SlideShare a Scribd company logo
1 of 49
Download to read offline
Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Keep Your IoT Devices Secure
Rama Katragadda
Solution Owner
Thermo Fisher Scientific
I O T 2 0 5
Atul Bargaje
Principal Consultant
AWS ProServe
Kriti Bharti
Sr. Product Manager
AWS IoT
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Agenda
IoT security
AWS IoT Device Defender overview
Service demo
Thermo Fisher use case
Q&A
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Related sessions
Tuesday, November 27
SEC367-R: Securing and managing IoT devices at scale
5:30 PM – 6:30 PM | Venetian, Level 3, Murano 3202
Wednesday, November 28
Monitoring IoT Device Behavior with AWS IoT Device Defender Detect
11:30 AM – 1:45 PM | Bellagio, Level 1, Grand Ballroom 6
Wednesday, November 28
IOT321-R: Managing security of large IoT fleets
12:15 PM – 1:15 PM | Bellagio, Level 1, Gauguin 2
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Related sessions
Thursday, November 29
IOT321-R1: Managing security of large IoT fleets
12:15 PM – 1:15 PM | Aria East, Level 2, Mariposa 8
Thursday, November 29
SEC367-R1: Securing and managing IoT devices at scale
3:15 PM – 4:15 PM | Aria East, Level 2, Mariposa 8
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
IoT abuse in the news
2014 - Spam
emails
2015 – Hacked
cars
2016 – Mirai
botnet
2017 – Hacked
cardiac devices
2018 – DoS and
Cryptomining
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
IoT abuse scenarios
Information
theft
Surveillance Malicious
access point
RansomwareLateral threat
escalation
Cryptocurrency
mining
Sabotage
attacks
Denial of
Service
Cloud infra
abuse
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Challenges with IoT security
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Wild things
Shodan, Zmap, Censys
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Connect your devices securely
Mutual
authentication
Fine-grained
authorization
Encryption
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IoT Device Defender
Audit
Detect
Investigate MitigateAlert
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Architectural overview
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Audit
Expiring or
revoked
certificates
Overly
permissive
policies
Device
connection
checks
Logging
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Secure configuration prevents threat escalation
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Detect
Rule-based
anomaly
detection
Thresholds
Security
profile
Blacklists
and
Whitelists
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Security profile
10
01
Security
profile
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Anomaly Detection - Denial of Service
Packets out Number of Ports
and/or
Suspicious port
communication
Communication
with suspicious IP
addresses
Bytes out
10
01
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Anomaly Detection – Cloud infrastructure abuse
Message rate Communication
from suspicious
Source IPs
Message size
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Detect indicators of compromise
Information
theft
Surveillance Fake domain
attack
RansomwareLateral threat
escalation
Cryptocurrency
mining
Sabotage
attacks
Denial of
Service
PacketsOut
BytesOut
DestIP
Port
Cloud infra
abuse
DestIP
Port
DestIP
Port
Dest IP PortPacketsIn
BytesOut
DestIP
Msg rate
Msg size
Source IP
PacketsOut
BytesOut
DestIP Auth
Fail
PacketsOut
BytesOut
DestIP
PacketsIn
BytesIn
DestIP
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IoT Device Defender in action for both Audit and Detect use cases
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
UnusualActivity
Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018
Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Leveraging AWS IoT Device Defender for
IoT security
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Leveraging AWS IoT Device Defender for
IoT security
We are the world leader in serving science
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Connected lab
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Smart instruments
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Mobile workflow for asset and scientific data
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Connectivity portfolio | Connectivity standards and SDK
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Edge Aggregator
DLH Gateway
Alexa Voice
Service
ML @ Edge
DLH Devices
DLH Devices
DLH Devices
Customer Lab
ThermoFisher Cloud
Architecture Overview
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
How is AWS IoT Device Defender helping us
Audit certificates
If certificates are shared => Disable certificate
If certificates are nearing expiration => Rotate Certificates
Anomaly Detection
Message count from device
Open ports count
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Audit
Check for shared certificates
Generate Amazon Simple Notification Service (Amazon SNS)
notification on shared certificate alerts
Disable the shared certificate
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Detect
If number of open ports > 10
OR
If number of messages exceed thresholds
Revoke the certificates
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Certificate rotation
Check for certificate expiration
Trigger the certificate rotation workflow
Provide new certificate to the device
Disable old certificate
Device connects with the new certificates.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
About TensorIoT
All-in on Amazon Web Services (AWS)
100% AWS certified
AWS advanced consulting partner
Proven success in North America, EMEA, and APAC
Focused on IoT, AI/ML & big data
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Demo - AWS IoT Device Defender in action
Leveraging AWS IoT Device Defender for enhancing security
Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018
Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018
Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018
Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS IoT Device Defender
Audit IoT
resource
configuration
Continuously
monitor device
behavior
Alerts on AWS
IoT Console,
Amazon SNS,
Amazon
CloudWatch
Investigate
and mitigate
security issues
Identify
anomalies
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Why should I care?
IoT data is sensitive
Security is not a commodity
Protect your business
And also, regulation is coming
Thank you!
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
aws-iot-device-defender@amazon.com
Rama Katragadda
Solution Owner
Thermo Fisher Scientific
Atul Bargaje
Principal Consultant
AWS ProServe
Kriti Bharti
Sr. Product Manager
AWS IoT
© 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.

