SlideShare une entreprise Scribd logo

Automate Security Event Management Using Trust-Based Decision Models - AWS Summit Sydney

Amazon Web Services
Amazon Web Services

In this session you will learn how AWS Deep Learning can be used to automate security operations and build a machine learning system to protect your applications. This session focuses on early detection and containment of security threats, and shows you how to use semi-supervised machine learning to continuously contain these threats.

1  sur  31
S U M M I TS U M M I T SYDNEY
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Automate security event management using trust-based decision models Deenadayaalan Thirugnanasambandam Senior Cloud Architect Amazon Web Services Proserv Vinod Subramaniam Senior Cloud Advisory Amazon Web Services Proserv
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Automate Key take away
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What to expect Build security event management system using rules based approach Build machine learning pipeline for security usecases Improve anomaly detection using machine learning
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Today’s use case Zooropa Enterprise wants to host an internet facing SFTP Server on EC2 for Business to Business (B2B) file transfer Events/Attributes Rule Based Scenario Location (IP) of user User Alice accessing from an IP range: xx.yy not in approved database Authentication successes and failures Knowledge Database of rules 1. More than 2 unsuccessful attempts today 2. User successfully logged in during holidays 3. Excessive user activity during long weekend
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What is the business problem? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Protect system from insider attack Protect system from external attack
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Where do we look for? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What do we look for? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Application Errors and Failures Authentication & Authorisation patterns Location of User Access pattern – high risk functionality, excessive usage
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Decision Management System – Rule Based Amazon CloudWatch Amazon EC2 AWS Lambda AWS CloudTrail Amazon GuardDuty
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we prepare data? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Logs formatterAmazon CloudWatch Amazon S3
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we prepare data? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Logs formatter Enhance data Amazon CloudWatch Amazon S3 Data enhancerAmazon S3
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we write rules? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Rule 1: User Alice accessing from an IP range a.b.c.d/y not in approved database Limitations of rules 1. A database of known IP ranges needs to be maintained 2. Writing rules customised for a user is cumbersome and not scalable
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we write rules? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Rule 2: a) More than 2 unsuccessful attempts today b) User successfully logged in during holidays c) Excessive activity during long weekend Limitations of rules 1. All such scenarios will need to be discovered and rule written 2. No ability to detect and respond to a new scenario or un-discovered scenario
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Decision management system – rule based Amazon CloudWatch Amazon EC2 AWS Lambda AWS Step Functions workflow AWS CloudTrail Amazon GuardDuty
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Today’s use case Zooropa Enterprise wants to host an internet facing SFTP Server on EC2 for Business to Business (B2B) file transfer Events/Attributes Limitations of rule based approach Location (IP) of user 1. A database of known IP ranges needs to be maintained 2. Writing rules customised for a user is cumbersome and not scalable Authentication successes and failures 1. All such scenarios will need to be discovered and rule written 2. No ability to detect and respond to a new scenario or un- discovered scenario ML based scenario Detect anomalous login based on attributes like historical login data + 1. IP, UserID 2. UserID, time of login 3. UserID, login attempts
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Choose the right tool for the job 1 2 3 Clustering and segmentation Anomaly/Outlier Association Rule Mining Prediction SVM – One Classifier IP Insights K Means, K NN Isolation Forest - RCF
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we prepare data? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment User ID Timestamp Client IP deenadat 19/Feb/2019:23:29:30 54.240.193.1 Alice 6/Feb/2019:23:19:12 200.240.193.1 deenadat 6/Mar/2019:18:49:48 54.240.193.1 Alice 9/Mar/2019:18:22:25 200.240.193.1 User ID Date Value deenadat 19/Feb/2019 4 Alice 6/Feb/2019 20 deenadat 6/Mar/2019 4 Alice 9/Mar/2019 15 IP Insights RCF
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Build the model Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Hyperparameter : Model Entity Vectors : 2x Unique values
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Build the model Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Hyperparameter : Model Vector dimensions : 128
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Evaluate the model Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment IP Insights model IP : 200.240.193.1 UserID : Alice Get anomaly score
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Model deployment Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment IP Insights model
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Decision management system – ML Amazon CloudWatch Amazon EC2 AWS Lambda AWS Step Functions workflow AWS CloudTrail Amazon GuardDuty
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Model evaluation for anomalous data Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment RCF
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Model tuning Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment from sagemaker.tuner import HyperparameterTuner, IntegerParameter # Configure HyperparameterTuner ip_insights_tuner = HyperparameterTuner( estimator=ip_insights, # previously-configured Estimator object objective_metric_name='validation:discriminator_auc', hyperparameter_ranges={'vector_dim': IntegerParameter(64, 1024)},max_jobs=4, max_parallel_jobs=2)
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Retrain the model Amazon CloudWatch Amazon EC2 AWS Lambda AWS Step Functions workflow AWS CloudTrail Amazon GuardDuty
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What did we just learn?
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Try it out
Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deenadayaalan Thirugnanasambandam Vinod Subramaniam

