Soumettre la recherche
Mettre en ligne
Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
•
2 j'aime
•
311 vues
Amazon Web Services
Suivre
Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
Lire moins
Lire la suite
Signaler
Partager
Signaler
Partager
1 sur 27
Télécharger maintenant
Télécharger pour lire hors ligne
Recommandé
Migrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWS
Amazon Web Services
Managed Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDS
Amazon Web Services
12 Steps to Cloud
12 Steps to Cloud
Amazon Web Services
Building for Scale with AWS Media Services
Building for Scale with AWS Media Services
Amazon Web Services
Building transformational business value through broad organizational engagem...
Building transformational business value through broad organizational engagem...
Amazon Web Services
Amazon Container Services
Amazon Container Services
Amazon Web Services
Enabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWS
Amazon Web Services
SID303 Navigating GDPR Compliance on AWS
SID303 Navigating GDPR Compliance on AWS
Amazon Web Services
Recommandé
Migrate & Modernize your legacy Microsoft applications with AWS
Migrate & Modernize your legacy Microsoft applications with AWS
Amazon Web Services
Managed Relational Databases - Amazon RDS
Managed Relational Databases - Amazon RDS
Amazon Web Services
12 Steps to Cloud
12 Steps to Cloud
Amazon Web Services
Building for Scale with AWS Media Services
Building for Scale with AWS Media Services
Amazon Web Services
Building transformational business value through broad organizational engagem...
Building transformational business value through broad organizational engagem...
Amazon Web Services
Amazon Container Services
Amazon Container Services
Amazon Web Services
Enabling Compliance with the GDPR on AWS
Enabling Compliance with the GDPR on AWS
Amazon Web Services
SID303 Navigating GDPR Compliance on AWS
SID303 Navigating GDPR Compliance on AWS
Amazon Web Services
Go-to Market with AWS for Startups
Go-to Market with AWS for Startups
Amazon Web Services
Managed NoSQL databases
Managed NoSQL databases
Amazon Web Services
ENT206 Product Development in the Cloud
ENT206 Product Development in the Cloud
Amazon Web Services
Adding image and video analysis to your app
Adding image and video analysis to your app
Amazon Web Services
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
Amazon Web Services
Proven Methodologies for Accelerating Your Cloud Journey (ENT308-S) - AWS re:...
Proven Methodologies for Accelerating Your Cloud Journey (ENT308-S) - AWS re:...
Amazon Web Services
SRV316 Serverless Data Processing at Scale: An Amazon.com Case Study
SRV316 Serverless Data Processing at Scale: An Amazon.com Case Study
Amazon Web Services
The Future of Enterprise IT
The Future of Enterprise IT
Amazon Web Services
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Amazon Web Services
Building Real-Time Serverless Backends with GraphQL
Building Real-Time Serverless Backends with GraphQL
Amazon Web Services
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Amazon Web Services
Building Highly Scalable Retail Order Management Systems with Serverless
Building Highly Scalable Retail Order Management Systems with Serverless
Amazon Web Services
SRV304 IoT Building Blocks From Edge Devices to Analytics in the Cloud
SRV304 IoT Building Blocks From Edge Devices to Analytics in the Cloud
Amazon Web Services
DEM04 Fearless: From Monolith to Serverless with Dynatrace
DEM04 Fearless: From Monolith to Serverless with Dynatrace
Amazon Web Services
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Amazon Web Services
Migrate & Optimize Microsoft Applications on AWS
Migrate & Optimize Microsoft Applications on AWS
Amazon Web Services
Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops
Amazon Web Services
AWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdf
Amazon Web Services
SRV315 Building Enterprise-Grade Serverless Apps
SRV315 Building Enterprise-Grade Serverless Apps
Amazon Web Services
DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%
Amazon Web Services
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated Industries
Amazon Web Services
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
Amazon Web Services
Contenu connexe
Tendances
Go-to Market with AWS for Startups
Go-to Market with AWS for Startups
Amazon Web Services
Managed NoSQL databases
Managed NoSQL databases
Amazon Web Services
ENT206 Product Development in the Cloud
ENT206 Product Development in the Cloud
Amazon Web Services
Adding image and video analysis to your app
Adding image and video analysis to your app
Amazon Web Services
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
Amazon Web Services
Proven Methodologies for Accelerating Your Cloud Journey (ENT308-S) - AWS re:...
