128-0004-1234-0293 4. Database runs the attack query and sends encrypted results back to app 5. Application decrypts data as normal and sends results to the attacker Username: Password: “SELECT * FROM acc "SELECT * FROM accounts WHERE acct=‘’ OR 1=1--’" Confidential | Copyright 2013 Trend Micro Inc. 13
Web App Vulnerabilities InjectionBroken authenticationXSSSensitive data exposureCross site request forgeryInsecure direct object referencesSecurity misconfigurationMissing Function level access controlUnvalidatedredirects Technical Impacts Site defacementAccess to databases & internal networksLoss of sensitive dataGoogle search blacklistingMalwareUser accounts hijackedWeb server availability Business Impacts Damage to brand reputation Loss of customer trustRevenue lossFail PCI Compliance The impact of vulnerabilities can be huge Copyright 2014 Trend Micro Inc.
Top Three ways to improve Web App Security Expand Detection Strengthen Defenses Centralize Visibility 1 2 3 Copyright 2014 Trend Micro Inc.
Expand Detection 1
Expand Detection Operating System (Known Vulnerabilities) Web Server (Known Vulnerabilities) Web Apps Copyright 2014 Trend Micro Inc.
TECHNICAL FLAWS OGICAL FLAWS Different vulnerabilities need different approaches •Automated tools crawl websites, imitating user interaction to find errors in code, malware or links to inappropriate sites •Find common coding errors like SQL injection, cross site scripting, ineffective security controls Technical Flaws •Looking at site in context to find potential weaknesses •Manual testing uncovers flaws that are difficult or impossible to find with automated tools Logical Flaws Copyright 2014 Trend Micro Inc. 18
Demo
Strengthen Defenses 2
Traditional web app protection •Detects & blocks malicious activityat platform (Web server and OS) •Virtual patching from some offerings can shield discovered platform vulnerabilities without requiring code updates, patches, or configuration fixes •Analyzes traffic, including SSL- encrypted communication •Rules govern application behavior and block attacks without requiring app modification •Can help with PCI-DSS compliance Web Application Firewall (WAF) Intrusion Prevention Copyright 2014 Trend Micro Inc.
Continuous Visibility 3
Web App security that fits the cloud BUT… AWS requires pre-approval before scanning Hosting on AWS provides agility & scalability Copyright 2014 Trend Micro Inc. Auto Scaling group www.example.com security group root volume data volume Elastic Load Balancing EC2 instance web app server UNLESS you use an AWS pre-authorized scanner like Trend Micro
Demo
Continuous Visibility •Need actionable insights •Reduce number of solutions –App scanning –Manual testing –Platform scanning –SSL •Understand countermeasures available in overall security architecture Copyright 2014 Trend Micro Inc. “Single dashboard take lots of info and boils it down to make it easy to consume and share”
Comprehensive Detection: Automated scanning of applications and platforms, plus app logic testing by security experts AWS Pre-authorized Scanner: No manual scan approvals required, Trend Micro is pre-authorized to scan web apps hosted on AWS 1 2 3 Integrated Management: Cloud-based, centralized single console for scanning, SSL certificates and protection Trend Micro Delivers Unparalleled Web App Security Copyright 2014 Trend Micro Inc.
Get Started! •Schedule a personal product demo •Get a free trial –Scanning of up to 3 web apps in AWS, including full vulnerability report and SSL certificatesRequest your trial atwebappsecurity.trendmicro.com Copyright 2014 Trend Micro Inc.
Q&A

Recomendados

AWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceAWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceGaurav "GP" Pal
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud SecurityAlert Logic
 
Security OF The Cloud
Security OF The CloudSecurity OF The Cloud
Security OF The CloudMark Nunnikhoven
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Amazon Web Services
 
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Amazon Web Services
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewValdez Ladd MBA, CISSP, CISA,
 

Recomendados

AWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceAWS Security Best Practices, SaaS and Compliance
AWS Security Best Practices, SaaS and ComplianceGaurav "GP" Pal
 
cloud security ppt
cloud security ppt cloud security ppt
cloud security ppt Devyani Vaidya
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 
Best Practices in Cloud Security
Best Practices in Cloud SecurityBest Practices in Cloud Security
Best Practices in Cloud SecurityAlert Logic
 
