SlideShare a Scribd company logo

Developing a Continuous Automated Approach to Cloud Security

Amazon Web Services
Amazon Web Services

Many organizations struggle daily with the question - "Where do we stand with our AWS security practices?" With the recent release of the Center for Internet Security's CIS AWS Foundations Benchmark, organizations now have an industry-accepted set of security configuration best practices. These benchmarks, in combination with 3rd party security solutions that support them, can form the foundation for security operations at organizations of all sizes through continuous monitoring and auditing.

Technology
1 of 29
Download to read offline
© 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tim Prendergast, CEO and co-founder, Evident.io 04 / 19 / 2016 Automating Security Operations on AWS
Of the changes catalyzed by cloud, security is still the most exciting.
Your Role in Securing AWS is Well-Defined Customer Data Applications Identity Access Mgmt OS Network Firewall Client-side Encryption Server-side Encryption Network Traffic Protection Compute Storage Networking AWS Global Infrastructure (Regions, AZs, Edge Locations) AWS: Security of the Cloud Customer: Security in the Cloud
Legacy Datacenters • Big Perimeter • End-to-End Ownership • Build it all yourself • Server-centric approach • Self-managed Services • Static Architecture • De-centralized Administration The security paradigm shifted AWS • Micro-Perimeters • Own just enough • Focus on your core value • Service-Centric • Platform Services • Continuously Evolving • Central Control Plane (API)
… but the security technology is dated Customer Data Applications Identity Access Mgmt OS Network Firewall Client-side Encryption Server-side Encryption Network Traffic Protection Network Appliances Host-based Agents IP-based scanners Log Analytics DLP & Encryption Manual Audits These technologies rarely embrace cloud values
Host Security isn’t enough Why protect here… When your critical data is now here? (and 50+ other svcs)
Virtual Appliances don’t scale VIDS / VIPS Traffic flows fine at “planned” capacity But in Elastic Events… Appliance capacity overwhelmed
And in general, too much information flows… ElasticSearch This is just a SUBSET of an average shop’s data flows
Humans scale to a point…
And then we turn to computers.
Why automate Security? We’re >1m security professionals short of “equilibrium” and lagging…
Why automate Security? Alert Psychology proves that fatigue destroys process
Why automate Security? As infrastructure and software delivery accelerate, there is no alternative.
Pick your Flavor Rugged DevOps DevSecOps Agile Security Secure By Design
Q: Where does Security Belong?
Security Automation Is Good For EVERYONE DevOps builds Value Security builds TRUST Customers / Businesses need TRUST and VALUE. Security DevOps
SecOps in AWS • Need to take a holistic approach • Need to capture past, present, and predicted state • Need query capability for Incident Response (IR) • Need to tie into DevOps technologies to maximize reach • Need to automate response to minimize response time
Rubber, meet road https://benchmarks.cisecurity.org/downloads/show-single/?file=awsfoundations.100 CIS Benchmarks for AWS: - Community driven - Clear and Concise - Implementation Guidance - Third-party supported
Implementation is Step 1
1s and 0s Telemetry is critical
State Capture states from: - API ( the source of all truth) - Audit Sources (AWS CloudTrail / AWS Config) - Applications & Data - Identities & Policies - Telemetry (Amazon CloudWatch, Amazon CloudWatch Logs + Amazon CloudWatch Events) Step 2 – if you are keeping track
PITBL Point-in-Time analysis Baseline Creation Behavioral Analysis
The Spanish Inquisition Querying data answers questions Did anyone launch an unapproved server last month? Were any of our load balancers affected by weak DH keys? Are we really doing what we SAY we are doing? #3
The Action Be an Action Hero This is all useless unless you DO SOMETHING Security Event Lambda #4
Minecraft, the craft of mining Mine the data for compliance, predictive security models, and other key learnings
Evident Security Platform (ESP) • 100% AWS Native Application • Agentless Deployment • Continuous Security Scanning & Alerting across all AWS services • Integrates tightly with DevOps tools to accelerate secure product lifecycles • Tracks history and state to support Audit and Compliance needs
Next Steps… 1. Talk with the Evident team at Booth #101 to dive deeper and get FREE CIS Benchmark reviews 2. Add our blog to your reading list: https://blog.evident.io 3. Find your peers here and talk security! AWS events are the best places to meet and learn. 4. Be sure you attend re:Invent 2016!
Developing a Continuous Automated Approach to Cloud Security