Recommandé

Value of Data Beyond Analytics by Darin Briskman
Value of Data Beyond Analytics by Darin Briskman Value of Data Beyond Analytics by Darin Briskman
Value of Data Beyond Analytics by Darin BriskmanSameer Kenkare
 
Trends in Digital Transformation by Joe Chung
Trends in Digital Transformation by Joe ChungTrends in Digital Transformation by Joe Chung
Trends in Digital Transformation by Joe ChungSameer Kenkare
 
Transform with Cloud to drive your Future | AWS Summit Tel Aviv 2019
Transform with Cloud to drive your Future | AWS Summit Tel Aviv 2019Transform with Cloud to drive your Future | AWS Summit Tel Aviv 2019
Transform with Cloud to drive your Future | AWS Summit Tel Aviv 2019Amazon Web Services
 
Take action on your security & compliance alerts with AWS Security Hub - SEC2...
Take action on your security & compliance alerts with AWS Security Hub - SEC2...Take action on your security & compliance alerts with AWS Security Hub - SEC2...
Take action on your security & compliance alerts with AWS Security Hub - SEC2...Amazon Web Services
 
Top Cloud Security Myths – Dispelled!
Top Cloud Security Myths – Dispelled!Top Cloud Security Myths – Dispelled!
Top Cloud Security Myths – Dispelled!AWS Summits
 
Alexa Voice Services by Linda Lian
Alexa Voice Services by Linda LianAlexa Voice Services by Linda Lian
Alexa Voice Services by Linda LianSameer Kenkare
 
Rendi le tue app più smart con i servizi AI di AWS
Rendi le tue app più smart con i servizi AI di AWSRendi le tue app più smart con i servizi AI di AWS
Rendi le tue app più smart con i servizi AI di AWSAmazon Web Services
 
Secure machine learning - Guarding your data and gaining insights
Secure machine learning - Guarding your data and gaining insightsSecure machine learning - Guarding your data and gaining insights
Secure machine learning - Guarding your data and gaining insightsAmazon Web Services
 

Recommandé

Value of Data Beyond Analytics by Darin Briskman
Value of Data Beyond Analytics by Darin Briskman Value of Data Beyond Analytics by Darin Briskman
Value of Data Beyond Analytics by Darin BriskmanSameer Kenkare
 
Trends in Digital Transformation by Joe Chung
Trends in Digital Transformation by Joe ChungTrends in Digital Transformation by Joe Chung
Trends in Digital Transformation by Joe ChungSameer Kenkare
 
Transform with Cloud to drive your Future | AWS Summit Tel Aviv 2019
Transform with Cloud to drive your Future | AWS Summit Tel Aviv 2019Transform with Cloud to drive your Future | AWS Summit Tel Aviv 2019
Transform with Cloud to drive your Future | AWS Summit Tel Aviv 2019Amazon Web Services
 
Take action on your security & compliance alerts with AWS Security Hub - SEC2...
Take action on your security & compliance alerts with AWS Security Hub - SEC2...Take action on your security & compliance alerts with AWS Security Hub - SEC2...
Take action on your security & compliance alerts with AWS Security Hub - SEC2...Amazon Web Services
 
Top Cloud Security Myths – Dispelled!
Top Cloud Security Myths – Dispelled!Top Cloud Security Myths – Dispelled!
Top Cloud Security Myths – Dispelled!AWS Summits
 
Alexa Voice Services by Linda Lian
Alexa Voice Services by Linda LianAlexa Voice Services by Linda Lian
Alexa Voice Services by Linda LianSameer Kenkare
 