Security OF The Cloud
Security OF The CloudSecurity OF The Cloud
Security OF The CloudMark Nunnikhoven
 
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...
Palo Alto Networks and AWS: Streamline Your Accreditation with Superior Secur...Amazon Web Services
 
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017
Meeting DFARS Requirements in AWS GovCloud (US) | AWS Public Sector Summit 2017Amazon Web Services
 
Cloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewCloud Security Alliance's GRC Stack Overview
Cloud Security Alliance's GRC Stack OverviewValdez Ladd MBA, CISSP, CISA,
 
Cloud Security
Cloud Security Cloud Security
Cloud Security Giovanni Mazzeo
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewAlert Logic
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSKarim Hopper
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart WaySecurity Innovation
 
How to Enhance Your Application Security Strategy with F5 on AWS
How to Enhance Your Application Security Strategy with F5 on AWS How to Enhance Your Application Security Strategy with F5 on AWS
How to Enhance Your Application Security Strategy with F5 on AWSAmazon Web Services
 
Cloud university intel security
Cloud university intel securityCloud university intel security
Cloud university intel securityIngram Micro Cloud
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Alert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the CloudAlert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the CloudAlert Logic
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloudHimani Singh
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAlert Logic
 
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeCSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the CloudSecurity Innovation
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceOlav Tvedt
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSAmazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services
 
AWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAmazon Web Services
 
Using Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend MicroUsing Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend MicroAmazon Web Services
 
iOS app security
iOS app security iOS app security
iOS app security Hokila Jan
 

Mais conteúdo relacionado

Mais procurados

CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewAlert Logic
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSKarim Hopper
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeHimani Singh
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security Amazon Web Services
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart WaySecurity Innovation
 
How to Enhance Your Application Security Strategy with F5 on AWS
How to Enhance Your Application Security Strategy with F5 on AWS How to Enhance Your Application Security Strategy with F5 on AWS
How to Enhance Your Application Security Strategy with F5 on AWSAmazon Web Services
 
Cloud university intel security
Cloud university intel securityCloud university intel security
Cloud university intel securityIngram Micro Cloud
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Alert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the CloudAlert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the CloudAlert Logic
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloudHimani Singh
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeAlert Logic
 
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeCSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the CloudSecurity Innovation
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A ServiceOlav Tvedt
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSAmazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services
 
AWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAmazon Web Services
 

Mais procurados (20)

Cloud Security
Cloud Security Cloud Security
Cloud Security
 
CSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model OverviewCSS17: Houston - Azure Shared Security Model Overview
CSS17: Houston - Azure Shared Security Model Overview
 
Cloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWSCloud Security, Risk and Compliance on AWS
Cloud Security, Risk and Compliance on AWS
 
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment modeCloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
Cloud security, Cloud security Access broker, CSAB's 4 pillar, deployment mode
 
F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security F5 on AWS: How MailControl Improved their Application Visbility and Security
F5 on AWS: How MailControl Improved their Application Visbility and Security
 
Assessing System Risk the Smart Way
Assessing System Risk the Smart WayAssessing System Risk the Smart Way
Assessing System Risk the Smart Way
 
How to Enhance Your Application Security Strategy with F5 on AWS
How to Enhance Your Application Security Strategy with F5 on AWS How to Enhance Your Application Security Strategy with F5 on AWS
How to Enhance Your Application Security Strategy with F5 on AWS
 
Cloud university intel security
Cloud university intel securityCloud university intel security
Cloud university intel security
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
 
Alert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the CloudAlert Logic: Realities of Security in the Cloud
Alert Logic: Realities of Security in the Cloud
 
Securing virtual workload and cloud
Securing virtual workload and cloudSecuring virtual workload and cloud
Securing virtual workload and cloud
 
RightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the CloudRightScale Webinar: Security and Compliance in the Cloud
RightScale Webinar: Security and Compliance in the Cloud
 
The AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in PracticeThe AWS Shared Security Responsibility Model in Practice
The AWS Shared Security Responsibility Model in Practice
 
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in PracticeCSS 17: NYC - The AWS Shared Responsibility Model in Practice
CSS 17: NYC - The AWS Shared Responsibility Model in Practice
 