Recommended

Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Amazon Web Services
 
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
Amazon Web Services
 
IAM Recommended Practices
IAM Recommended PracticesIAM Recommended Practices
IAM Recommended Practices
Amazon Web Services
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Amazon Web Services
 
Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Security Architecture recommendations for your new AWS operation - Pop-up Lof...Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Amazon Web Services
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
Amazon Web Services
 
Getting Started with AWS IoT
Getting Started with AWS IoTGetting Started with AWS IoT
Getting Started with AWS IoT
Amazon Web Services
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The Cloud
Mark Nunnikhoven
 

Recommended

Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Integrate Social Login Into Mobile Apps (SEC401) | AWS re:Invent 2013
Amazon Web Services
 
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
AWS March 2016 Webinar Series - Best Practices for Managing Security Operatio...
Amazon Web Services
 
IAM Recommended Practices
IAM Recommended PracticesIAM Recommended Practices
IAM Recommended Practices
Amazon Web Services
 
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto Getting Started with Windows Workloads on Amazon EC2 - Toronto
Getting Started with Windows Workloads on Amazon EC2 - Toronto
Amazon Web Services
 
Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Security Architecture recommendations for your new AWS operation - Pop-up Lof...Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Security Architecture recommendations for your new AWS operation - Pop-up Lof...
Amazon Web Services
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
Amazon Web Services
 
Getting Started with AWS IoT
Getting Started with AWS IoTGetting Started with AWS IoT
Getting Started with AWS IoT
Amazon Web Services
 
Updating Security Operations For The Cloud
Updating Security Operations For The CloudUpdating Security Operations For The Cloud
Updating Security Operations For The Cloud
Mark Nunnikhoven
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
Amazon Web Services
 
(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale
Amazon Web Services
 
Transparency and Auditing on AWS
Transparency and Auditing on AWSTransparency and Auditing on AWS
Transparency and Auditing on AWS
Amazon Web Services
 
Building Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar SeriesBuilding Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar Series
Amazon Web Services
 
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
Amazon Web Services
 
(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud
Amazon Web Services
 
(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS
Amazon Web Services
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWS
Amazon Web Services
 
Monitoring and Alerting
Monitoring and AlertingMonitoring and Alerting
Monitoring and Alerting
Amazon Web Services
 
Protecting Your Data in AWS
Protecting Your Data in AWSProtecting Your Data in AWS
Protecting Your Data in AWS
Amazon Web Services
 
AWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar SeriesAWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar Series
Amazon Web Services
 
(DVO304) AWS CloudFormation Best Practices
(DVO304) AWS CloudFormation Best Practices(DVO304) AWS CloudFormation Best Practices
(DVO304) AWS CloudFormation Best Practices
Amazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
Amazon Web Services
 
AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...
AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...
AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...
Amazon Web Services
 
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
Amazon Web Services
 
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
Amazon Web Services
 
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013Encryption and key management in AWS (SEC304) | AWS re:Invent 2013
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013
Amazon Web Services
 
Reading the AWS Compliance Framework
Reading the AWS Compliance FrameworkReading the AWS Compliance Framework
Reading the AWS Compliance Framework
Amazon Web Services
 
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Amazon Web Services
 
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
Amazon Web Services
 
AWS Summit - Trends in Advanced Monitoring for AWS environments
AWS Summit - Trends in Advanced Monitoring for AWS environmentsAWS Summit - Trends in Advanced Monitoring for AWS environments
AWS Summit - Trends in Advanced Monitoring for AWS environments
Andreas Grabner
 
소셜 코딩 GitHub & branch & branch strategy
소셜 코딩 GitHub & branch & branch strategy소셜 코딩 GitHub & branch & branch strategy
소셜 코딩 GitHub & branch & branch strategy
Kenu, GwangNam Heo
 