Proven Methodologies for Accelerating Your Cloud Journey (ENT308-S) - AWS re:...
Amazon Web Services
SRV316 Serverless Data Processing at Scale: An Amazon.com Case Study
SRV316 Serverless Data Processing at Scale: An Amazon.com Case Study
Amazon Web Services
The Future of Enterprise IT
The Future of Enterprise IT
Amazon Web Services
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Amazon Web Services
Building Real-Time Serverless Backends with GraphQL
Building Real-Time Serverless Backends with GraphQL
Amazon Web Services
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Amazon Web Services
Building Highly Scalable Retail Order Management Systems with Serverless
Building Highly Scalable Retail Order Management Systems with Serverless
Amazon Web Services
SRV304 IoT Building Blocks From Edge Devices to Analytics in the Cloud
SRV304 IoT Building Blocks From Edge Devices to Analytics in the Cloud
Amazon Web Services
DEM04 Fearless: From Monolith to Serverless with Dynatrace
DEM04 Fearless: From Monolith to Serverless with Dynatrace
Amazon Web Services
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Amazon Web Services
Migrate & Optimize Microsoft Applications on AWS
Migrate & Optimize Microsoft Applications on AWS
Amazon Web Services
Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops
Amazon Web Services
AWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdf
Amazon Web Services
SRV315 Building Enterprise-Grade Serverless Apps
SRV315 Building Enterprise-Grade Serverless Apps
Amazon Web Services
DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%
Amazon Web Services
Tendances
(20)
Go-to Market with AWS for Startups
Go-to Market with AWS for Startups
Managed NoSQL databases
Managed NoSQL databases
ENT206 Product Development in the Cloud
ENT206 Product Development in the Cloud
Adding image and video analysis to your app
Adding image and video analysis to your app
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
ENT307 Move your Desktops and Apps to AWS with Amazon WorkSpaces and AppStre...
Proven Methodologies for Accelerating Your Cloud Journey (ENT308-S) - AWS re:...
Proven Methodologies for Accelerating Your Cloud Journey (ENT308-S) - AWS re:...
SRV316 Serverless Data Processing at Scale: An Amazon.com Case Study
SRV316 Serverless Data Processing at Scale: An Amazon.com Case Study
The Future of Enterprise IT
The Future of Enterprise IT
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Securing SaaS/Web and Windows Apps in a Hybrid Cloud World (SEC314-S) - AWS r...
Building Real-Time Serverless Backends with GraphQL
Building Real-Time Serverless Backends with GraphQL
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Integrate Amazon WorkDocs with Security & Compliance Solutions & Applications...
Building Highly Scalable Retail Order Management Systems with Serverless
Building Highly Scalable Retail Order Management Systems with Serverless
SRV304 IoT Building Blocks From Edge Devices to Analytics in the Cloud
SRV304 IoT Building Blocks From Edge Devices to Analytics in the Cloud
DEM04 Fearless: From Monolith to Serverless with Dynatrace
DEM04 Fearless: From Monolith to Serverless with Dynatrace
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Your road to a Well Architected solution in the Cloud - Tel Aviv Summit 2018
Migrate & Optimize Microsoft Applications on AWS
Migrate & Optimize Microsoft Applications on AWS
Hitchhiker's Guide to Cloud Ops
Hitchhiker's Guide to Cloud Ops
AWS-Vizalytics-March-2018 2.pdf
AWS-Vizalytics-March-2018 2.pdf
SRV315 Building Enterprise-Grade Serverless Apps
SRV315 Building Enterprise-Grade Serverless Apps
DEM06 How Demandbase Cut Its Container Costs by 79%
DEM06 How Demandbase Cut Its Container Costs by 79%
Similaire à Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated Industries
Amazon Web Services
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
Amazon Web Services
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
Amazon Web Services
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Amazon Web Services
DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)
Amazon Web Services
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB
Building Successful Cloud Software Business with AWS (Stanley Chan, Head of T...
Building Successful Cloud Software Business with AWS (Stanley Chan, Head of T...
Amazon Web Services Korea
Managing Security on AWS
Managing Security on AWS
Amazon Web Services
AWS FSI Symposium 2017 NYC - Moving at the Speed of Serverless ft Broadridge
AWS FSI Symposium 2017 NYC - Moving at the Speed of Serverless ft Broadridge
Amazon Web Services
Secure Your Customers' Data From Day One
Secure Your Customers' Data From Day One
Amazon Web Services
Accelerate Digital Transformation for Telecom Operators with Cloud-Native Amd...