Securing Applications in the Cloud
Securing Applications in the CloudSecuring Applications in the Cloud
Securing Applications in the Cloud
 
Security As A Service
Security As A ServiceSecurity As A Service
Security As A Service
 
Cloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWSCloud Security Guidance from CESG and AWS
Cloud Security Guidance from CESG and AWS
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud Scale
 
AWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - KeynoteAWS Summit 2014 - Perth - Keynote
AWS Summit 2014 - Perth - Keynote
 

Destaque

Using Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend MicroUsing Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend MicroAmazon Web Services
 
iOS app security
iOS app security iOS app security
iOS app security Hokila Jan
 
Grow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS CloudGrow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS CloudAmazon Web Services
 
AWS re:Invent 2016| HLC302 | AWS Infrastructure for a Global Population Healt...
AWS re:Invent 2016| HLC302 | AWS Infrastructure for a Global Population Healt...AWS re:Invent 2016| HLC302 | AWS Infrastructure for a Global Population Healt...
AWS re:Invent 2016| HLC302 | AWS Infrastructure for a Global Population Healt...Amazon Web Services
 
AWS SQS for better architecture
AWS SQS for better architectureAWS SQS for better architecture
AWS SQS for better architectureSaurabh Bangad
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)Ankur Pipara
 

Destaque (8)

Using Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend MicroUsing Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend Micro
 
iOS app security
iOS app security iOS app security
iOS app security
 
Grow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS CloudGrow Your SMB Infrastructure on the AWS Cloud
Grow Your SMB Infrastructure on the AWS Cloud
 
AWS re:Invent 2016| HLC302 | AWS Infrastructure for a Global Population Healt...
AWS re:Invent 2016| HLC302 | AWS Infrastructure for a Global Population Healt...AWS re:Invent 2016| HLC302 | AWS Infrastructure for a Global Population Healt...
AWS re:Invent 2016| HLC302 | AWS Infrastructure for a Global Population Healt...
 
AWS SQS for better architecture
AWS SQS for better architectureAWS SQS for better architecture
AWS SQS for better architecture
 
SharePoint 2013 features overview
SharePoint 2013 features overviewSharePoint 2013 features overview
SharePoint 2013 features overview
 
Beginners SharePoint introduction
Beginners SharePoint introductionBeginners SharePoint introduction
Beginners SharePoint introduction
 
Internet of things (IoT)
Internet of things (IoT)Internet of things (IoT)
Internet of things (IoT)
 

Semelhante a AWS Webcast - Top 3 Ways to Improve Web App Security

(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...Amazon Web Services
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingAmazon Web Services
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero Amazon Web Services
 
Securing Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureSecuring Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureQualys
 
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...Amazon Web Services
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Amazon Web Services
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAmazon Web Services
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSAmazon Web Services
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...Amazon Web Services
 
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAutomating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAmazon Web Services
 
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Jeremy Gray
 
Barracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSBarracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSAmazon Web Services
 
Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision MakersMicrosoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision MakersMicrosoft Private Cloud
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...Amazon Web Services
 
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Amazon Web Services
 
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Amazon Web Services
 
Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?AWS Germany
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudAmazon Web Services
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & ComplianceAmazon Web Services
 
Security: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud AdoptionSecurity: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud AdoptionAmazon Web Services
 

Semelhante a AWS Webcast - Top 3 Ways to Improve Web App Security (20)

(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
 
CloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security ScalingCloudPassage Best Practices for Automatic Security Scaling
CloudPassage Best Practices for Automatic Security Scaling
 
3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero 3 Secrets to Becoming a Cloud Security Superhero
3 Secrets to Becoming a Cloud Security Superhero
 
Securing Your Public Cloud Infrastructure
Securing Your Public Cloud InfrastructureSecuring Your Public Cloud Infrastructure
Securing Your Public Cloud Infrastructure
 
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
AWS Partner Webcast - Web App Security on AWS: How to Make Shared Security Wo...
 
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
Session Sponsored by Trend Micro: 3 Secrets to Becoming a Cloud Security Supe...
 
