SlideShare a Scribd company logo

AWS Security Overview and “What’s New”

Amazon Web Services
Amazon Web Services

AWS and its partners offer a wide range of tools and features to help you to meet your security objectives. These tools mirror the familiar controls you deploy within your on-premises environments. AWS provides security-specific tools and features across network security, configuration management, access control and data security. In addition, AWS provides monitoring and logging tools to can provide full visibility into what is happening in your environment. In this session, you will get introduced to the range of security tools and features that AWS offers, and the latest security innovations coming from AWS.

Technology
1 of 52
Download to read offline
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fall 2015 AWS Security Roadshow More Secure in the Cloud
Security Roadshow Agenda 1:00 pm – AWS Security Overview + What’s New 2:00 pm – Network Security & Access Control in AWS 2:55 pm – Refreshment Break (15 minutes) 3:10 pm – Protecting Your Data in AWS 4:10 pm – Securing Systems at Cloud Scale 5:00 pm – Closing Remarks + Open Q&A
© 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Overview + What’s New
1) Why is security such a hot topic? Because it’s important, and it’s hard
2) Why is enterprise security traditionally so hard? Because so much planning is needed
3) Why does planning take so long? Because it requires so many processes
4) Why so many processes? Because mistakes are easy to make and hard to correct
5) Why are mistakes so hard to correct? Lack of visibility Low degree of automation
So where does AWS come in? AWS makes security more agile Lets you move fast while staying safe
New tools to move fast and stay safe Amazon Inspector AWS WAF AWS Config Rules
Making Life Easier
Making life easier Choosing security does not mean giving up on convenience or introducing complexity
Security by Design (SbD)
Security by Design – SbD • Systematic approach to ensure security • Formalizes AWS account design • Automates security controls • Streamlines auditing • Provides control insights throughout the IT management processAWS CloudTrail AWS CloudHSM AWS IAM AWS KMS AWS Config
SbD – Scripting your governance policy Set of CloudFormation templates that accelerate compliance with PCI, HIPAA, FFIEC, FISMA, CJIS Result: Reliable technical implementation of administrative controls
How We Build Our Organization
AWS Security Team Operations Application Security Engineering Compliance Aligned for agility
Security ownership as part of DNA • Promotes culture of “everyone is an owner” for security • Makes security a stakeholder in business success • Enables easier and smoother communication Distributed Embedded
Operating principles Separation of duties Different personnel across service lines Least privilege
Technology to automate operational principles Visibility through automation Shrinking the protection boundaries Ubiquitous encryption
Amazon Inspector (Preview) Security assessment tool analyzing end-to-end application configuration and activity
Why Amazon Inspector? Applications testing key to moving fast but staying safe Security assessment highly manual, resulting in delays or missed security checks Valuable security subject matter experts spending too much time on routine security assessment
Amazon Inspector features Configuration Scanning Engine Activity monitoring Built-in content library Automatable via API Fully auditable
Amazon Inspector rulesets CVE Network Security Best Practices Authentication Best Practices Operating System Best Practices Application Security Best Practices PCI DCSS 3.0 Readiness
Amazon Inspector benefits Increased agility Embedded expertise Improved security posture Streamlined compliance
Getting started
Prioritized findings
Detailed remediation recommendations
AWS WAF