More Related Content

What's hot

Managing Security of Large IoT Fleets (IOT321-R1) - AWS re:Invent 2018
Managing Security of Large IoT Fleets (IOT321-R1) - AWS re:Invent 2018Managing Security of Large IoT Fleets (IOT321-R1) - AWS re:Invent 2018
Managing Security of Large IoT Fleets (IOT321-R1) - AWS re:Invent 2018Amazon Web Services
 
[NEW LAUNCH!] Introducing AWS IoT Events (IOT367) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS IoT Events (IOT367) - AWS re:Invent 2018[NEW LAUNCH!] Introducing AWS IoT Events (IOT367) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS IoT Events (IOT367) - AWS re:Invent 2018Amazon Web Services
 
Amazon FreeRTOS: IoT Operating System for Microcontrollers (IOT208-R1) - AWS ...
Amazon FreeRTOS: IoT Operating System for Microcontrollers (IOT208-R1) - AWS ...Amazon FreeRTOS: IoT Operating System for Microcontrollers (IOT208-R1) - AWS ...
Amazon FreeRTOS: IoT Operating System for Microcontrollers (IOT208-R1) - AWS ...Amazon Web Services
 
AWS IoT - from Cloud to Edge | AWS Floor28
AWS IoT - from Cloud to Edge | AWS Floor28AWS IoT - from Cloud to Edge | AWS Floor28
AWS IoT - from Cloud to Edge | AWS Floor28Amazon Web Services
 
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...Amazon Web Services
 
Monitoring IoT Device Behavior with AWS IoT Device Defender Detect (IOT360) -...
Monitoring IoT Device Behavior with AWS IoT Device Defender Detect (IOT360) -...Monitoring IoT Device Behavior with AWS IoT Device Defender Detect (IOT360) -...
Monitoring IoT Device Behavior with AWS IoT Device Defender Detect (IOT360) -...Amazon Web Services
 
Enable Your Smart Factory with the AWS Industrial IoT Reference Solution (MFG...
Enable Your Smart Factory with the AWS Industrial IoT Reference Solution (MFG...Enable Your Smart Factory with the AWS Industrial IoT Reference Solution (MFG...
Enable Your Smart Factory with the AWS Industrial IoT Reference Solution (MFG...Amazon Web Services
 
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...Amazon Web Services
 
[NEW LAUNCH!] Introducing AWS IoT Things Graph (IOT366) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS IoT Things Graph (IOT366) - AWS re:Invent 2018[NEW LAUNCH!] Introducing AWS IoT Things Graph (IOT366) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS IoT Things Graph (IOT366) - AWS re:Invent 2018Amazon Web Services
 
