Contenu connexe Similaire à AWS Public Sector Symposium | Effective Security Response in the Cloud - Session Sponsored by Trend Micro (20) Plus de Amazon Web Services (20) AWS Public Sector Symposium | Effective Security Response in the Cloud - Session Sponsored by Trend Micro 2. ©
2014,
Trend
Micro
Inc.
Abstract
Effective Security Response in the Cloud
=====================================
The cloud is a highly dynamic environment that changes the way
organisations need to think about security, underpinned by the shared
security model. Learn how to increase the effectiveness of your security
response as you move to the cloud. We’ll discuss how to leverage
features in AWS and our security tools to reduce downtime with minimal
impact to your security and business operations. Pulling from
experiences helping clients move to the cloud, this talk will help provide
practical advice you can apply today.
4. ©
2014,
Trend
Micro
Inc.
*
hDp://aws.amazon.com/about-‐aws/
A
infrastructure
plaMorm
defined
as
Low
cost
Agile
&
ElasRc
Open
&
Flexible
Secure
AWS
5. ©
2014,
Trend
Micro
Inc.
and
your
company
doesn’t
need
to
worry
about
it
asked
ironically
by
Peter
Waterhouse,
InformaRon
Week,
31-‐Mar-‐2014
hDp://www.informaRonweek.com/so[ware/enterprise-‐applicaRons/busRng-‐5-‐devops-‐myths/d/d-‐id/1141597
DevOps
is
a
technology
movement
for
right?
The
movement
7. ©
2014,
Trend
Micro
Inc.
Development
OperaRons
+
Driving
change
8. ©
2014,
Trend
Micro
Inc.
New
goals
Breakdown
silos
Directly
align
with
business
Rapidly
deploy
&
iterate
DevOps
Driving
change
9. ©
2014,
Trend
Micro
Inc.
Security
needs
to
keep
pace
Our
Challenge
11. ©
2014,
Trend
Micro
Inc.
You
FaciliRes
Physical
Security
Physical
Infrastructure
Network
Infrastructure
VirtualisaRon
Infrastructure
OperaRng
System
ApplicaRon
Account
Management
The
tradiRonal
responsibility
model
12. ©
2014,
Trend
Micro
Inc.
AWS
FaciliRes
Physical
Security
Physical
Infrastructure
Network
Infrastructure
VirtualisacRon
Infrastructure
You
OperaRng
System
ApplicaRon
Account
Management
Security
Groups
Network
ConfiguraRon
Shared
Responsibility
model
13. ©
2014,
Trend
Micro
Inc.
Applied
at
the
boundary
Operator
TradiRonal
Security
14. ©
2014,
Trend
Micro
Inc.
Applied
to
each
instance
Cloud
defences
VPC
VPC
VPC
15. ©
2014,
Trend
Micro
Inc.
Management
Deployment
New
challenges
16. ©
2014,
Trend
Micro
Inc.
Leverage
exisRng
distribuRon
channels
Addressing
the
challenges
-‐
deployment
17. ©
2014,
Trend
Micro
Inc.
Recommended
choices
AWS
OpsWorks
Chef
Puppet
Salt
Deployment
channels
18. ©
2014,
Trend
Micro
Inc.
Centralise
control
management
Addressing
the
challenges
-‐
management
22. ©
2014,
Trend
Micro
Inc.
PreparaRon
IdenRficaRon
Containment
EradicaRon
Recovery
Lessons
Learned
SANS
incident
response
process
23. ©
2014,
Trend
Micro
Inc.
Server
Analyse
Verify
Adjust
Replacement
Defend
TradiRonal
process
24. ©
2014,
Trend
Micro
Inc.
Instance
Analyse
Verify
Adjust
Defend
Replacement
Cloud
process
25. ©
2014,
Trend
Micro
Inc.
Need
to
automate
isolaRon
Cloud
process
–
automaRon
requirements
Instance
Analyse
Verify
Adjust
Defend
Replacement
26. ©
2014,
Trend
Micro
Inc.
Instance
Replacement
1.
Monitor
the
log
stream
API
2.
Call
the
AWS
API
to
isolate
the
instance
Cloud
process
-‐
soluRon
29. ©
2014,
Trend
Micro
Inc.
Cloud
process
Instance
Analyse
Verify
Adjust
Defend
Replacement
31. ©
2014,
Trend
Micro
Inc.
Piggyback
on
provisioning
Central
management
AutomaRon
Keys
to
success