More Related Content

What's hot

Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
Amazon Web Services
 
(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale
Amazon Web Services
 
Building Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar SeriesBuilding Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar Series
Amazon Web Services
 
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
Amazon Web Services
 
(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud
Amazon Web Services
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWS
Amazon Web Services
 
(DVO304) AWS CloudFormation Best Practices
(DVO304) AWS CloudFormation Best Practices(DVO304) AWS CloudFormation Best Practices
(DVO304) AWS CloudFormation Best Practices
Amazon Web Services
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
Amazon Web Services
 
AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...
AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...
AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...
Amazon Web Services
 
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
Amazon Web Services
 
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
Amazon Web Services
 

What's hot (20)

Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale(SEC313) Security & Compliance at the Petabyte Scale
(SEC313) Security & Compliance at the Petabyte Scale
 
Transparency and Auditing on AWS
Transparency and Auditing on AWSTransparency and Auditing on AWS
Transparency and Auditing on AWS
 
Building Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar SeriesBuilding Serverless Chat Bots - AWS August Webinar Series
Building Serverless Chat Bots - AWS August Webinar Series
 
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
AWS April Webinar Series - Security Best Practices: Compliance Beyond the Che...
 
(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud(SEC203) Journey to Securing Time Inc's Move to the Cloud
(SEC203) Journey to Securing Time Inc's Move to the Cloud
 
(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS(SEC301) Strategies for Protecting Data Using Encryption in AWS
(SEC301) Strategies for Protecting Data Using Encryption in AWS
 
Rackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWSRackspace: Best Practices for Security Compliance on AWS
Rackspace: Best Practices for Security Compliance on AWS
 
Monitoring and Alerting
Monitoring and AlertingMonitoring and Alerting
Monitoring and Alerting
 
Protecting Your Data in AWS
Protecting Your Data in AWSProtecting Your Data in AWS
Protecting Your Data in AWS
 
AWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar SeriesAWS Services Overview - September 2016 Webinar Series
AWS Services Overview - September 2016 Webinar Series
 
(DVO304) AWS CloudFormation Best Practices
(DVO304) AWS CloudFormation Best Practices(DVO304) AWS CloudFormation Best Practices
(DVO304) AWS CloudFormation Best Practices
 
Understanding AWS Security
Understanding AWS SecurityUnderstanding AWS Security
Understanding AWS Security
 
AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...
AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...
AWS January 2016 Webinar Series - Building Smart Applications with Amazon Mac...
 
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
(SEC402) Intrusion Detection in the Cloud | AWS re:Invent 2014
 
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS EncryptionAWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
AWS June Webinar Series - Deep Dive: Protecting Your Data with AWS Encryption
 
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013Encryption and key management in AWS (SEC304) | AWS re:Invent 2013
Encryption and key management in AWS (SEC304) | AWS re:Invent 2013
 
Reading the AWS Compliance Framework
Reading the AWS Compliance FrameworkReading the AWS Compliance Framework
Reading the AWS Compliance Framework
 
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
Cloud ID Management of North Carolina Department of Public Instruction (SEC10...
 
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
AWS CloudTrail to Track AWS Resources in Your Account (SEC207) | AWS re:Inven...
 

Viewers also liked

Integrating the CDO Role Into Your Organization; Managing the Disruption (MIT...
Integrating the CDO Role Into Your Organization; Managing the Disruption (MIT...Integrating the CDO Role Into Your Organization; Managing the Disruption (MIT...
Integrating the CDO Role Into Your Organization; Managing the Disruption (MIT...
Caserta
 
Finding HMAS Sydney Chapter 9 - Search for Sydney
Finding HMAS Sydney Chapter 9 - Search for SydneyFinding HMAS Sydney Chapter 9 - Search for Sydney
Finding HMAS Sydney Chapter 9 - Search for Sydney
Elk Software Group
 
02 a holistic approach to big data
02 a holistic approach to big data02 a holistic approach to big data
02 a holistic approach to big data
Raul Chong
 
Open Source Monitoring Tools Shootout
Open Source Monitoring Tools ShootoutOpen Source Monitoring Tools Shootout
Open Source Monitoring Tools Shootout
tomdc
 
Experimental Photography Artist Research
Experimental Photography Artist ResearchExperimental Photography Artist Research
Experimental Photography Artist Research
Jaskirt Boora
 

Viewers also liked (20)

AWS Summit - Trends in Advanced Monitoring for AWS environments
AWS Summit - Trends in Advanced Monitoring for AWS environmentsAWS Summit - Trends in Advanced Monitoring for AWS environments
AWS Summit - Trends in Advanced Monitoring for AWS environments
 
소셜 코딩 GitHub & branch & branch strategy
소셜 코딩 GitHub & branch & branch strategy소셜 코딩 GitHub & branch & branch strategy
소셜 코딩 GitHub & branch & branch strategy
 
Cwin16 tls-s2-0945-going cloud native
Cwin16 tls-s2-0945-going cloud nativeCwin16 tls-s2-0945-going cloud native
Cwin16 tls-s2-0945-going cloud native
 
codeless/serverless develop
codeless/serverless develop codeless/serverless develop
codeless/serverless develop
 
High Availability Architecture for Legacy Stuff - a 10.000 feet overview
High Availability Architecture for Legacy Stuff - a 10.000 feet overviewHigh Availability Architecture for Legacy Stuff - a 10.000 feet overview
High Availability Architecture for Legacy Stuff - a 10.000 feet overview
 
Integrating the CDO Role Into Your Organization; Managing the Disruption (MIT...
Integrating the CDO Role Into Your Organization; Managing the Disruption (MIT...Integrating the CDO Role Into Your Organization; Managing the Disruption (MIT...
Integrating the CDO Role Into Your Organization; Managing the Disruption (MIT...
 
Lightweight Taxonomy Approaches - Taxonomy Bootcamp 2015
Lightweight Taxonomy Approaches - Taxonomy Bootcamp 2015Lightweight Taxonomy Approaches - Taxonomy Bootcamp 2015
Lightweight Taxonomy Approaches - Taxonomy Bootcamp 2015
 
Grade 3 text structure assessment teaching guide
Grade 3 text structure assessment teaching guideGrade 3 text structure assessment teaching guide
Grade 3 text structure assessment teaching guide
 
Finding HMAS Sydney Chapter 9 - Search for Sydney
Finding HMAS Sydney Chapter 9 - Search for SydneyFinding HMAS Sydney Chapter 9 - Search for Sydney
Finding HMAS Sydney Chapter 9 - Search for Sydney
 
Bim based process mining master thesis presentation
Bim based process mining master thesis presentation Bim based process mining master thesis presentation
Bim based process mining master thesis presentation
 
Rio Cloud Computing Meetup 25/01/2017 - Lançamentos do AWS re:Invent 2016
Rio Cloud Computing Meetup 25/01/2017 - Lançamentos do AWS re:Invent 2016Rio Cloud Computing Meetup 25/01/2017 - Lançamentos do AWS re:Invent 2016
Rio Cloud Computing Meetup 25/01/2017 - Lançamentos do AWS re:Invent 2016
 
Big Data Commercialization and associated IoT Platform Implications by Ramnik...
Big Data Commercialization and associated IoT Platform Implications by Ramnik...Big Data Commercialization and associated IoT Platform Implications by Ramnik...
Big Data Commercialization and associated IoT Platform Implications by Ramnik...
 