AWS WAF features Web filtering Amazon CloudFront integration Centralized rule management Real-time visibility API automation
AWS WAF benefits Increased protection against web attacks Ease of deployment and maintenance Security embedded in development process
AWS WAF in action AWS Management ConsoleAdmins Developers AWS API Web app in CloudFront Define rules Deploy protection AWS WAF
AWS WAF Partner integrations • Alert Logic, Trend Micro, and Imperva integrating with AWS WAF • Offer additional detection and threat intelligence • Dynamically modify rulesets of AWS WAF for increased protection
AWS Config Rules
AWS Config Rules features Flexible rules evaluated continuously and retroactively Dashboard and reports for common goals Customizable remediation API automation
AWS Config Rules Broad ecosystem of solutions
AWS Config Rules benefits Continuous monitoring for unexpected changes Shared compliance across your organization Simplified management of configuration changes
AWS Config Rules
Putting it all together: Before Auditor: ??? Develops app Reviews app Fixes app Updates app Fixes broken AWS WAF rules Deploys AWS WAF rules Reviews app
Putting it all together: After Auditor has full visibility Defines standards Develops app Fixes app Defines AWS WAF rules Optimizes environment Runs security tests Rapid updates
Security Training
New security training Training Security Fundamentals on AWS (Free online course) Security Operations on AWS (3-day class) Details at aws.amazon.com/training
Certification and education • Security Fundamentals on AWS • Free online course for security auditors and analysts • Security Operations on AWS • 3-day class for security engineers, architects, analysts, and auditors • Security Certification on AWS • Available here at re:Invent for those who have achieved AWS Solutions Architect – Professional certification
Security Partners
AWS Foundation Services Compute Storage Database Network AWS Global Infrastructure RegionsAvailability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network, & Firewall Configuration Customer Applications & Content Security & Compliance is a shared responsibility AWS Marketplace offers customers a choice of security configurations IN the Cloud AWS is responsible for the security OF the Cloud • Infrastructure Security – gateway, firewall, router, WAF, network, UTM • Identity & Access Control - allowed/authorized access • Logging & Monitoring - SIEM/ Governance, Risk, & Compliance (GRC) • Configuration & Vulnerability Analysis – scanning/pen testing and IPS/IDS • Data Protection - DRM/DLP/Encryption • Threat Analytics - continuous monitoring
AWS Marketplace Network/Security Partner Eco-system Infrastructure Security Logging & Monitoring Identity & Access Control Configuration & Vulnerability Analysis Data Protection SaaS SaaS SaaS
The Bottom Line
Design and deploy Define sensible defaults Inherit compliance controls Use available security features Manage templates—not instances
Operate and improve Constantly reduce the role of people Reduce privileged accounts Concentrate on what matters
Conclusions Security is critical We’re creating tools to make it easier We’re creating ways to help you build a world-class team You can move fast and stay safe
Don’t take my word for it… “CIOs and CISOs need to stop obsessing over unsubstantiated cloud security worries, and instead apply their imagination and energy to developing new approaches to cloud control, allowing them to securely, compliantly and reliably leverage the benefits of this increasingly ubiquitous computing model.” Clouds Are Secure: Are You Using Them Securely? Published: 22 September 2015 -- Jay Heiser “”"We worked closely with the Amazon team to develop a security model which we believe enables us to operate more securely in the public cloud than we can even in our own data centers.” – Rob Alexander, CIO Capital One
Thank you!