Rendi le tue app più smart con i servizi AI di AWS
Rendi le tue app più smart con i servizi AI di AWSRendi le tue app più smart con i servizi AI di AWS
Rendi le tue app più smart con i servizi AI di AWSAmazon Web Services
 
Secure machine learning - Guarding your data and gaining insights
Secure machine learning - Guarding your data and gaining insightsSecure machine learning - Guarding your data and gaining insights
Secure machine learning - Guarding your data and gaining insightsAmazon Web Services
 
AWS in Aerospace by Joe Marino
AWS in Aerospace by Joe MarinoAWS in Aerospace by Joe Marino
AWS in Aerospace by Joe MarinoSameer Kenkare
 
Procuring Cloud: Achieving Business Outcomes with AWS
Procuring Cloud: Achieving Business Outcomes with AWSProcuring Cloud: Achieving Business Outcomes with AWS
Procuring Cloud: Achieving Business Outcomes with AWSAmazon Web Services
 
Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...
Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...
Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...Amazon Web Services
 
Introduction to AWS Travel by Massimo Morin
Introduction to AWS Travel by Massimo MorinIntroduction to AWS Travel by Massimo Morin
Introduction to AWS Travel by Massimo MorinSameer Kenkare
 
AIML Week: Modernize Citizen Services
AIML Week: Modernize Citizen ServicesAIML Week: Modernize Citizen Services
AIML Week: Modernize Citizen ServicesAmazon Web Services
 
Accelerated Transformation through Training
Accelerated Transformation through TrainingAccelerated Transformation through Training
Accelerated Transformation through TrainingAmazon Web Services
 
Rapid Prototyping with AWS - AWS Summit Sydney
Rapid Prototyping with AWS - AWS Summit SydneyRapid Prototyping with AWS - AWS Summit Sydney
Rapid Prototyping with AWS - AWS Summit SydneyAmazon Web Services
 
Promuovi il tuo progetto open source
Promuovi il tuo progetto open sourcePromuovi il tuo progetto open source
Promuovi il tuo progetto open sourceAmazon Web Services
 
What is a Bot and why you should care
What is a Bot and why you should careWhat is a Bot and why you should care
What is a Bot and why you should careElisabeth Bitsch-Christensen
 
Become a ML developer
Become a ML developerBecome a ML developer
Become a ML developerAmazon Web Services
 
Introduction to Amazon Go and Amazon Go Tour by Humphrey Chan
Introduction to Amazon Go and Amazon Go Tour by Humphrey ChanIntroduction to Amazon Go and Amazon Go Tour by Humphrey Chan
Introduction to Amazon Go and Amazon Go Tour by Humphrey ChanSameer Kenkare
 
AWS 物聯網 與 Alexa 自動化家庭語音助理
AWS 物聯網 與 Alexa 自動化家庭語音助理AWS 物聯網 與 Alexa 自動化家庭語音助理
AWS 物聯網 與 Alexa 自動化家庭語音助理Amazon Web Services
 
Building a Real-Time Data Platform on AWS
Building a Real-Time Data Platform on AWSBuilding a Real-Time Data Platform on AWS
Building a Real-Time Data Platform on AWSInjae Kwak
 
AWS Sydney Summit 2019 Re:Cap
AWS Sydney Summit 2019 Re:CapAWS Sydney Summit 2019 Re:Cap
AWS Sydney Summit 2019 Re:CapInjae Kwak
 
GDPR: Security & Data Protection at the Core of Your Strategy
GDPR: Security & Data Protection at the Core of Your StrategyGDPR: Security & Data Protection at the Core of Your Strategy
GDPR: Security & Data Protection at the Core of Your StrategyAmazon Web Services
 
Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...
Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...
Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...Amazon Web Services
 
How to Counter Cybersecurity Attacks - Trust No One
How to Counter Cybersecurity Attacks - Trust No OneHow to Counter Cybersecurity Attacks - Trust No One
How to Counter Cybersecurity Attacks - Trust No OneElisabeth Bitsch-Christensen
 
AWS IoT Update - re:Invent Comes to London 2.0
AWS IoT Update - re:Invent Comes to London 2.0AWS IoT Update - re:Invent Comes to London 2.0
AWS IoT Update - re:Invent Comes to London 2.0Amazon Web Services
 
Top Cloud Security Myths - Dispelled
Top Cloud Security Myths - DispelledTop Cloud Security Myths - Dispelled
Top Cloud Security Myths - DispelledAmazon Web Services
 
AI/ML Week: Improve Public Health
AI/ML Week: Improve Public HealthAI/ML Week: Improve Public Health
AI/ML Week: Improve Public HealthAmazon Web Services
 
AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019
AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019
AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019Amazon Web Services
 
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWSSecurity & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWSAmazon Web Services
 

Contenu connexe

Tendances

AWS in Aerospace by Joe Marino
AWS in Aerospace by Joe MarinoAWS in Aerospace by Joe Marino
AWS in Aerospace by Joe MarinoSameer Kenkare
 
Procuring Cloud: Achieving Business Outcomes with AWS
Procuring Cloud: Achieving Business Outcomes with AWSProcuring Cloud: Achieving Business Outcomes with AWS
Procuring Cloud: Achieving Business Outcomes with AWSAmazon Web Services
 
Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...
Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...
Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...Amazon Web Services
 
Introduction to AWS Travel by Massimo Morin
Introduction to AWS Travel by Massimo MorinIntroduction to AWS Travel by Massimo Morin
Introduction to AWS Travel by Massimo MorinSameer Kenkare
 
AIML Week: Modernize Citizen Services
AIML Week: Modernize Citizen ServicesAIML Week: Modernize Citizen Services
AIML Week: Modernize Citizen ServicesAmazon Web Services
 
Accelerated Transformation through Training
Accelerated Transformation through TrainingAccelerated Transformation through Training
Accelerated Transformation through TrainingAmazon Web Services
 
Rapid Prototyping with AWS - AWS Summit Sydney
Rapid Prototyping with AWS - AWS Summit SydneyRapid Prototyping with AWS - AWS Summit Sydney
Rapid Prototyping with AWS - AWS Summit SydneyAmazon Web Services
 
Promuovi il tuo progetto open source
Promuovi il tuo progetto open sourcePromuovi il tuo progetto open source
Promuovi il tuo progetto open sourceAmazon Web Services
 
Introduction to Amazon Go and Amazon Go Tour by Humphrey Chan
Introduction to Amazon Go and Amazon Go Tour by Humphrey ChanIntroduction to Amazon Go and Amazon Go Tour by Humphrey Chan
Introduction to Amazon Go and Amazon Go Tour by Humphrey ChanSameer Kenkare
 
AWS 物聯網 與 Alexa 自動化家庭語音助理
AWS 物聯網 與 Alexa 自動化家庭語音助理AWS 物聯網 與 Alexa 自動化家庭語音助理
AWS 物聯網 與 Alexa 自動化家庭語音助理Amazon Web Services
 
Building a Real-Time Data Platform on AWS
Building a Real-Time Data Platform on AWSBuilding a Real-Time Data Platform on AWS
Building a Real-Time Data Platform on AWSInjae Kwak
 
AWS Sydney Summit 2019 Re:Cap
AWS Sydney Summit 2019 Re:CapAWS Sydney Summit 2019 Re:Cap
AWS Sydney Summit 2019 Re:CapInjae Kwak
 
GDPR: Security & Data Protection at the Core of Your Strategy
GDPR: Security & Data Protection at the Core of Your StrategyGDPR: Security & Data Protection at the Core of Your Strategy
GDPR: Security & Data Protection at the Core of Your StrategyAmazon Web Services
 
Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...
Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...
Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...Amazon Web Services
 
How to Counter Cybersecurity Attacks - Trust No One
How to Counter Cybersecurity Attacks - Trust No OneHow to Counter Cybersecurity Attacks - Trust No One
How to Counter Cybersecurity Attacks - Trust No OneElisabeth Bitsch-Christensen
 
AWS IoT Update - re:Invent Comes to London 2.0
AWS IoT Update - re:Invent Comes to London 2.0AWS IoT Update - re:Invent Comes to London 2.0
AWS IoT Update - re:Invent Comes to London 2.0Amazon Web Services
 
Top Cloud Security Myths - Dispelled
Top Cloud Security Myths - DispelledTop Cloud Security Myths - Dispelled
Top Cloud Security Myths - DispelledAmazon Web Services
 