Deep Dive into New AWS IoT Services Launched in 2018 (IOT320) - AWS re:Invent...
Deep Dive into New AWS IoT Services Launched in 2018 (IOT320) - AWS re:Invent...Deep Dive into New AWS IoT Services Launched in 2018 (IOT320) - AWS re:Invent...
Deep Dive into New AWS IoT Services Launched in 2018 (IOT320) - AWS re:Invent...Amazon Web Services
 
Industrial IoT: Connecting Existing Machines to Tomorrow's IoT, ft. Deutsche ...
Industrial IoT: Connecting Existing Machines to Tomorrow's IoT, ft. Deutsche ...Industrial IoT: Connecting Existing Machines to Tomorrow's IoT, ft. Deutsche ...
Industrial IoT: Connecting Existing Machines to Tomorrow's IoT, ft. Deutsche ...Amazon Web Services
 
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018Amazon Web Services
 
Industrial IoT Applications: Making the Connection and Extracting Value (IOT3...
Industrial IoT Applications: Making the Connection and Extracting Value (IOT3...Industrial IoT Applications: Making the Connection and Extracting Value (IOT3...
Industrial IoT Applications: Making the Connection and Extracting Value (IOT3...Amazon Web Services
 
AWS IoT - How Low Can You Go (IOT357-R1) - AWS re:Invent 2018
AWS IoT - How Low Can You Go (IOT357-R1) - AWS re:Invent 2018AWS IoT - How Low Can You Go (IOT357-R1) - AWS re:Invent 2018
AWS IoT - How Low Can You Go (IOT357-R1) - AWS re:Invent 2018Amazon Web Services
 
Customer Showcase for AWS IoT Analytics (IOT219) - AWS re:Invent 2018
Customer Showcase for AWS IoT Analytics (IOT219) - AWS re:Invent 2018Customer Showcase for AWS IoT Analytics (IOT219) - AWS re:Invent 2018
Customer Showcase for AWS IoT Analytics (IOT219) - AWS re:Invent 2018Amazon Web Services
 
Code in the Cloud- Deploy on Microcontroller and Edge Devices
Code in the Cloud- Deploy on Microcontroller and Edge DevicesCode in the Cloud- Deploy on Microcontroller and Edge Devices
Code in the Cloud- Deploy on Microcontroller and Edge DevicesAmazon Web Services
 
Using AWS IoT for Industrial Applications - AWS Online Tech Talks
Using AWS IoT for Industrial Applications - AWS Online Tech TalksUsing AWS IoT for Industrial Applications - AWS Online Tech Talks
Using AWS IoT for Industrial Applications - AWS Online Tech TalksAmazon Web Services
 
IoT at the Edge: Introduction to AWS Greengrass (IOT406-R1) - AWS re:Invent 2018
IoT at the Edge: Introduction to AWS Greengrass (IOT406-R1) - AWS re:Invent 2018IoT at the Edge: Introduction to AWS Greengrass (IOT406-R1) - AWS re:Invent 2018
IoT at the Edge: Introduction to AWS Greengrass (IOT406-R1) - AWS re:Invent 2018Amazon Web Services
 
Alexa and AWS IoT, ft. VIZIO (IOT302-R1) - AWS re:Invent 2018
Alexa and AWS IoT, ft. VIZIO (IOT302-R1) - AWS re:Invent 2018Alexa and AWS IoT, ft. VIZIO (IOT302-R1) - AWS re:Invent 2018
Alexa and AWS IoT, ft. VIZIO (IOT302-R1) - AWS re:Invent 2018Amazon Web Services
 

What's hot (20)

Managing Security of Large IoT Fleets (IOT321-R1) - AWS re:Invent 2018
Managing Security of Large IoT Fleets (IOT321-R1) - AWS re:Invent 2018Managing Security of Large IoT Fleets (IOT321-R1) - AWS re:Invent 2018
Managing Security of Large IoT Fleets (IOT321-R1) - AWS re:Invent 2018
 
[NEW LAUNCH!] Introducing AWS IoT Events (IOT367) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS IoT Events (IOT367) - AWS re:Invent 2018[NEW LAUNCH!] Introducing AWS IoT Events (IOT367) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS IoT Events (IOT367) - AWS re:Invent 2018
 
Amazon FreeRTOS: IoT Operating System for Microcontrollers (IOT208-R1) - AWS ...
Amazon FreeRTOS: IoT Operating System for Microcontrollers (IOT208-R1) - AWS ...Amazon FreeRTOS: IoT Operating System for Microcontrollers (IOT208-R1) - AWS ...
Amazon FreeRTOS: IoT Operating System for Microcontrollers (IOT208-R1) - AWS ...
 