Recommended

Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...😸 Richard Spindler
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAmazon Web Services
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - OverviewSai Kesavamatham
 
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveAWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveJason Chan
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWSAmazon Web Services
 

Recommended

Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS SecurityAmazon Web Services
 
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSJourney Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWSAmazon Web Services
 
Intro to AWS: Security
Intro to AWS: SecurityIntro to AWS: Security
Intro to AWS: SecurityAmazon Web Services
 
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...
AWS Security - An Engineer’s Introduction to AWS Security Auditing using CIS ...😸 Richard Spindler
 
AWS Security Best Practices
AWS Security Best PracticesAWS Security Best Practices
AWS Security Best PracticesAmazon Web Services
 
AWS Security Architecture - Overview
AWS Security Architecture - OverviewAWS Security Architecture - Overview
AWS Security Architecture - OverviewSai Kesavamatham
 
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveAWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's PerspectiveJason Chan
 
Security & Compliance in AWS
Security & Compliance in AWSSecurity & Compliance in AWS
Security & Compliance in AWSAmazon Web Services
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerEast Midlands Cyber Security Forum
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals Christopher Caplan
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWSAmazon Web Services
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services
 
AWS - Security and Compliance Overview
AWS - Security and Compliance OverviewAWS - Security and Compliance Overview
AWS - Security and Compliance OverviewRightScale
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelAmazon Web Services
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWSPolarSeven Pty Ltd
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practicesSundeep Roxx
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Amazon Web Services
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
Understanding AWS security
Understanding AWS securityUnderstanding AWS security
Understanding AWS securityAmazon Web Services
 
What's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow DublinWhat's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow DublinAmazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice Alert Logic
 
Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS SecurityAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityAmazon Web Services
 

More Related Content

What's hot

Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWSAmazon Web Services
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScaleAmazon Web Services
 
AWS - Security and Compliance Overview
AWS - Security and Compliance OverviewAWS - Security and Compliance Overview
AWS - Security and Compliance OverviewRightScale
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAmazon Web Services
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS SecurityLalitMohanSharma8
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelAmazon Web Services
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Amazon Web Services
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAmazon Web Services
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud Amazon Web Services
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practicesSundeep Roxx
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Amazon Web Services
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeAlert Logic
 
What's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow DublinWhat's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow DublinAmazon Web Services
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityAmazon Web Services
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Amazon Web Services
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice Alert Logic
 

What's hot (20)

Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
 
Aws security Fundamentals
Aws security Fundamentals Aws security Fundamentals
Aws security Fundamentals
 
Building Secure Architectures on AWS
Building Secure Architectures on AWSBuilding Secure Architectures on AWS
Building Secure Architectures on AWS
 
Putting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud ScalePutting it All Together: Securing Systems at Cloud Scale
Putting it All Together: Securing Systems at Cloud Scale
 
AWS - Security and Compliance Overview
AWS - Security and Compliance OverviewAWS - Security and Compliance Overview
AWS - Security and Compliance Overview
 
AWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & ComplianceAWS Security Week: Security, Identity, & Compliance
AWS Security Week: Security, Identity, & Compliance
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
In Depth: AWS Shared Security Model
In Depth: AWS Shared Security ModelIn Depth: AWS Shared Security Model
In Depth: AWS Shared Security Model
 
Shared Security in AWS
Shared Security in AWSShared Security in AWS
Shared Security in AWS
 
Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices Journey Through The Cloud - Security Best Practices
Journey Through The Cloud - Security Best Practices
 
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best PracticesAWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
 
Security and Compliance in the Cloud
Security and Compliance in the Cloud Security and Compliance in the Cloud
Security and Compliance in the Cloud
 
Aws security best practices
Aws security best practicesAws security best practices
Aws security best practices
 
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
Architecting for End-to-End Security in the Enterprise (ARC308) | AWS re:Inve...
 
CSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in PracticeCSS17: DC - The AWS Shared Responsibility Model in Practice
CSS17: DC - The AWS Shared Responsibility Model in Practice
 
Understanding AWS security
Understanding AWS securityUnderstanding AWS security
Understanding AWS security
 
What's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow DublinWhat's (nearly) new | AWS Security Roadshow Dublin
What's (nearly) new | AWS Security Roadshow Dublin
 
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS SecurityThe 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
 
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
 
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
CSS17: Atlanta - The AWS Shared Responsibility Model in Practice
 

Viewers also liked

(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014Amazon Web Services
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAmazon Web Services
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennaivinoth kumar
 
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014Amazon Web Services
 
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...Amazon Web Services
 
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014Amazon Web Services
 
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...Amazon Web Services
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Amazon Web Services
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSAmazon Web Services
 
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014Amazon Web Services
 
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAmazon Web Services
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAlgoSec
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPAAmazon Web Services
 

Viewers also liked (20)

Intro to AWS Security
Intro to AWS SecurityIntro to AWS Security
Intro to AWS Security
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
(SEC201) AWS Security Keynote Address | AWS re:Invent 2014
 
Introduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar SeriesIntroduction to Three AWS Security Services - November 2016 Webinar Series
Introduction to Three AWS Security Services - November 2016 Webinar Series
 
Getting Started with AWS Security
Getting Started with AWS Security Getting Started with AWS Security
Getting Started with AWS Security
 
Security on AWS
Security on AWSSecurity on AWS
Security on AWS
 
AWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design PatternsAWS Security Best Practices and Design Patterns
AWS Security Best Practices and Design Patterns
 
AWS security - NULL meet chennai
AWS security - NULL meet chennaiAWS security - NULL meet chennai
AWS security - NULL meet chennai
 
AWS Security & Compliance
AWS Security & ComplianceAWS Security & Compliance
AWS Security & Compliance
 
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
(BAC202) Introducing AWS Solutions for Backup and Archiving | AWS re:Invent 2014
 
Aws 101
Aws 101Aws 101
Aws 101
 
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
(SEC315) NEW LAUNCH: Get Deep Visibility into Resource Configurations | AWS r...
 
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
(SEC308) Navigating PCI Compliance in the Cloud | AWS re:Invent 2014
 
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
(SEC314) Customer Perspectives on Implementing Security Controls with AWS | A...
 
Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301Enforcing Your Security Policy at Scale - Technical 301
Enforcing Your Security Policy at Scale - Technical 301
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWS
 
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
 
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security KeynoteAWS Summit Benelux 2013 - AWS Cloud Security Keynote
AWS Summit Benelux 2013 - AWS Cloud Security Keynote
 
AWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’tsAWS Security Fundamentals: Dos and Don’ts
AWS Security Fundamentals: Dos and Don’ts
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
 

Similar to AWS Security Overview and “What’s New”

(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?Amazon Web Services
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About SecurityAmazon Web Services
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAmazon Web Services
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudAmazon Web Services
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...Amazon Web Services
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAmazon Web Services
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...Amazon Web Services
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Kimberly Macias
 
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security ModelAlert Logic
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS SecurityAmazon Web Services
 
(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the EnterpriseAmazon Web Services
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markryAmazon Web Services LATAM
 
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)Amazon Web Services
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAmazon Web Services
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS SecurityAmazon Web Services
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudAmazon Web Services
 
Getting started with aws security toronto rs
Getting started with aws security toronto rsGetting started with aws security toronto rs
Getting started with aws security toronto rsAmazon Web Services
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationAmazon Web Services
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAmazon Web Services
 

Similar to AWS Security Overview and “What’s New” (20)

(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?(SEC201) How Should We All Think About Security?
(SEC201) How Should We All Think About Security?
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About Security
 
AWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security ModelAWS Webcast - Understanding the AWS Security Model
AWS Webcast - Understanding the AWS Security Model
 
Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS Cloud
 
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
AWS Summit 2013 | Singapore - Security & Compliance and Integrated Security w...
 
AWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the CloudAWS Enterprise Summit London 2015 | Security in the Cloud
AWS Enterprise Summit London 2015 | Security in the Cloud
 
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
(SEC311) Architecting for End-to-End Security in the Enterprise | AWS re:Inve...
 
Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3Blue Chip Tek Connect and Protect Presentation #3
Blue Chip Tek Connect and Protect Presentation #3
 
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
 
Getting Started With AWS Security
Getting Started With AWS SecurityGetting Started With AWS Security
Getting Started With AWS Security
 
(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise(SEC303) Architecting for End-To-End Security in the Enterprise
(SEC303) Architecting for End-To-End Security in the Enterprise
 
1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry1. aws security and compliance wwps pre-day sao paolo - markry
1. aws security and compliance wwps pre-day sao paolo - markry
 
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
AWS re:Invent 2016: The Psychology of Security Automation (SAC307)
 
AWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program OverviewAWS Shared Responsibility Model & Compliance Program Overview
AWS Shared Responsibility Model & Compliance Program Overview
 