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend MicroAWS Summit Auckland Platinum Sponsor presentation - Trend Micro
AWS Summit Auckland Platinum Sponsor presentation - Trend Micro
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWS
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar SeriesAutomating Compliance Defense in the Cloud - September 2016 Webinar Series
Automating Compliance Defense in the Cloud - September 2016 Webinar Series
 
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
Running Regulated Workloads on Azure PaaS services (DogFoodCon 2018)
 
Barracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWSBarracuda WAF: Scalable Security for Applications on AWS
Barracuda WAF: Scalable Security for Applications on AWS
 
Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision MakersMicrosoft Windows Azure Platform Appfabric for Technical Decision Makers
Microsoft Windows Azure Platform Appfabric for Technical Decision Makers
 
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
(ENT202) Four Critical Things to Consider When Moving Your Core Business Appl...
 
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
Mission (Not) Impossible: NIST 800-53 High Impact Controls on AWS | AWS Publi...
 
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
Automating Compliance Defense in the Cloud - Toronto FSI Symposium - October ...
 
Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?Warum ist Cloud-Sicherheit und Compliance wichtig?
Warum ist Cloud-Sicherheit und Compliance wichtig?
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel Cloud
 
Palo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & CompliancePalo Alto Networks: Protection for Security & Compliance
Palo Alto Networks: Protection for Security & Compliance
 
Security: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud AdoptionSecurity: A Driving Force Behind Cloud Adoption
Security: A Driving Force Behind Cloud Adoption
 

Mais de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mais de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Último

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGSujit Pal
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Último (20)

Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Google AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAGGoogle AI Hackathon: LLM based Evaluator for RAG
Google AI Hackathon: LLM based Evaluator for RAG
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