AWS IoT Security Best Practices
AWS IoT Security Best PracticesAWS IoT Security Best Practices
AWS IoT Security Best Practices
 
AWS IoT - from Cloud to Edge | AWS Floor28
AWS IoT - from Cloud to Edge | AWS Floor28AWS IoT - from Cloud to Edge | AWS Floor28
AWS IoT - from Cloud to Edge | AWS Floor28
 
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
Detect Abnormal Device Behavior with AWS IoT Device Defender (IOT313-R3) - AW...
 
Monitoring IoT Device Behavior with AWS IoT Device Defender Detect (IOT360) -...
Monitoring IoT Device Behavior with AWS IoT Device Defender Detect (IOT360) -...Monitoring IoT Device Behavior with AWS IoT Device Defender Detect (IOT360) -...
Monitoring IoT Device Behavior with AWS IoT Device Defender Detect (IOT360) -...
 
Enable Your Smart Factory with the AWS Industrial IoT Reference Solution (MFG...
Enable Your Smart Factory with the AWS Industrial IoT Reference Solution (MFG...Enable Your Smart Factory with the AWS Industrial IoT Reference Solution (MFG...
Enable Your Smart Factory with the AWS Industrial IoT Reference Solution (MFG...
 
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
Unlock Highly Regulated Enterprise Workloads with SaaS on AWS GovCloud (US) (...
 
[NEW LAUNCH!] Introducing AWS IoT Things Graph (IOT366) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS IoT Things Graph (IOT366) - AWS re:Invent 2018[NEW LAUNCH!] Introducing AWS IoT Things Graph (IOT366) - AWS re:Invent 2018
[NEW LAUNCH!] Introducing AWS IoT Things Graph (IOT366) - AWS re:Invent 2018
 
Deep Dive into New AWS IoT Services Launched in 2018 (IOT320) - AWS re:Invent...
Deep Dive into New AWS IoT Services Launched in 2018 (IOT320) - AWS re:Invent...Deep Dive into New AWS IoT Services Launched in 2018 (IOT320) - AWS re:Invent...
Deep Dive into New AWS IoT Services Launched in 2018 (IOT320) - AWS re:Invent...
 
Industrial IoT: Connecting Existing Machines to Tomorrow's IoT, ft. Deutsche ...
Industrial IoT: Connecting Existing Machines to Tomorrow's IoT, ft. Deutsche ...Industrial IoT: Connecting Existing Machines to Tomorrow's IoT, ft. Deutsche ...
Industrial IoT: Connecting Existing Machines to Tomorrow's IoT, ft. Deutsche ...
 
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
How to Quickly Get Insights from IoT Data on AWS (ANT337-S) - AWS re:Invent 2018
 
Industrial IoT Applications: Making the Connection and Extracting Value (IOT3...
Industrial IoT Applications: Making the Connection and Extracting Value (IOT3...Industrial IoT Applications: Making the Connection and Extracting Value (IOT3...
Industrial IoT Applications: Making the Connection and Extracting Value (IOT3...
 