Intro & Security Update
Intro & Security UpdateIntro & Security Update
Intro & Security Update
 
Getting Started with AWS Security
Getting Started with AWS SecurityGetting Started with AWS Security
Getting Started with AWS Security
 
Sicurezza e Compliance nel Cloud
Sicurezza e Compliance nel CloudSicurezza e Compliance nel Cloud
Sicurezza e Compliance nel Cloud
 
Getting started with aws security toronto rs
Getting started with aws security toronto rsGetting started with aws security toronto rs
Getting started with aws security toronto rs
 
Modern Security and Compliance Through Automation
Modern Security and Compliance Through AutomationModern Security and Compliance Through Automation
Modern Security and Compliance Through Automation
 
An Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the CloudAn Evolving Security Landscape – Security Patterns in the Cloud
An Evolving Security Landscape – Security Patterns in the Cloud
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteDianaGray10
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr BaganFwdays
 

Recently uploaded (20)

"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Take control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test SuiteTake control of your SAP testing with UiPath Test Suite
Take control of your SAP testing with UiPath Test Suite
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan"ML in Production",Oleksandr Bagan
"ML in Production",Oleksandr Bagan
 

AWS Security Overview and “What’s New”

  • 1. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Fall 2015 AWS Security Roadshow More Secure in the Cloud
  • 2. Security Roadshow Agenda 1:00 pm – AWS Security Overview + What’s New 2:00 pm – Network Security & Access Control in AWS 2:55 pm – Refreshment Break (15 minutes) 3:10 pm – Protecting Your Data in AWS 4:10 pm – Securing Systems at Cloud Scale 5:00 pm – Closing Remarks + Open Q&A
  • 3. © 2015, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Overview + What’s New
  • 4. 1) Why is security such a hot topic? Because it’s important, and it’s hard
  • 5. 2) Why is enterprise security traditionally so hard? Because so much planning is needed
  • 6. 3) Why does planning take so long? Because it requires so many processes
  • 7. 4) Why so many processes? Because mistakes are easy to make and hard to correct
  • 8. 5) Why are mistakes so hard to correct? Lack of visibility Low degree of automation
  • 9. So where does AWS come in? AWS makes security more agile Lets you move fast while staying safe
  • 10. New tools to move fast and stay safe Amazon Inspector AWS WAF AWS Config Rules
  • 12. Making life easier Choosing security does not mean giving up on convenience or introducing complexity
  • 14. Security by Design – SbD • Systematic approach to ensure security • Formalizes AWS account design • Automates security controls • Streamlines auditing • Provides control insights throughout the IT management processAWS CloudTrail AWS CloudHSM AWS IAM AWS KMS AWS Config
  • 15. SbD – Scripting your governance policy Set of CloudFormation templates that accelerate compliance with PCI, HIPAA, FFIEC, FISMA, CJIS Result: Reliable technical implementation of administrative controls
  • 16. How We Build Our Organization
  • 17. AWS Security Team Operations Application Security Engineering Compliance Aligned for agility
  • 18. Security ownership as part of DNA • Promotes culture of “everyone is an owner” for security • Makes security a stakeholder in business success • Enables easier and smoother communication Distributed Embedded
  • 19. Operating principles Separation of duties Different personnel across service lines Least privilege
  • 20. Technology to automate operational principles Visibility through automation Shrinking the protection boundaries Ubiquitous encryption
  • 21. Amazon Inspector (Preview) Security assessment tool analyzing end-to-end application configuration and activity
  • 22. Why Amazon Inspector? Applications testing key to moving fast but staying safe Security assessment highly manual, resulting in delays or missed security checks Valuable security subject matter experts spending too much time on routine security assessment
  • 23. Amazon Inspector features Configuration Scanning Engine Activity monitoring Built-in content library Automatable via API Fully auditable
  • 24. Amazon Inspector rulesets CVE Network Security Best Practices Authentication Best Practices Operating System Best Practices Application Security Best Practices PCI DCSS 3.0 Readiness
  • 25. Amazon Inspector benefits Increased agility Embedded expertise Improved security posture Streamlined compliance
  • 30. AWS WAF features Web filtering Amazon CloudFront integration Centralized rule management Real-time visibility API automation
  • 31. AWS WAF benefits Increased protection against web attacks Ease of deployment and maintenance Security embedded in development process
  • 32. AWS WAF in action AWS Management ConsoleAdmins Developers AWS API Web app in CloudFront Define rules Deploy protection AWS WAF
  • 33. AWS WAF Partner integrations • Alert Logic, Trend Micro, and Imperva integrating with AWS WAF • Offer additional detection and threat intelligence • Dynamically modify rulesets of AWS WAF for increased protection
  • 35. AWS Config Rules features Flexible rules evaluated continuously and retroactively Dashboard and reports for common goals Customizable remediation API automation
  • 36. AWS Config Rules Broad ecosystem of solutions
  • 37. AWS Config Rules benefits Continuous monitoring for unexpected changes Shared compliance across your organization Simplified management of configuration changes
  • 39. Putting it all together: Before Auditor: ??? Develops app Reviews app Fixes app Updates app Fixes broken AWS WAF rules Deploys AWS WAF rules Reviews app
  • 40. Putting it all together: After Auditor has full visibility Defines standards Develops app Fixes app Defines AWS WAF rules Optimizes environment Runs security tests Rapid updates
  • 42. New security training Training Security Fundamentals on AWS (Free online course) Security Operations on AWS (3-day class) Details at aws.amazon.com/training
  • 43. Certification and education • Security Fundamentals on AWS • Free online course for security auditors and analysts • Security Operations on AWS • 3-day class for security engineers, architects, analysts, and auditors • Security Certification on AWS • Available here at re:Invent for those who have achieved AWS Solutions Architect – Professional certification
  • 45. AWS Foundation Services Compute Storage Database Network AWS Global Infrastructure RegionsAvailability Zones Edge Locations Client-side Data Encryption Server-side Data Encryption Network Traffic Protection Platform, Applications, Identity & Access Management Operating System, Network, & Firewall Configuration Customer Applications & Content Security & Compliance is a shared responsibility AWS Marketplace offers customers a choice of security configurations IN the Cloud AWS is responsible for the security OF the Cloud • Infrastructure Security – gateway, firewall, router, WAF, network, UTM • Identity & Access Control - allowed/authorized access • Logging & Monitoring - SIEM/ Governance, Risk, & Compliance (GRC) • Configuration & Vulnerability Analysis – scanning/pen testing and IPS/IDS • Data Protection - DRM/DLP/Encryption • Threat Analytics - continuous monitoring
  • 46. AWS Marketplace Network/Security Partner Eco-system Infrastructure Security Logging & Monitoring Identity & Access Control Configuration & Vulnerability Analysis Data Protection SaaS SaaS SaaS
  • 48. Design and deploy Define sensible defaults Inherit compliance controls Use available security features Manage templates—not instances
  • 49. Operate and improve Constantly reduce the role of people Reduce privileged accounts Concentrate on what matters
  • 50. Conclusions Security is critical We’re creating tools to make it easier We’re creating ways to help you build a world-class team You can move fast and stay safe
  • 51. Don’t take my word for it… “CIOs and CISOs need to stop obsessing over unsubstantiated cloud security worries, and instead apply their imagination and energy to developing new approaches to cloud control, allowing them to securely, compliantly and reliably leverage the benefits of this increasingly ubiquitous computing model.” Clouds Are Secure: Are You Using Them Securely? Published: 22 September 2015 -- Jay Heiser “”"We worked closely with the Amazon team to develop a security model which we believe enables us to operate more securely in the public cloud than we can even in our own data centers.” – Rob Alexander, CIO Capital One