AI/ML Week: Improve Public Health
AI/ML Week: Improve Public HealthAI/ML Week: Improve Public Health
AI/ML Week: Improve Public HealthAmazon Web Services
 

Tendances (20)

AWS in Aerospace by Joe Marino
AWS in Aerospace by Joe MarinoAWS in Aerospace by Joe Marino
AWS in Aerospace by Joe Marino
 
Procuring Cloud: Achieving Business Outcomes with AWS
Procuring Cloud: Achieving Business Outcomes with AWSProcuring Cloud: Achieving Business Outcomes with AWS
Procuring Cloud: Achieving Business Outcomes with AWS
 
Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...
Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...
Amazon SageMaker sviluppa, addestra e distribuisci modelli di Machine Learnin...
 
Introduction to AWS Travel by Massimo Morin
Introduction to AWS Travel by Massimo MorinIntroduction to AWS Travel by Massimo Morin
Introduction to AWS Travel by Massimo Morin
 
AIML Week: Modernize Citizen Services
AIML Week: Modernize Citizen ServicesAIML Week: Modernize Citizen Services
AIML Week: Modernize Citizen Services
 
Accelerated Transformation through Training
Accelerated Transformation through TrainingAccelerated Transformation through Training
Accelerated Transformation through Training
 
Rapid Prototyping with AWS - AWS Summit Sydney
Rapid Prototyping with AWS - AWS Summit SydneyRapid Prototyping with AWS - AWS Summit Sydney
Rapid Prototyping with AWS - AWS Summit Sydney
 
Promuovi il tuo progetto open source
Promuovi il tuo progetto open sourcePromuovi il tuo progetto open source
Promuovi il tuo progetto open source
 
What is a Bot and why you should care
What is a Bot and why you should careWhat is a Bot and why you should care
What is a Bot and why you should care
 
Become a ML developer
Become a ML developerBecome a ML developer
Become a ML developer
 
Introduction to Amazon Go and Amazon Go Tour by Humphrey Chan
Introduction to Amazon Go and Amazon Go Tour by Humphrey ChanIntroduction to Amazon Go and Amazon Go Tour by Humphrey Chan
Introduction to Amazon Go and Amazon Go Tour by Humphrey Chan
 
AWS 物聯網 與 Alexa 自動化家庭語音助理
AWS 物聯網 與 Alexa 自動化家庭語音助理AWS 物聯網 與 Alexa 自動化家庭語音助理
AWS 物聯網 與 Alexa 自動化家庭語音助理
 
Building a Real-Time Data Platform on AWS
Building a Real-Time Data Platform on AWSBuilding a Real-Time Data Platform on AWS
Building a Real-Time Data Platform on AWS
 
AWS Sydney Summit 2019 Re:Cap
AWS Sydney Summit 2019 Re:CapAWS Sydney Summit 2019 Re:Cap
AWS Sydney Summit 2019 Re:Cap
 
GDPR: Security & Data Protection at the Core of Your Strategy
GDPR: Security & Data Protection at the Core of Your StrategyGDPR: Security & Data Protection at the Core of Your Strategy
GDPR: Security & Data Protection at the Core of Your Strategy
 
Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...
Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...
Atlassian's Solution for Multi-Region Encryption and Decryption - AWS Summit ...
 
How to Counter Cybersecurity Attacks - Trust No One
How to Counter Cybersecurity Attacks - Trust No OneHow to Counter Cybersecurity Attacks - Trust No One
How to Counter Cybersecurity Attacks - Trust No One
 
AWS IoT Update - re:Invent Comes to London 2.0
AWS IoT Update - re:Invent Comes to London 2.0AWS IoT Update - re:Invent Comes to London 2.0
AWS IoT Update - re:Invent Comes to London 2.0
 
Top Cloud Security Myths - Dispelled
Top Cloud Security Myths - DispelledTop Cloud Security Myths - Dispelled
Top Cloud Security Myths - Dispelled
 
AI/ML Week: Improve Public Health
AI/ML Week: Improve Public HealthAI/ML Week: Improve Public Health
AI/ML Week: Improve Public Health
 

Similaire à Automate Security Event Management Using Trust-Based Decision Models - AWS Summit Sydney

AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019
AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019
AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019Amazon Web Services
 
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWSSecurity & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWSAmazon Web Services
 
Machine learning at the edge for industrial applications - SVC302 - New York ...
Machine learning at the edge for industrial applications - SVC302 - New York ...Machine learning at the edge for industrial applications - SVC302 - New York ...
Machine learning at the edge for industrial applications - SVC302 - New York ...Amazon Web Services
 
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS SummitThreat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS SummitAmazon Web Services
 
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...Amazon Web Services
 
Cloud Operating Models for Accelerated Cloud Transformation - AWS Summit Sydney
Cloud Operating Models for Accelerated Cloud Transformation - AWS Summit SydneyCloud Operating Models for Accelerated Cloud Transformation - AWS Summit Sydney
Cloud Operating Models for Accelerated Cloud Transformation - AWS Summit SydneyAmazon Web Services
 
Architecting security & governance across your AWS environment
Architecting security & governance across your AWS environmentArchitecting security & governance across your AWS environment
Architecting security & governance across your AWS environmentAmazon Web Services
 
AWS Summit Singapore 2019 | Realising Business Value with AWS Analytics Services
AWS Summit Singapore 2019 | Realising Business Value with AWS Analytics ServicesAWS Summit Singapore 2019 | Realising Business Value with AWS Analytics Services
AWS Summit Singapore 2019 | Realising Business Value with AWS Analytics ServicesAWS Summits
 
Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...
Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...
Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...Amazon Web Services
 
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...Amazon Web Services LATAM
 
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWSSecurity Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWSAmazon Web Services LATAM
 
Threat Detection using artificial intelligence
Threat Detection using artificial intelligenceThreat Detection using artificial intelligence
Threat Detection using artificial intelligenceAmazon Web Services
 
Move users to AWS with Amazon WorkSpaces and Amazon AppStream 2-0
Move users to AWS with Amazon WorkSpaces and Amazon AppStream 2-0Move users to AWS with Amazon WorkSpaces and Amazon AppStream 2-0
Move users to AWS with Amazon WorkSpaces and Amazon AppStream 2-0Amazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSCobus Bernard
 
AWS及客戶在AI/ML的數位運行過程中得到的重要經驗與學習
AWS及客戶在AI/ML的數位運行過程中得到的重要經驗與學習AWS及客戶在AI/ML的數位運行過程中得到的重要經驗與學習
AWS及客戶在AI/ML的數位運行過程中得到的重要經驗與學習Amazon Web Services
 
How Nubank is building a customer-obsessed bank - FSV201 - New York AWS Summit
How Nubank is building a customer-obsessed bank - FSV201 - New York AWS SummitHow Nubank is building a customer-obsessed bank - FSV201 - New York AWS Summit
How Nubank is building a customer-obsessed bank - FSV201 - New York AWS SummitAmazon Web Services
 
The Theory and Practice, Practice, Practice of AWS Operations - AWS Summit Sy...
The Theory and Practice, Practice, Practice of AWS Operations - AWS Summit Sy...The Theory and Practice, Practice, Practice of AWS Operations - AWS Summit Sy...
The Theory and Practice, Practice, Practice of AWS Operations - AWS Summit Sy...Amazon Web Services
 
Leaping Over the Skills Gap - Accelerate Your Journey with AMS
Leaping Over the Skills Gap - Accelerate Your Journey with AMSLeaping Over the Skills Gap - Accelerate Your Journey with AMS
Leaping Over the Skills Gap - Accelerate Your Journey with AMSAmazon Web Services
 
Optimize deep learning training and inferencing using GPU and Amazon SageMake...
Optimize deep learning training and inferencing using GPU and Amazon SageMake...Optimize deep learning training and inferencing using GPU and Amazon SageMake...
Optimize deep learning training and inferencing using GPU and Amazon SageMake...Amazon Web Services
 

Similaire à Automate Security Event Management Using Trust-Based Decision Models - AWS Summit Sydney (20)

AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019
AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019
AIOps - Steps Towards Autonomous Operations - AWS Summit Sydney 2019
 
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWSSecurity & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
Security & Identity: the Continuous Mitigation & Diagnostic Journey on AWS
 
Automated Security Remediation
Automated Security RemediationAutomated Security Remediation
Automated Security Remediation
 
Machine learning at the edge for industrial applications - SVC302 - New York ...
Machine learning at the edge for industrial applications - SVC302 - New York ...Machine learning at the edge for industrial applications - SVC302 - New York ...
Machine learning at the edge for industrial applications - SVC302 - New York ...
 