Accelerate Digital Transformation for Telecom Operators with Cloud-Native Amd...
Amazon Web Services
Enterprise Security
Enterprise Security
Amazon Web Services
Improve Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & Delivery
Amazon Web Services
Architect Your Legacy Microsoft Apps into Modern Cloud Workloads
Architect Your Legacy Microsoft Apps into Modern Cloud Workloads
Amazon Web Services
Scaling and Automating DevOps with CloudBees and Spot Instances (GPSTEC310) -...
Scaling and Automating DevOps with CloudBees and Spot Instances (GPSTEC310) -...
Amazon Web Services
Enabling Your Organization’s Amazon Redshift Adoption – Going from Zero to He...
Enabling Your Organization’s Amazon Redshift Adoption – Going from Zero to He...
Amazon Web Services
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
Amazon Web Services
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...
Martin Klie
Improve productivity with Continuous Integration & Delivery
Improve productivity with Continuous Integration & Delivery
Amazon Web Services
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
Amazon Web Services
Similaire à Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
(20)
ENT305 Compliance and Cloud Security for Regulated Industries
ENT305 Compliance and Cloud Security for Regulated Industries
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
Migrate, Modernize, and Manage: Best Practices for a Cloud Migration
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
DevSecOps 的規模化實踐 (Level: 300-400)
DevSecOps 的規模化實踐 (Level: 300-400)
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
MongoDB World 2018: Tutorial - How to Build Applications with MongoDB Atlas &...
Building Successful Cloud Software Business with AWS (Stanley Chan, Head of T...
Building Successful Cloud Software Business with AWS (Stanley Chan, Head of T...
Managing Security on AWS
Managing Security on AWS
AWS FSI Symposium 2017 NYC - Moving at the Speed of Serverless ft Broadridge
AWS FSI Symposium 2017 NYC - Moving at the Speed of Serverless ft Broadridge
Secure Your Customers' Data From Day One
Secure Your Customers' Data From Day One
Accelerate Digital Transformation for Telecom Operators with Cloud-Native Amd...
Accelerate Digital Transformation for Telecom Operators with Cloud-Native Amd...
Enterprise Security
Enterprise Security
Improve Productivity with Continuous Integration & Delivery
Improve Productivity with Continuous Integration & Delivery
Architect Your Legacy Microsoft Apps into Modern Cloud Workloads
Architect Your Legacy Microsoft Apps into Modern Cloud Workloads
Scaling and Automating DevOps with CloudBees and Spot Instances (GPSTEC310) -...
Scaling and Automating DevOps with CloudBees and Spot Instances (GPSTEC310) -...
Enabling Your Organization’s Amazon Redshift Adoption – Going from Zero to He...
Enabling Your Organization’s Amazon Redshift Adoption – Going from Zero to He...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
CI/CD for Serverless and Containerized Applications (DEV309-R1) - AWS re:Inve...
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...
2018 re:Invent - Safeguard the Integrity of Your Code for Fast and Secure Dep...
Improve productivity with Continuous Integration & Delivery
Improve productivity with Continuous Integration & Delivery
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
PaaS – From Code to Running Application using AWS Elastic Beanstalk (DEV323) ...
Plus de Amazon Web Services
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Amazon Web Services
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Amazon Web Services
Open banking as a service
Open banking as a service
Amazon Web Services
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Amazon Web Services
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
Computer Vision con AWS
Computer Vision con AWS
Amazon Web Services
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
Tools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
Building a web application without servers
Building a web application without servers
Amazon Web Services
Fundraising Essentials
Fundraising Essentials
Amazon Web Services
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Amazon Web Services
Plus de Amazon Web Services
(20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Open banking as a service
Open banking as a service
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Computer Vision con AWS
Computer Vision con AWS
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Tools for building your MVP on AWS
Tools for building your MVP on AWS
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Building a web application without servers
Building a web application without servers
Fundraising Essentials
Fundraising Essentials
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
1.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Marc Doublet Business Development Manager AWS Marketplace – Amazon Web Services Cloud DevSecOps and compliance considerations leveraging AWS Marketplace sellers
2.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Cloud DevSecOps Considerations Leveraging AWS Marketplace Software • Cloud native procurement, entitlement & deployment • Why DevSecOps? • DevSecOps Secure AMI Factory • What we hear from customers • Mapping security to compliance controls • RansomWare? No More Ransom 2 A G E N D A
3.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.3 Cloud native procurement, entitlement & deployment • 35 software categories • 1,400+ ISVs • 4,200+ product listings • Deployed in 16 regions around the world • Billed through AWS account • 170,000 active customers • 550M EC2 hours deployed per month A W S M A R K E T P L A C E
4.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.4 Why DevSecOps? Business Imperatives Competing forces Development Build it faster Operations Keep it stable Security Make it secure D E V O P S BUILD TEST DISTRIBUTE MONITOR Developers Users D E V S E C O P S BUILD TEST DISTRIBUTE MONITOR Developers Users SECURITY
5.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.5 29 Accounts | 62 VPCs 2016 Shared Services Security Data Center 35 Accounts | 35 VPCs 2017 + 2 Accounts | 20 VPCs Production Non-Prod 2015 CLOUD-FIRST • The cloud is not just another data center with virtual machines • Leverage managed services • For every problem, ask: how do we best solve this in the cloud using current best practices? • Let modern tools solve old hard problems SECURITY BY DESIGN • Secure every part all the time • Apply the principle of Least Privilege AUTOMATE EVERYTHING • Build everything as Infrastructure as Code • Do not log in to the console and make changes • Never log in to a server Customer Journey C H A N G E H E A L T H C A R E
6.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.6 DevSecOps: Secure AMI Factory BUILD TEST MONITORDISTRIBUTE • Select Marketplace OS • Protect instance integrity • Tailor to your toolchain policy • Harden to risk profile • Follow industry regulations • Next gen endpoint protection • File integrity monitoring • Secure AMI template • Effective, Reliable, Stable • Mitigated risk Build Phase Process Outcome
7.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.7 DevSecOps: Secure AMI Factory BUILD TEST MONITORDISTRIBUTE • Anitian PCI (OS) • Center for Internet Security (OS) • Cloud Passage Server Secure • Chef Automate • Puppet Enterprise • Trend Micro Deep Security • Amazon EC2 • Amazon EC2 SSM • Amazon CloudWatch • Amazon ECS, S3 Build Phase
8.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.8 DevSecOps: Secure AMI Factory BUILD TEST MONITORDISTRIBUTE Test Phase: Approve • Configuration and vulnerability analysis • Inspect scan reports • Logging and monitoring • Automated config management • Baseline AMI is devoid of vulnerabilities • Security requirements are met Process Outcome
9.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.9 DevSecOps: Secure AMI Factory BUILD TEST MONITORDISTRIBUTE • Alert Logic Cloud Defender • Evident.io • CloudPassage Server Secure • Microfocus Unified Functional Testing • Splunk Cloud • AlienVault USM • Amazon Inspector • Amazon EC2 SSMTest Phase: Approve
10.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.10 DevSecOps: Secure AMI Factory BUILD TEST MONITORDISTRIBUTE Distribution Phase • Generate CloudFormation • Deploy and distribute using a Continuous Integration server • Deploy across regions • Deploy across accounts • Control the distribution by policy to teams with Service Catalog • AMI is deployed across all regions and accounts • AWS Service Catalog portfolios are updated Outcome Process
11.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.11 DevSecOps: Secure AMI Factory BUILD TEST MONITORDISTRIBUTE • CloudPassage Server Secure • Shippable • Electric Cloud ElectricFlow • Midvision RapidDeploy • Splunk Cloud • AlienVault USM • AWS CodeCommit • AWS CodePipeline • AWS Service Catalog Distribution Phase
12.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.12 DevSecOps: Secure AMI Factory BUILD TEST MONITORDISTRIBUTE • AMI is free of CVEs • Continuous operational intelligence Monitor Phase • Regularly scan to ensure AMI doesn’t contain CVEs • Monitor, analyze and visualize data • Behavioral monitoring • Log Management Outcome Process
13.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved.13 DevSecOps: Secure AMI Factory BUILD TEST MONITORDISTRIBUTE • SumoLogic • Dynatrace • Elasticsearch • New Relic • CA Application Performance Management • Amazon CloudWatch • Amazon Inspector • Amazon Macie • Amazon GuardDuty Monitor Phase • Trend Micro Deep Security • Splunk Enterprise • AlienVault USM • AppDynamics • CloudPassage Server Secure
14.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Security & compliance is a shared responsibility Customer Responsible for Security IN the Cloud AWS Responsible for Security OF the Cloud Customer data Applications, identity & access management Operating system, network & firewall configuration Client-side data encryption & Data integrity authentication Server-side encryption (file system and/or data) Network traffic protection (encryption/ integrity/identity) Compute Storage Database Networking AWS global infrastructure Regions Edge locations Availability zones
15.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. AWS Security Competency Solutions Network security Security intelligence Identity & access management Security orchestration Cloud workload security Data security Application security Easy, fast, and secure way to search, analyze, and visualize massive data streams Secures access through single sign-on, multi- factor authentication and privileged access security Protection of data, digital identities, payments, and transactions from the edge to the core Get hourly proactive protection for your AWS workloads with Trend Micro Deep Security Technology and managed security services to assess vulnerabilities and streamline compliance Extends all security and management capabilities of the world's most- trusted web application firewall to Amazon Web Services environments Quickly create a hybrid architecture that extends your existing data center into AWS via encrypted tunnels Collect, compress, and securely transfer all of your log data regardless of volume, type, or location OneLogin, the innovator in Identity and Access Management-as- a-Service (IDaaS) Offers encryption with integrated key management to secure machines and data throughout their lifecycle Automates AWS security groups and adds an extra layer of protection against hackers Complementing AWS services, enabling you to deploy a comprehensive security architecture and seamless experience across cloud and on-premises Other popular solutions: Fortinet Other popular solutions: Bitium, ClearLogin, Ping Identity Other popular solutions: CTERA Other popular solutions: Tenable, Qualys Other popular solutions: McAfee, CrowdStrike Other popular solutions: F5, Fortinet Other popular solutions: Check Point, Fortinet, Alert Logic Delivers complete content and network protection by combining stateful inspection with a comprehensive suite of powerful security features Automates security for public cloud workloads, enabling agility, risk reduction, and cost savings, while easing DevOps & admin burdens 15 15
16.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. What we hear from our customers Software entitlement & deployment models 16 C H A L L E N G E Rapidly innovate by buying and deploying software solutions on-demand C U S T O M E R S W A N T T O
17.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. What we hear from our customers Out-of-date procurement mechanisms, with multiple places to procure software 17 C H A L L E N G E Reduce cost while picking new standards C U S T O M E R S W A N T T O
18.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. What we hear from our customers Compliance in hybrid and cloud computing 18 C H A L L E N G E Understand what AWS Services and Seller listings provide compliance C U S T O M E R S W A N T T O
19.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. What we hear from our customers Complex agreement management and constant renewal and replacement 19 C H A L L E N G E Simplify and streamline purchasing, license management, invoicing and upgrade on demand C U S T O M E R S W A N T T O
20.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Enterprise Contract for AWS Marketplace 9 commonly negotiated clauses 50+ participating companies Standardized contract template Decrease Time Spent Negotiating Contracts
21.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. Allgress Regulatory Product Mapping Tool amzn.to/RPM
22.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. • Compliance controls mapped to AWS Marketplace products • Select a product and quickly see all the controls it fulfills • Select a control and see what AWS Marketplace products cover it • Generate a report of selected products; link to AWS Marketplace listing page • Free for customers • Visit amzn.to/RPM 22 Allgress Regulatory Product Mapping
23.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2018, Amazon Web Services, Inc. or its affiliates. All rights reserved. NoMoreRansom.org
24.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. #NoMoreRansom Stats 24 • Can decrypt 84 ransomware families with 52 decryption tools in 29 languages • 120 partners: (including founding members, Barracuda and AWS) • 40 LEA: New: Cypriot & Estonian police • 80 non-LEA: New: KPN; Telenor; CPIC • 1.6 million visitors from more than 180 countries • More than 35,000 people have retrieved their files for free, preventing criminals from profiting from more than $12M USD • CryptXXX, CrySIS and Dharma are the most detected infections. • NoMoreRansom.org
25.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Call to Action • Learn more about how AWS Marketplace can help strengthen your Security Posture in the Cloud: https://aws.amazon.com/mp/security-network/ • Reach out to the AWS Marketplace Customer Advisor team for more information about DevSecOps solutions available on Marketplace: aws-mp-ca-team@amazon.com M O R E I N F O R M A T I O N 25
26.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. Please complete the session survey in the summit mobile app.
27.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. M A R C D O U B L E T mddouble@amazon.lu Thank You!
Télécharger maintenant