Build Security in AWS with Confidence Using Shared Responsibility
1. Using Security To Build
With Confidence In AWS
Sasha Pavlovic
Director, Cloud and Datacenter Security | APAC
2. The Story
More at aws.trendmicro.com
2012 re:Invent
SPR203 : Cloud Security is a Shared Responsibility
http://bit.ly/2012-spr203
2013 re:Invent
SEC208: How to Meet Strict Security & Compliance Requirements in the Cloud
http://bit.ly/2013-sec208
SEC307: How Trend Micro Build their Enterprise Security Offering on AWS
http://bit.ly/2013-sec307
2014 re:Invent
SEC313: Updating Security Operations for the Cloud
http://bit.ly/2014-sec313
SEC314: Customer Perspectives on Implementing Security Controls with AWS
http://bit.ly/2014-sec314
10. Shellshock Impact
The image cannot be displayed. Your computer may not have enough memory to open the image, or the image may have been corrupted. Restart your computer, and then open the file again. If the red x still appears, you may have to delete the image and then insert it again.
11. 1989
Fantastic summary by David A. Wheeler at http://www.dwheeler.com/essays/shellshock.html#timeline
20. AWS VPC Checklist
Review
IAM roles
Security groups
Network segmentation
Network access control lists (NACL)
More in the Auditing Security Checklist for Use of AWS, media.amazonwebservices.com/AWS_Auditing_Security_Checklist.pdf