AWS IoT - How Low Can You Go (IOT357-R1) - AWS re:Invent 2018
AWS IoT - How Low Can You Go (IOT357-R1) - AWS re:Invent 2018AWS IoT - How Low Can You Go (IOT357-R1) - AWS re:Invent 2018
AWS IoT - How Low Can You Go (IOT357-R1) - AWS re:Invent 2018
 
Customer Showcase for AWS IoT Analytics (IOT219) - AWS re:Invent 2018
Customer Showcase for AWS IoT Analytics (IOT219) - AWS re:Invent 2018Customer Showcase for AWS IoT Analytics (IOT219) - AWS re:Invent 2018
Customer Showcase for AWS IoT Analytics (IOT219) - AWS re:Invent 2018
 
Code in the Cloud- Deploy on Microcontroller and Edge Devices
Code in the Cloud- Deploy on Microcontroller and Edge DevicesCode in the Cloud- Deploy on Microcontroller and Edge Devices
Code in the Cloud- Deploy on Microcontroller and Edge Devices
 
Using AWS IoT for Industrial Applications - AWS Online Tech Talks
Using AWS IoT for Industrial Applications - AWS Online Tech TalksUsing AWS IoT for Industrial Applications - AWS Online Tech Talks
Using AWS IoT for Industrial Applications - AWS Online Tech Talks
 
IoT at the Edge: Introduction to AWS Greengrass (IOT406-R1) - AWS re:Invent 2018
IoT at the Edge: Introduction to AWS Greengrass (IOT406-R1) - AWS re:Invent 2018IoT at the Edge: Introduction to AWS Greengrass (IOT406-R1) - AWS re:Invent 2018
IoT at the Edge: Introduction to AWS Greengrass (IOT406-R1) - AWS re:Invent 2018
 
Alexa and AWS IoT, ft. VIZIO (IOT302-R1) - AWS re:Invent 2018
Alexa and AWS IoT, ft. VIZIO (IOT302-R1) - AWS re:Invent 2018Alexa and AWS IoT, ft. VIZIO (IOT302-R1) - AWS re:Invent 2018
Alexa and AWS IoT, ft. VIZIO (IOT302-R1) - AWS re:Invent 2018
 

Similar to Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018

Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018Amazon Web Services
 
Security Management for IoT devices - SRV202 - Chicago AWS Summit
Security Management for IoT devices - SRV202 - Chicago AWS SummitSecurity Management for IoT devices - SRV202 - Chicago AWS Summit
Security Management for IoT devices - SRV202 - Chicago AWS SummitAmazon Web Services
 
AWS IoT: servizi costruiti per migliorare le performance di business
AWS IoT: servizi costruiti per migliorare le performance di businessAWS IoT: servizi costruiti per migliorare le performance di business
AWS IoT: servizi costruiti per migliorare le performance di businessAmazon Web Services
 
AWS Learning Series: Harnessing the Power of Data | An Introduction to IoT
AWS Learning Series: Harnessing the Power of Data | An Introduction to IoTAWS Learning Series: Harnessing the Power of Data | An Introduction to IoT
AWS Learning Series: Harnessing the Power of Data | An Introduction to IoTAmazon Web Services
 
AWS IoT_Connected Home Solutions
AWS IoT_Connected Home Solutions AWS IoT_Connected Home Solutions
AWS IoT_Connected Home Solutions Amazon Web Services
 
Building IoT Applications for a Smart Home, ft. Vestel (IOT306-R1) - AWS re:I...
Building IoT Applications for a Smart Home, ft. Vestel (IOT306-R1) - AWS re:I...Building IoT Applications for a Smart Home, ft. Vestel (IOT306-R1) - AWS re:I...
Building IoT Applications for a Smart Home, ft. Vestel (IOT306-R1) - AWS re:I...Amazon Web Services
 
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV304 - C...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV304 - C...IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV304 - C...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV304 - C...Amazon Web Services
 
IoT Building Blocks_ From Edge Devices to Analytics in the Cloud
IoT Building Blocks_ From Edge Devices to Analytics in the Cloud IoT Building Blocks_ From Edge Devices to Analytics in the Cloud
IoT Building Blocks_ From Edge Devices to Analytics in the Cloud Amazon Web Services
 
IoT - From Cloud to Edge & Back Again: AWS Developer Workshop at Web Summit 2018
IoT - From Cloud to Edge & Back Again: AWS Developer Workshop at Web Summit 2018IoT - From Cloud to Edge & Back Again: AWS Developer Workshop at Web Summit 2018
IoT - From Cloud to Edge & Back Again: AWS Developer Workshop at Web Summit 2018Amazon Web Services
 