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS SummitThreat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
Threat detection and mitigation at AWS - SEC201 - Atlanta AWS Summit
 
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
The Zen of governance - Establish guardrails and empower builders - SVC201 - ...
 
Cloud Operating Models for Accelerated Cloud Transformation - AWS Summit Sydney
Cloud Operating Models for Accelerated Cloud Transformation - AWS Summit SydneyCloud Operating Models for Accelerated Cloud Transformation - AWS Summit Sydney
Cloud Operating Models for Accelerated Cloud Transformation - AWS Summit Sydney
 
Architecting security & governance across your AWS environment
Architecting security & governance across your AWS environmentArchitecting security & governance across your AWS environment
Architecting security & governance across your AWS environment
 
AWS Summit Singapore 2019 | Realising Business Value with AWS Analytics Services
AWS Summit Singapore 2019 | Realising Business Value with AWS Analytics ServicesAWS Summit Singapore 2019 | Realising Business Value with AWS Analytics Services
AWS Summit Singapore 2019 | Realising Business Value with AWS Analytics Services
 
Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...
Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...
Presenting Radar: Validation and remediation of AWS cloud resources - GRC343 ...
 
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
 
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWSSecurity Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
 
Threat Detection using artificial intelligence
Threat Detection using artificial intelligenceThreat Detection using artificial intelligence
Threat Detection using artificial intelligence
 
Move users to AWS with Amazon WorkSpaces and Amazon AppStream 2-0
Move users to AWS with Amazon WorkSpaces and Amazon AppStream 2-0Move users to AWS with Amazon WorkSpaces and Amazon AppStream 2-0
Move users to AWS with Amazon WorkSpaces and Amazon AppStream 2-0
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
AWS及客戶在AI/ML的數位運行過程中得到的重要經驗與學習
AWS及客戶在AI/ML的數位運行過程中得到的重要經驗與學習AWS及客戶在AI/ML的數位運行過程中得到的重要經驗與學習
AWS及客戶在AI/ML的數位運行過程中得到的重要經驗與學習
 
How Nubank is building a customer-obsessed bank - FSV201 - New York AWS Summit
How Nubank is building a customer-obsessed bank - FSV201 - New York AWS SummitHow Nubank is building a customer-obsessed bank - FSV201 - New York AWS Summit
How Nubank is building a customer-obsessed bank - FSV201 - New York AWS Summit
 
The Theory and Practice, Practice, Practice of AWS Operations - AWS Summit Sy...
The Theory and Practice, Practice, Practice of AWS Operations - AWS Summit Sy...The Theory and Practice, Practice, Practice of AWS Operations - AWS Summit Sy...
The Theory and Practice, Practice, Practice of AWS Operations - AWS Summit Sy...
 
Leaping Over the Skills Gap - Accelerate Your Journey with AMS
Leaping Over the Skills Gap - Accelerate Your Journey with AMSLeaping Over the Skills Gap - Accelerate Your Journey with AMS
Leaping Over the Skills Gap - Accelerate Your Journey with AMS
 
Optimize deep learning training and inferencing using GPU and Amazon SageMake...
Optimize deep learning training and inferencing using GPU and Amazon SageMake...Optimize deep learning training and inferencing using GPU and Amazon SageMake...
Optimize deep learning training and inferencing using GPU and Amazon SageMake...
 

Plus de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Plus de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Automate Security Event Management Using Trust-Based Decision Models - AWS Summit Sydney

  • 1. S U M M I TS U M M I T SYDNEY
  • 2. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Automate security event management using trust-based decision models Deenadayaalan Thirugnanasambandam Senior Cloud Architect Amazon Web Services Proserv Vinod Subramaniam Senior Cloud Advisory Amazon Web Services Proserv
  • 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Automate Key take away
  • 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What to expect Build security event management system using rules based approach Build machine learning pipeline for security usecases Improve anomaly detection using machine learning
  • 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Today’s use case Zooropa Enterprise wants to host an internet facing SFTP Server on EC2 for Business to Business (B2B) file transfer Events/Attributes Rule Based Scenario Location (IP) of user User Alice accessing from an IP range: xx.yy not in approved database Authentication successes and failures Knowledge Database of rules 1. More than 2 unsuccessful attempts today 2. User successfully logged in during holidays 3. Excessive user activity during long weekend
  • 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What is the business problem? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Protect system from insider attack Protect system from external attack
  • 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Where do we look for? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment
  • 8. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What do we look for? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Application Errors and Failures Authentication & Authorisation patterns Location of User Access pattern – high risk functionality, excessive usage
  • 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Decision Management System – Rule Based Amazon CloudWatch Amazon EC2 AWS Lambda AWS CloudTrail Amazon GuardDuty
  • 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we prepare data? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Logs formatterAmazon CloudWatch Amazon S3
  • 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we prepare data? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Logs formatter Enhance data Amazon CloudWatch Amazon S3 Data enhancerAmazon S3
  • 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we write rules? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Rule 1: User Alice accessing from an IP range a.b.c.d/y not in approved database Limitations of rules 1. A database of known IP ranges needs to be maintained 2. Writing rules customised for a user is cumbersome and not scalable
  • 13. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we write rules? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Rule 2: a) More than 2 unsuccessful attempts today b) User successfully logged in during holidays c) Excessive activity during long weekend Limitations of rules 1. All such scenarios will need to be discovered and rule written 2. No ability to detect and respond to a new scenario or un-discovered scenario
  • 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Decision management system – rule based Amazon CloudWatch Amazon EC2 AWS Lambda AWS Step Functions workflow AWS CloudTrail Amazon GuardDuty
  • 15. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Today’s use case Zooropa Enterprise wants to host an internet facing SFTP Server on EC2 for Business to Business (B2B) file transfer Events/Attributes Limitations of rule based approach Location (IP) of user 1. A database of known IP ranges needs to be maintained 2. Writing rules customised for a user is cumbersome and not scalable Authentication successes and failures 1. All such scenarios will need to be discovered and rule written 2. No ability to detect and respond to a new scenario or un- discovered scenario ML based scenario Detect anomalous login based on attributes like historical login data + 1. IP, UserID 2. UserID, time of login 3. UserID, login attempts
  • 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Choose the right tool for the job 1 2 3 Clustering and segmentation Anomaly/Outlier Association Rule Mining Prediction SVM – One Classifier IP Insights K Means, K NN Isolation Forest - RCF
  • 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How we prepare data? Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment User ID Timestamp Client IP deenadat 19/Feb/2019:23:29:30 54.240.193.1 Alice 6/Feb/2019:23:19:12 200.240.193.1 deenadat 6/Mar/2019:18:49:48 54.240.193.1 Alice 9/Mar/2019:18:22:25 200.240.193.1 User ID Date Value deenadat 19/Feb/2019 4 Alice 6/Feb/2019 20 deenadat 6/Mar/2019 4 Alice 9/Mar/2019 15 IP Insights RCF
  • 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Build the model Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Hyperparameter : Model Entity Vectors : 2x Unique values
  • 20. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Build the model Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment Hyperparameter : Model Vector dimensions : 128
  • 21. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Evaluate the model Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment IP Insights model IP : 200.240.193.1 UserID : Alice Get anomaly score
  • 22. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 23. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Model deployment Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment IP Insights model
  • 24. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Decision management system – ML Amazon CloudWatch Amazon EC2 AWS Lambda AWS Step Functions workflow AWS CloudTrail Amazon GuardDuty
  • 25. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 26. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Model evaluation for anomalous data Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment RCF
  • 27. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Model tuning Business Understanding Data Understanding Data Preparation ModellingEvaluation Deployment from sagemaker.tuner import HyperparameterTuner, IntegerParameter # Configure HyperparameterTuner ip_insights_tuner = HyperparameterTuner( estimator=ip_insights, # previously-configured Estimator object objective_metric_name='validation:discriminator_auc', hyperparameter_ranges={'vector_dim': IntegerParameter(64, 1024)},max_jobs=4, max_parallel_jobs=2)
  • 28. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Retrain the model Amazon CloudWatch Amazon EC2 AWS Lambda AWS Step Functions workflow AWS CloudTrail Amazon GuardDuty
  • 29. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T What did we just learn?
  • 30. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Try it out
  • 31. Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Deenadayaalan Thirugnanasambandam Vinod Subramaniam