AWS Webcast - Top 3 Ways to Improve Web App Security

  • 1. Top 3 Ways to Improve Web App Security in AWS
  • 2. Ryan Holland Sr Manager, Partner Solution Architects Amazon Web Services
  • 3. AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Customer applications & content Customers Security & Compliance is a Shared Responsibility Customers are responsible for their security IN the Cloud AWS is responsible for the security OF the Cloud
  • 4. AWS Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network & Firewall Configuration Customer applications & content Culture of security and continual improvement Ongoing audit and assurance program Your content Your controls AWS Marketplace Security & Compliance is a Shared Responsibility Customers
  • 5. Every customer has access to the same security capabilities AWS maintains a formal control environment •SOC 1 (SSAE 16 & ISAE 3402) Type II (was SAS70) •SOC 2 Security •ISO 27001 Certification •Certified PCI DSS Level 1 Service Provider •FedRAMP(FISMA), ITAR, FIPS 140-2 •HIPAA and MPAA capable Foundation Services Compute Storage Database Networking AWS Global Infrastructure Regions Availability Zones Edge Locations
  • 6. Let AWS take care of the heavy lifting for you Facilities Physical security Compute infrastructure Storage infrastructure Network infrastructure Virtualization layer (EC2) Hardened service endpoints Rich IAM capabilities Network configuration Security groups OS firewalls Operating systems Applications Proper service configuration AuthN & acct management Authorization policies + = Customer Customers get to choose the right level of security for their business. As an AWS customer you can focus on your business and not be distracted by the muck.
  • 7. AWS partners can help you build secure solutions Facilities Physical security Compute infrastructure Storage infrastructure Network infrastructure Virtualization layer (EC2) Hardened service endpoints Fine-grained IAM capability + = AWS partner solutions These products and more are available on the AWS marketplace -WAF, VPN, IPS, AV, API gateways, data encryption, user management Your secure AWS solutions
  • 8. Top 3 Ways to Improve Web App Security in AWS Dawn Smeaton Product Marketing, Web App Security
  • 9. Cloud Security is a Shared Responsibility Copyright 2014 Trend Micro Inc. Cloud Service Provider Facilities Physical security Physical infrastructure Network infrastructure Virtualization infrastructure Cloud User Operation System Applications Data Identity & Access Security Groups
  • 10. Anti-malware Intrusion Prevention Host Firewall Integrity Monitoring Log Inspection Application Scanning Data Encryption ADAPTIVE Intelligent, dynamic provisioning & policy enforcement CONTEXT Workload & application-aware SCALABLE Auto-detect new instances and rapidly applies security PLATFORM Comprehensive capabilities across data center & cloud Copyright 2014 Trend Micro Inc.
  • 11. Web Apps are a Favorite Target Copyright 2014 Trend Micro Inc. Easy to develop exploits High value of data
  • 12. Ripped from the headlines Copyright © 2014 Trend Micro Inc. 1.2 billion internet credentials stolen by Russian hackers 4.5 million Healthcare records stolen by exploiting Heartbleedvulnerability
  • 13. SQL Injection example 1. Application presents a form 2. Attacker enters a SQL query in the form data 3. Application forwards query to database Account Summary Acct:5424-6066-2134-4334 Acct:4128-7574-3921-0192 Acct:5424-9383-2039-4029 Acct:4128-0004-1234-0293 4. Database runs the attack query and sends encrypted results back to app 5. Application decrypts data as normal and sends results to the attacker Username: Password: “SELECT * FROM acc "SELECT * FROM accounts WHERE acct=‘’ OR 1=1--’" Confidential | Copyright 2013 Trend Micro Inc. 13
  • 14. Web App Vulnerabilities InjectionBroken authenticationXSSSensitive data exposureCross site request forgeryInsecure direct object referencesSecurity misconfigurationMissing Function level access controlUnvalidatedredirects Technical Impacts Site defacementAccess to databases & internal networksLoss of sensitive dataGoogle search blacklistingMalwareUser accounts hijackedWeb server availability Business Impacts Damage to brand reputation Loss of customer trustRevenue lossFail PCI Compliance The impact of vulnerabilities can be huge Copyright 2014 Trend Micro Inc.
  • 15. Top Three ways to improve Web App Security Expand Detection Strengthen Defenses Centralize Visibility 1 2 3 Copyright 2014 Trend Micro Inc.
  • 17. Expand Detection Operating System (Known Vulnerabilities) Web Server (Known Vulnerabilities) Web Apps Copyright 2014 Trend Micro Inc.
  • 18. TECHNICAL FLAWS OGICAL FLAWS Different vulnerabilities need different approaches •Automated tools crawl websites, imitating user interaction to find errors in code, malware or links to inappropriate sites •Find common coding errors like SQL injection, cross site scripting, ineffective security controls Technical Flaws •Looking at site in context to find potential weaknesses •Manual testing uncovers flaws that are difficult or impossible to find with automated tools Logical Flaws Copyright 2014 Trend Micro Inc. 18
  • 19. Demo
  • 21. Traditional web app protection •Detects & blocks malicious activityat platform (Web server and OS) •Virtual patching from some offerings can shield discovered platform vulnerabilities without requiring code updates, patches, or configuration fixes •Analyzes traffic, including SSL- encrypted communication •Rules govern application behavior and block attacks without requiring app modification •Can help with PCI-DSS compliance Web Application Firewall (WAF) Intrusion Prevention Copyright 2014 Trend Micro Inc.
  • 23. Web App security that fits the cloud BUT… AWS requires pre-approval before scanning Hosting on AWS provides agility & scalability Copyright 2014 Trend Micro Inc. Auto Scaling group www.example.com security group root volume data volume Elastic Load Balancing EC2 instance web app server UNLESS you use an AWS pre-authorized scanner like Trend Micro
  • 24. Demo
  • 25. Continuous Visibility •Need actionable insights •Reduce number of solutions –App scanning –Manual testing –Platform scanning –SSL •Understand countermeasures available in overall security architecture Copyright 2014 Trend Micro Inc. “Single dashboard take lots of info and boils it down to make it easy to consume and share”
  • 26. Comprehensive Detection: Automated scanning of applications and platforms, plus app logic testing by security experts AWS Pre-authorized Scanner: No manual scan approvals required, Trend Micro is pre-authorized to scan web apps hosted on AWS 1 2 3 Integrated Management: Cloud-based, centralized single console for scanning, SSL certificates and protection Trend Micro Delivers Unparalleled Web App Security Copyright 2014 Trend Micro Inc.
  • 27. Get Started! •Schedule a personal product demo •Get a free trial –Scanning of up to 3 web apps in AWS, including full vulnerability report and SSL certificatesRequest your trial atwebappsecurity.trendmicro.com Copyright 2014 Trend Micro Inc.
  • 28. Q&A