IoT from Cloud to Edge & Back Again - WebSummit 2018
IoT from Cloud to Edge & Back Again - WebSummit 2018IoT from Cloud to Edge & Back Again - WebSummit 2018
IoT from Cloud to Edge & Back Again - WebSummit 2018Boaz Ziniman
 
IoT Compute at the Edge with AWS Greengrass - GOTO Amsterdam
IoT Compute at the Edge with AWS Greengrass - GOTO AmsterdamIoT Compute at the Edge with AWS Greengrass - GOTO Amsterdam
IoT Compute at the Edge with AWS Greengrass - GOTO AmsterdamBoaz Ziniman
 
IoT Revolution - Unlocking Business Values in Vertical Markets
IoT Revolution - Unlocking Business Values in Vertical MarketsIoT Revolution - Unlocking Business Values in Vertical Markets
IoT Revolution - Unlocking Business Values in Vertical MarketsAmazon Web Services
 
Threat Detection and Mitigation at Scale on AWS
Threat Detection and Mitigation at Scale on AWS Threat Detection and Mitigation at Scale on AWS
Threat Detection and Mitigation at Scale on AWS Amazon Web Services
 
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS SummitThreat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS SummitAmazon Web Services
 
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS SummitThreat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS SummitAmazon Web Services
 
SID301 Threat Detection and Mitigation
 SID301 Threat Detection and Mitigation SID301 Threat Detection and Mitigation
SID301 Threat Detection and MitigationAmazon Web Services
 
Come Out From Behind Your Firewall
Come Out From Behind Your FirewallCome Out From Behind Your Firewall
Come Out From Behind Your FirewallAmazon Web Services
 
Securing the edge with AWS IoT services - FND330 - AWS re:Inforce 2019
Securing the edge with AWS IoT services - FND330 - AWS re:Inforce 2019 Securing the edge with AWS IoT services - FND330 - AWS re:Inforce 2019
Securing the edge with AWS IoT services - FND330 - AWS re:Inforce 2019 Amazon Web Services
 
Threat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS SummitThreat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS SummitAmazon Web Services
 
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...Amazon Web Services
 

Similar to Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018 (20)

Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018
Leadership Session: AWS IoT (IOT218-L) - AWS re:Invent 2018
 
Security Management for IoT devices - SRV202 - Chicago AWS Summit
Security Management for IoT devices - SRV202 - Chicago AWS SummitSecurity Management for IoT devices - SRV202 - Chicago AWS Summit
Security Management for IoT devices - SRV202 - Chicago AWS Summit
 
AWS IoT: servizi costruiti per migliorare le performance di business
AWS IoT: servizi costruiti per migliorare le performance di businessAWS IoT: servizi costruiti per migliorare le performance di business
AWS IoT: servizi costruiti per migliorare le performance di business
 
AWS Learning Series: Harnessing the Power of Data | An Introduction to IoT
AWS Learning Series: Harnessing the Power of Data | An Introduction to IoTAWS Learning Series: Harnessing the Power of Data | An Introduction to IoT
AWS Learning Series: Harnessing the Power of Data | An Introduction to IoT
 
AWS IoT_Connected Home Solutions
AWS IoT_Connected Home Solutions AWS IoT_Connected Home Solutions
AWS IoT_Connected Home Solutions
 
Building IoT Applications for a Smart Home, ft. Vestel (IOT306-R1) - AWS re:I...
Building IoT Applications for a Smart Home, ft. Vestel (IOT306-R1) - AWS re:I...Building IoT Applications for a Smart Home, ft. Vestel (IOT306-R1) - AWS re:I...
Building IoT Applications for a Smart Home, ft. Vestel (IOT306-R1) - AWS re:I...
 
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV304 - C...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV304 - C...IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV304 - C...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV304 - C...
 