How OpenTable uses Big Data to impact growth by Raman Marya
How OpenTable uses Big Data to impact growth by Raman MaryaHow OpenTable uses Big Data to impact growth by Raman Marya
How OpenTable uses Big Data to impact growth by Raman Marya
 
Cloud Foundry Summit 2017
Cloud Foundry Summit 2017Cloud Foundry Summit 2017
Cloud Foundry Summit 2017
 
Brochure go2UBL
Brochure go2UBLBrochure go2UBL
Brochure go2UBL
 
02 a holistic approach to big data
02 a holistic approach to big data02 a holistic approach to big data
02 a holistic approach to big data
 
Open Source Monitoring Tools Shootout
Open Source Monitoring Tools ShootoutOpen Source Monitoring Tools Shootout
Open Source Monitoring Tools Shootout
 
Intel and Big Data
Intel and Big DataIntel and Big Data
Intel and Big Data
 
Experimental Photography Artist Research
Experimental Photography Artist ResearchExperimental Photography Artist Research
Experimental Photography Artist Research
 
Bennett raglinphotography
Bennett raglinphotographyBennett raglinphotography
Bennett raglinphotography
 

Similar to Developing a Continuous Automated Approach to Cloud Security

“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
Amazon Web Services
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
Evident.io
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
Amazon Web Services
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
Amazon Web Services
 
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
Amazon Web Services
 
Jobvite: A Holistic Approach to Security
Jobvite: A Holistic Approach to SecurityJobvite: A Holistic Approach to Security
Jobvite: A Holistic Approach to Security
Theodore Kim
 

Similar to Developing a Continuous Automated Approach to Cloud Security (20)

Why You Are Secure in the AWS Cloud
Why You Are Secure in the AWS CloudWhy You Are Secure in the AWS Cloud
Why You Are Secure in the AWS Cloud
 
Secure your critical workload on AWS
Secure your critical workload on AWSSecure your critical workload on AWS
Secure your critical workload on AWS
 
Boot camp - Migration to AWS
Boot camp - Migration to AWSBoot camp - Migration to AWS
Boot camp - Migration to AWS
 
How We Should Think About Security
How We Should Think About SecurityHow We Should Think About Security
How We Should Think About Security
 
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
“Cloud First” Helps Hub Intl Grow the Business with Splunk on AWS (ANT330-S) ...
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 
5 Years Of Building SaaS On AWS
5 Years Of Building SaaS On AWS5 Years Of Building SaaS On AWS
5 Years Of Building SaaS On AWS
 
Information Security in AWS - Dave Walker
Information Security in AWS - Dave WalkerInformation Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
 
Automating your AWS Security Operations
Automating your AWS Security OperationsAutomating your AWS Security Operations
Automating your AWS Security Operations
 
(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud(SEC310) Keeping Developers and Auditors Happy in the Cloud
(SEC310) Keeping Developers and Auditors Happy in the Cloud
 
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
AWS re:Invent 2016: Fueling Migration: Shortcutting your Application Portfoli...
 
Jobvite: A Holistic Approach to Security
Jobvite: A Holistic Approach to SecurityJobvite: A Holistic Approach to Security
Jobvite: A Holistic Approach to Security
 
Automating AWS security and compliance
Automating AWS security and compliance Automating AWS security and compliance
Automating AWS security and compliance
 
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWSIntro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
 
A Case Study on Insider Threat Detection
A Case Study on Insider Threat DetectionA Case Study on Insider Threat Detection
A Case Study on Insider Threat Detection
 
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
 
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentationJustin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
Justin Fox_NuData Security_A Master_Card_Company_June 9 2017_presentation
 
AWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & ComplianceAWS Innovate Ottawa: Security & Compliance
AWS Innovate Ottawa: Security & Compliance
 
Secure Configuration and Automation Overview
Secure Configuration and Automation OverviewSecure Configuration and Automation Overview
Secure Configuration and Automation Overview
 
Compliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By DesignCompliance In The Cloud Using Security By Design
Compliance In The Cloud Using Security By Design
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
Amazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
Safe Software
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Roshan Dwivedi
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 

Recently uploaded (20)

MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost SavingRepurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
Repurposing LNG terminals for Hydrogen Ammonia: Feasibility and Cost Saving
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
Connector Corner: Accelerate revenue generation using UiPath API-centric busi...
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live StreamsTop 5 Benefits OF Using Muvi Live Paywall For Live Streams
Top 5 Benefits OF Using Muvi Live Paywall For Live Streams
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 

Developing a Continuous Automated Approach to Cloud Security

  • 1. © 2016, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Tim Prendergast, CEO and co-founder, Evident.io 04 / 19 / 2016 Automating Security Operations on AWS
  • 2. Of the changes catalyzed by cloud, security is still the most exciting.
  • 3. Your Role in Securing AWS is Well-Defined Customer Data Applications Identity Access Mgmt OS Network Firewall Client-side Encryption Server-side Encryption Network Traffic Protection Compute Storage Networking AWS Global Infrastructure (Regions, AZs, Edge Locations) AWS: Security of the Cloud Customer: Security in the Cloud
  • 4. Legacy Datacenters • Big Perimeter • End-to-End Ownership • Build it all yourself • Server-centric approach • Self-managed Services • Static Architecture • De-centralized Administration The security paradigm shifted AWS • Micro-Perimeters • Own just enough • Focus on your core value • Service-Centric • Platform Services • Continuously Evolving • Central Control Plane (API)
  • 5. … but the security technology is dated Customer Data Applications Identity Access Mgmt OS Network Firewall Client-side Encryption Server-side Encryption Network Traffic Protection Network Appliances Host-based Agents IP-based scanners Log Analytics DLP & Encryption Manual Audits These technologies rarely embrace cloud values
  • 6. Host Security isn’t enough Why protect here… When your critical data is now here? (and 50+ other svcs)
  • 7. Virtual Appliances don’t scale VIDS / VIPS Traffic flows fine at “planned” capacity But in Elastic Events… Appliance capacity overwhelmed
  • 8. And in general, too much information flows… ElasticSearch This is just a SUBSET of an average shop’s data flows
  • 9. Humans scale to a point…
  • 10. And then we turn to computers.
  • 11.
  • 12. Why automate Security? We’re >1m security professionals short of “equilibrium” and lagging…
  • 13. Why automate Security? Alert Psychology proves that fatigue destroys process
  • 14. Why automate Security? As infrastructure and software delivery accelerate, there is no alternative.
  • 15. Pick your Flavor Rugged DevOps DevSecOps Agile Security Secure By Design
  • 16. Q: Where does Security Belong?
  • 17. Security Automation Is Good For EVERYONE DevOps builds Value Security builds TRUST Customers / Businesses need TRUST and VALUE. Security DevOps
  • 18. SecOps in AWS • Need to take a holistic approach • Need to capture past, present, and predicted state • Need query capability for Incident Response (IR) • Need to tie into DevOps technologies to maximize reach • Need to automate response to minimize response time
  • 19. Rubber, meet road https://benchmarks.cisecurity.org/downloads/show-single/?file=awsfoundations.100 CIS Benchmarks for AWS: - Community driven - Clear and Concise - Implementation Guidance - Third-party supported
  • 21. 1s and 0s Telemetry is critical
  • 22. State Capture states from: - API ( the source of all truth) - Audit Sources (AWS CloudTrail / AWS Config) - Applications & Data - Identities & Policies - Telemetry (Amazon CloudWatch, Amazon CloudWatch Logs + Amazon CloudWatch Events) Step 2 – if you are keeping track
  • 24. The Spanish Inquisition Querying data answers questions Did anyone launch an unapproved server last month? Were any of our load balancers affected by weak DH keys? Are we really doing what we SAY we are doing? #3
  • 25. The Action Be an Action Hero This is all useless unless you DO SOMETHING Security Event Lambda #4
  • 26. Minecraft, the craft of mining Mine the data for compliance, predictive security models, and other key learnings
  • 27. Evident Security Platform (ESP) • 100% AWS Native Application • Agentless Deployment • Continuous Security Scanning & Alerting across all AWS services • Integrates tightly with DevOps tools to accelerate secure product lifecycles • Tracks history and state to support Audit and Compliance needs
  • 28. Next Steps… 1. Talk with the Evident team at Booth #101 to dive deeper and get FREE CIS Benchmark reviews 2. Add our blog to your reading list: https://blog.evident.io 3. Find your peers here and talk security! AWS events are the best places to meet and learn. 4. Be sure you attend re:Invent 2016!