IoT Building Blocks_ From Edge Devices to Analytics in the Cloud
IoT Building Blocks_ From Edge Devices to Analytics in the Cloud IoT Building Blocks_ From Edge Devices to Analytics in the Cloud
IoT Building Blocks_ From Edge Devices to Analytics in the Cloud
 
IoT - From Cloud to Edge & Back Again: AWS Developer Workshop at Web Summit 2018
IoT - From Cloud to Edge & Back Again: AWS Developer Workshop at Web Summit 2018IoT - From Cloud to Edge & Back Again: AWS Developer Workshop at Web Summit 2018
IoT - From Cloud to Edge & Back Again: AWS Developer Workshop at Web Summit 2018
 
IoT from Cloud to Edge & Back Again - WebSummit 2018
IoT from Cloud to Edge & Back Again - WebSummit 2018IoT from Cloud to Edge & Back Again - WebSummit 2018
IoT from Cloud to Edge & Back Again - WebSummit 2018
 
IoT Compute at the Edge with AWS Greengrass - GOTO Amsterdam
IoT Compute at the Edge with AWS Greengrass - GOTO AmsterdamIoT Compute at the Edge with AWS Greengrass - GOTO Amsterdam
IoT Compute at the Edge with AWS Greengrass - GOTO Amsterdam
 
IoT Revolution - Unlocking Business Values in Vertical Markets
IoT Revolution - Unlocking Business Values in Vertical MarketsIoT Revolution - Unlocking Business Values in Vertical Markets
IoT Revolution - Unlocking Business Values in Vertical Markets
 
Threat Detection and Mitigation at Scale on AWS
Threat Detection and Mitigation at Scale on AWS Threat Detection and Mitigation at Scale on AWS
Threat Detection and Mitigation at Scale on AWS
 
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS SummitThreat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Atlanta AWS Summit
 
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS SummitThreat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Anaheim AWS Summit
 
SID301 Threat Detection and Mitigation
 SID301 Threat Detection and Mitigation SID301 Threat Detection and Mitigation
SID301 Threat Detection and Mitigation
 
Come Out From Behind Your Firewall
Come Out From Behind Your FirewallCome Out From Behind Your Firewall
Come Out From Behind Your Firewall
 
Securing the edge with AWS IoT services - FND330 - AWS re:Inforce 2019
Securing the edge with AWS IoT services - FND330 - AWS re:Inforce 2019 Securing the edge with AWS IoT services - FND330 - AWS re:Inforce 2019
Securing the edge with AWS IoT services - FND330 - AWS re:Inforce 2019
 
Threat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS SummitThreat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS Summit
Threat Detection and Mitigation at Scale on AWS - SID301 - Chicago AWS Summit
 
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
IoT Building Blocks: From Edge Devices to Analytics in the Cloud - SRV204 - T...
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Keep Your IoT Devices Secure (IOT205) - AWS re:Invent 2018

  • 2. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Keep Your IoT Devices Secure Rama Katragadda Solution Owner Thermo Fisher Scientific I O T 2 0 5 Atul Bargaje Principal Consultant AWS ProServe Kriti Bharti Sr. Product Manager AWS IoT
  • 3. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Agenda IoT security AWS IoT Device Defender overview Service demo Thermo Fisher use case Q&A
  • 4. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Related sessions Tuesday, November 27 SEC367-R: Securing and managing IoT devices at scale 5:30 PM – 6:30 PM | Venetian, Level 3, Murano 3202 Wednesday, November 28 Monitoring IoT Device Behavior with AWS IoT Device Defender Detect 11:30 AM – 1:45 PM | Bellagio, Level 1, Grand Ballroom 6 Wednesday, November 28 IOT321-R: Managing security of large IoT fleets 12:15 PM – 1:15 PM | Bellagio, Level 1, Gauguin 2
  • 5. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Related sessions Thursday, November 29 IOT321-R1: Managing security of large IoT fleets 12:15 PM – 1:15 PM | Aria East, Level 2, Mariposa 8 Thursday, November 29 SEC367-R1: Securing and managing IoT devices at scale 3:15 PM – 4:15 PM | Aria East, Level 2, Mariposa 8
  • 6. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 7. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. IoT abuse in the news 2014 - Spam emails 2015 – Hacked cars 2016 – Mirai botnet 2017 – Hacked cardiac devices 2018 – DoS and Cryptomining
  • 8. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. IoT abuse scenarios Information theft Surveillance Malicious access point RansomwareLateral threat escalation Cryptocurrency mining Sabotage attacks Denial of Service Cloud infra abuse
  • 9. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Challenges with IoT security
  • 10. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Wild things Shodan, Zmap, Censys
  • 11. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 12. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Connect your devices securely Mutual authentication Fine-grained authorization Encryption
  • 13. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 14. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS IoT Device Defender Audit Detect Investigate MitigateAlert
  • 15. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Architectural overview
  • 16. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Audit Expiring or revoked certificates Overly permissive policies Device connection checks Logging
  • 17. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Secure configuration prevents threat escalation
  • 18. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Detect Rule-based anomaly detection Thresholds Security profile Blacklists and Whitelists
  • 19. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Security profile 10 01 Security profile
  • 20. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Anomaly Detection - Denial of Service Packets out Number of Ports and/or Suspicious port communication Communication with suspicious IP addresses Bytes out 10 01
  • 21. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Anomaly Detection – Cloud infrastructure abuse Message rate Communication from suspicious Source IPs Message size
  • 22. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Detect indicators of compromise Information theft Surveillance Fake domain attack RansomwareLateral threat escalation Cryptocurrency mining Sabotage attacks Denial of Service PacketsOut BytesOut DestIP Port Cloud infra abuse DestIP Port DestIP Port Dest IP PortPacketsIn BytesOut DestIP Msg rate Msg size Source IP PacketsOut BytesOut DestIP Auth Fail PacketsOut BytesOut DestIP PacketsIn BytesIn DestIP
  • 23. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS IoT Device Defender in action for both Audit and Detect use cases
  • 24. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. UnusualActivity
  • 27. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 28. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Leveraging AWS IoT Device Defender for IoT security
  • 29. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Leveraging AWS IoT Device Defender for IoT security We are the world leader in serving science
  • 30. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Connected lab
  • 31. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Smart instruments
  • 32. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Mobile workflow for asset and scientific data
  • 33. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Connectivity portfolio | Connectivity standards and SDK
  • 34. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Edge Aggregator DLH Gateway Alexa Voice Service ML @ Edge DLH Devices DLH Devices DLH Devices Customer Lab ThermoFisher Cloud Architecture Overview
  • 35. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. How is AWS IoT Device Defender helping us Audit certificates If certificates are shared => Disable certificate If certificates are nearing expiration => Rotate Certificates Anomaly Detection Message count from device Open ports count
  • 36. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Audit Check for shared certificates Generate Amazon Simple Notification Service (Amazon SNS) notification on shared certificate alerts Disable the shared certificate
  • 37. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Detect If number of open ports > 10 OR If number of messages exceed thresholds Revoke the certificates
  • 38. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Certificate rotation Check for certificate expiration Trigger the certificate rotation workflow Provide new certificate to the device Disable old certificate Device connects with the new certificates.
  • 39. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. About TensorIoT All-in on Amazon Web Services (AWS) 100% AWS certified AWS advanced consulting partner Proven success in North America, EMEA, and APAC Focused on IoT, AI/ML & big data
  • 40. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Demo - AWS IoT Device Defender in action Leveraging AWS IoT Device Defender for enhancing security
  • 45. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 46. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. AWS IoT Device Defender Audit IoT resource configuration Continuously monitor device behavior Alerts on AWS IoT Console, Amazon SNS, Amazon CloudWatch Investigate and mitigate security issues Identify anomalies
  • 47. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Why should I care? IoT data is sensitive Security is not a commodity Protect your business And also, regulation is coming
  • 48. Thank you! © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. aws-iot-device-defender@amazon.com Rama Katragadda Solution Owner Thermo Fisher Scientific Atul Bargaje Principal Consultant AWS ProServe Kriti Bharti Sr. Product Manager AWS IoT
  • 49. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved.