Soumettre la recherche
Mettre en ligne
Security Framework Shakedown
•
1 j'aime
•
3,301 vues
Amazon Web Services
Suivre
Security Framework Shakedown. AWS Initiate Day, Austin, TX
Lire moins
Lire la suite
Signaler
Partager
Signaler
Partager
1 sur 47
Télécharger maintenant
Télécharger pour lire hors ligne
Recommandé
Drive Digital Transformation Using AI
Drive Digital Transformation Using AI
Amazon Web Services
Machine Learning Key Lessons Learned for Developers
Machine Learning Key Lessons Learned for Developers
Amazon Web Services
Amazon SageMaker
Amazon SageMaker
Amazon Web Services
Cloud Economics
Cloud Economics
Amazon Web Services
Plenary Session
Plenary Session
Amazon Web Services
Moving to DevOps
Moving to DevOps
Amazon Web Services
Digital transformation on aws
Digital transformation on aws
Reham Maher El-Safarini
Introduction to Cloud Economics for the UK Public Sector
Introduction to Cloud Economics for the UK Public Sector
Amazon Web Services
Recommandé
Drive Digital Transformation Using AI
Drive Digital Transformation Using AI
Amazon Web Services
Machine Learning Key Lessons Learned for Developers
Machine Learning Key Lessons Learned for Developers
Amazon Web Services
Amazon SageMaker
Amazon SageMaker
Amazon Web Services
Cloud Economics
Cloud Economics
Amazon Web Services
Plenary Session
Plenary Session
Amazon Web Services
Moving to DevOps
Moving to DevOps
Amazon Web Services
Digital transformation on aws
Digital transformation on aws
Reham Maher El-Safarini
Introduction to Cloud Economics for the UK Public Sector
Introduction to Cloud Economics for the UK Public Sector
Amazon Web Services
Security Framework Shakedown: Chart Your Journey with AWS Best Practices
Security Framework Shakedown: Chart Your Journey with AWS Best Practices
Amazon Web Services
Enabling Transformation through Agility & Innovation - AWS Transformation Day...
Enabling Transformation through Agility & Innovation - AWS Transformation Day...
Amazon Web Services
Big data johnson_public
Big data johnson_public
Tunghai University
AWS Initiate Day Dublin 2019 – Cost Optimization on AWS
AWS Initiate Day Dublin 2019 – Cost Optimization on AWS
Amazon Web Services
Unblocking Innovation for Digital Transformation
Unblocking Innovation for Digital Transformation
Amazon Web Services
Drive Digital Transformation using ML
Drive Digital Transformation using ML
Amazon Web Services
Democratizing AI
Democratizing AI
Amazon Web Services
Cloud Economics
Cloud Economics
Amazon Web Services
Financial Services Industry Forum
Financial Services Industry Forum
Amazon Web Services LATAM
Quantifying_the_impact_of_AWS_on_your_business
Quantifying_the_impact_of_AWS_on_your_business
Amazon Web Services
Moving to DevOps the Amazon Way
Moving to DevOps the Amazon Way
Amazon Web Services
AWS Initiate Day Dublin 2019 – Migrating Data to the Cloud
AWS Initiate Day Dublin 2019 – Migrating Data to the Cloud
Amazon Web Services
AWS-Education-Day-for-HKMA-FCAS
AWS-Education-Day-for-HKMA-FCAS
Amazon Web Services
AWS Summit Singapore 2019 | Enterprise Migration Journey Roadmap
AWS Summit Singapore 2019 | Enterprise Migration Journey Roadmap
AWS Summits
Trends in Digital Transformation
Trends in Digital Transformation
Amazon Web Services
Building the business case for AWS
Building the business case for AWS
Amazon Web Services
透過資料平台掌握關鍵數據消費者洞察極大化
透過資料平台掌握關鍵數據消費者洞察極大化
Amazon Web Services
Migrating_Large_Scale_Data_Sets_to_the_Cloud
Migrating_Large_Scale_Data_Sets_to_the_Cloud
Amazon Web Services
AWS Initiate - Otimização de Custos com AWS
AWS Initiate - Otimização de Custos com AWS
Amazon Web Services LATAM
Cloud Migration Insights Forum - New Zealand
Cloud Migration Insights Forum - New Zealand
Amazon Web Services
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Amazon Web Services LATAM
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Amazon Web Services LATAM
Contenu connexe
Tendances
Security Framework Shakedown: Chart Your Journey with AWS Best Practices
Security Framework Shakedown: Chart Your Journey with AWS Best Practices
Amazon Web Services
Enabling Transformation through Agility & Innovation - AWS Transformation Day...
Enabling Transformation through Agility & Innovation - AWS Transformation Day...
Amazon Web Services
Big data johnson_public
Big data johnson_public
Tunghai University
AWS Initiate Day Dublin 2019 – Cost Optimization on AWS
AWS Initiate Day Dublin 2019 – Cost Optimization on AWS
Amazon Web Services
Unblocking Innovation for Digital Transformation
Unblocking Innovation for Digital Transformation
Amazon Web Services
Drive Digital Transformation using ML
Drive Digital Transformation using ML
Amazon Web Services
Democratizing AI
Democratizing AI
Amazon Web Services
Cloud Economics
Cloud Economics
Amazon Web Services
Financial Services Industry Forum
Financial Services Industry Forum
Amazon Web Services LATAM
Quantifying_the_impact_of_AWS_on_your_business
Quantifying_the_impact_of_AWS_on_your_business
Amazon Web Services
Moving to DevOps the Amazon Way
Moving to DevOps the Amazon Way
Amazon Web Services
AWS Initiate Day Dublin 2019 – Migrating Data to the Cloud
AWS Initiate Day Dublin 2019 – Migrating Data to the Cloud
Amazon Web Services
AWS-Education-Day-for-HKMA-FCAS
AWS-Education-Day-for-HKMA-FCAS
Amazon Web Services
AWS Summit Singapore 2019 | Enterprise Migration Journey Roadmap
AWS Summit Singapore 2019 | Enterprise Migration Journey Roadmap
AWS Summits
Trends in Digital Transformation
Trends in Digital Transformation
Amazon Web Services
Building the business case for AWS
Building the business case for AWS
Amazon Web Services
透過資料平台掌握關鍵數據消費者洞察極大化
透過資料平台掌握關鍵數據消費者洞察極大化
Amazon Web Services
Migrating_Large_Scale_Data_Sets_to_the_Cloud
Migrating_Large_Scale_Data_Sets_to_the_Cloud
Amazon Web Services
AWS Initiate - Otimização de Custos com AWS
AWS Initiate - Otimização de Custos com AWS
Amazon Web Services LATAM
Cloud Migration Insights Forum - New Zealand
Cloud Migration Insights Forum - New Zealand
Amazon Web Services
Tendances
(20)
Security Framework Shakedown: Chart Your Journey with AWS Best Practices
Security Framework Shakedown: Chart Your Journey with AWS Best Practices
Enabling Transformation through Agility & Innovation - AWS Transformation Day...
Enabling Transformation through Agility & Innovation - AWS Transformation Day...
Big data johnson_public
Big data johnson_public
AWS Initiate Day Dublin 2019 – Cost Optimization on AWS
AWS Initiate Day Dublin 2019 – Cost Optimization on AWS
Unblocking Innovation for Digital Transformation
Unblocking Innovation for Digital Transformation
Drive Digital Transformation using ML
Drive Digital Transformation using ML
Democratizing AI
Democratizing AI
Cloud Economics
Cloud Economics
Financial Services Industry Forum
Financial Services Industry Forum
Quantifying_the_impact_of_AWS_on_your_business
Quantifying_the_impact_of_AWS_on_your_business
Moving to DevOps the Amazon Way
Moving to DevOps the Amazon Way
AWS Initiate Day Dublin 2019 – Migrating Data to the Cloud
AWS Initiate Day Dublin 2019 – Migrating Data to the Cloud
AWS-Education-Day-for-HKMA-FCAS
AWS-Education-Day-for-HKMA-FCAS
AWS Summit Singapore 2019 | Enterprise Migration Journey Roadmap
AWS Summit Singapore 2019 | Enterprise Migration Journey Roadmap
Trends in Digital Transformation
Trends in Digital Transformation
Building the business case for AWS
Building the business case for AWS
透過資料平台掌握關鍵數據消費者洞察極大化
透過資料平台掌握關鍵數據消費者洞察極大化
Migrating_Large_Scale_Data_Sets_to_the_Cloud
Migrating_Large_Scale_Data_Sets_to_the_Cloud
AWS Initiate - Otimização de Custos com AWS
AWS Initiate - Otimização de Custos com AWS
Cloud Migration Insights Forum - New Zealand
Cloud Migration Insights Forum - New Zealand
Similaire à Security Framework Shakedown
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Amazon Web Services LATAM
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Amazon Web Services LATAM
Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...
Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...
Amazon Web Services
AWS Initiate: Security framework shakedown
AWS Initiate: Security framework shakedown
Amazon Web Services LATAM
AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhor...
AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhor...
Amazon Web Services LATAM
So You Want to be Well-Architected?
So You Want to be Well-Architected?
Amazon Web Services
Landing Zones Creating a Foundation - AWS Summit Sydney 2018
Landing Zones Creating a Foundation - AWS Summit Sydney 2018
Amazon Web Services
Landing zones: Creating a Foundation for Your AWS Migrations
Landing zones: Creating a Foundation for Your AWS Migrations
Ali Asgar Juzer
Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Amazon Web Services
Building the Technical Foundation for Your Security Practice (GPSCT205) - AWS...
Building the Technical Foundation for Your Security Practice (GPSCT205) - AWS...
Amazon Web Services
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Amazon Web Services
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdf
Amazon Web Services
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Amazon Web Services
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...
Amazon Web Services
AWSome Day Online Conference 2018 - Module 3
AWSome Day Online Conference 2018 - Module 3
Amazon Web Services
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
Amazon Web Services
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Amazon Web Services
AWS Initiate Day Manchester 2019 – Moving to DevOps the Amazon Way
AWS Initiate Day Manchester 2019 – Moving to DevOps the Amazon Way
Amazon Web Services
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
Amazon Web Services
Using AMS to get FSI Regulated Workloads on the Cloud, Fast - AWS Summit Sydn...
Using AMS to get FSI Regulated Workloads on the Cloud, Fast - AWS Summit Sydn...
Amazon Web Services
Similaire à Security Framework Shakedown
(20)
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security framework shakedown_-_chart_your_journey_with_aws_best_practices_ini...
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Security Framework Shakedown- Mapeie sua jornada com as melhores práticas da AWS
Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...
Security Framework Shakedown: Chart Your Journey with AWS Best Practices (SEC...
AWS Initiate: Security framework shakedown
AWS Initiate: Security framework shakedown
AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhor...
AWS Initiate - Security Framework Shakedown: Mapeie sua jornada com as melhor...
So You Want to be Well-Architected?
So You Want to be Well-Architected?
Landing Zones Creating a Foundation - AWS Summit Sydney 2018
Landing Zones Creating a Foundation - AWS Summit Sydney 2018
Landing zones: Creating a Foundation for Your AWS Migrations
Landing zones: Creating a Foundation for Your AWS Migrations
Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Initiate Edinburgh 2019 - Moving to DevOps the Amazon Way
Building the Technical Foundation for Your Security Practice (GPSCT205) - AWS...
Building the Technical Foundation for Your Security Practice (GPSCT205) - AWS...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
How to Implement a Well-Architected Security Solution.pdf
How to Implement a Well-Architected Security Solution.pdf
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...
AWSome Day Online Conference 2018 - Module 3
AWSome Day Online Conference 2018 - Module 3
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
[REPEAT 1] Safeguard the Integrity of Your Code for Fast and Secure Deploymen...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
Safeguard the Integrity of Your Code for Fast and Secure Deployments (DEV349-...
AWS Initiate Day Manchester 2019 – Moving to DevOps the Amazon Way
AWS Initiate Day Manchester 2019 – Moving to DevOps the Amazon Way
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
How Verizon is Accelerating Cloud Adoption and Migration with the AWS Service...
Using AMS to get FSI Regulated Workloads on the Cloud, Fast - AWS Summit Sydn...
Using AMS to get FSI Regulated Workloads on the Cloud, Fast - AWS Summit Sydn...
Plus de Amazon Web Services
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Amazon Web Services
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Amazon Web Services
Open banking as a service
Open banking as a service
Amazon Web Services
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Amazon Web Services
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
Computer Vision con AWS
Computer Vision con AWS
Amazon Web Services
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
Tools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
Building a web application without servers
Building a web application without servers
Amazon Web Services
Fundraising Essentials
Fundraising Essentials
Amazon Web Services
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Amazon Web Services
Plus de Amazon Web Services
(20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Open banking as a service
Open banking as a service
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Computer Vision con AWS
Computer Vision con AWS
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Tools for building your MVP on AWS
Tools for building your MVP on AWS
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Building a web application without servers
Building a web application without servers
Fundraising Essentials
Fundraising Essentials
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Security Framework Shakedown
1.
© 2019, Amazon
Web Services, Inc. or its Affiliates. All rights reserved. Security Framework Shakedown Chart Your Journey with AWS Best Practices
2.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Objectives • Define a security strategy, deliver a security program and develop robust security operations on AWS • Explain, Implement AWS security best practices • Adopt AWS security services at an accelerated pace • Get some code!
3.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Agenda • NAB Cloud security journey • Cloud adoption framework security perspective • AWS well-architected framework security pillar
4.
5.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. National Australia Bank Our vision: To be Australia's leading bank, trusted by customers for exceptional service • One of Australia’s four major banks and largest business bank • More than 30,000 employees and 9 million customers across 900 locations
6.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Our cloud security strategy Objectives • Extend our existing Security Services to the Cloud • Integrated and Secure by Default • Continuous Security Governance
7.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Our cloud security strategy Objectives • Extend our existing Security Services to the Cloud • Integrated and Secure by Default • Continuous Security Governance Insights • We had to change our approach • Scale with automation and decentralization • Security compliments agile
8.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Foundations of continuous compliance Baseline Compliance Portfolio AWS Service Compliance Portfolio Application Compliance Portfolio Service A Service B API Gateway Amazon RDS Amazon EBS Prod Account Non-Prod Account Application Security Assessment AWS Service Control Review Security Posture
9.
10.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS cloud adoption framework
11.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CAF security perspective Security Perspective Directive Preventative Detective Responsive
12.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Core five epics
13.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS shared responsibility model
14.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Define a strategy Identify your workloads moving to AWSIdentify stakeholders
15.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deliver a security program Rationalize security requirements Define data protections and controls Document security architecture
16.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security cartography
17.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. CAF best practices Inventory current security requirements Adopt a security framework Identify workload security controls Map current security controls to cloud controls Create a security RACI Create a risk register
18.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Robust security operations Deploy architecture Automation Continuous monitoring Testing and Gameda
19.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Identity & Access Mgmt Detective Control Infrastructure Security Data Protection Incident Response Week 1 Week 2 Week 5Week 3 Week 4 Sample security Epics journey
20.
21.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is the AWS Well-Architected Framework? Pillars Design Principles Questions
22.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pillars of AWS Well-Architected Security Reliability Performance Efficiency Cost Optimization Operational Excellence
23.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. A mechanism for your cloud journey Learn Measure Improve
24.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security design principles • Implement a strong identity foundation • Enable traceability • Apply security at all layers • Automate security best practices • Protect data in transit and at rest • Keep people away from data • Prepare for security events
25.
26.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Top best practices: Strong identity foundation Root account should never be used Consider AWS Organizations Set account security questions & contacts Centralize identities Continuously Audit
27.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Top best practices: Strong identity foundation Never store credentials or secrets in code Enforce MFA on everything Use IAM roles for users and services Establish least privileged policies Use temporary credentials
28.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Enforce MFA User can only assume a role with MFA MFA token Permissions RoleUser AWS CloudPermissions http://bit.ly/AWSWALabs
29.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Top best practices: Enable traceability Consider Amazon GuardDuty Configure application & infrastructure logging Centralize using a SIEM Proactively monitor Regular reviews of news & best practices
30.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Enable traceability Use AWS CloudFormation! http://bit.ly/D3T3cT
31.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Top best practices: Network protection Amazon CloudFront + AWS WAF Amazon VPC and security groups Private connectivity - VPC peering, VPN, AWS Direct Connect Service endpoints Enforce service level permission
32.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Network protection Bucket Instances Region VPC Users https://amzn.to/2PbHOpz WAF Automation www.example.com
33.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Top best practices: Apply security at all layers Harden operating systems & defaults Use anti-malware + intrusion detection Scan infrastructure Scan code Patch vulnerabilities
34.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: compute protection
35.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Scan vulnerabilities Scan instances with Amazon Inspector https://amzn.to/2DT9jyg Scan code in the pipeline Dependency Check: http://bit.ly/2SPzUAp Testing OWASP Zap: http://bit.ly/2yWwzqN
36.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Serverless • Authorization and authentication – API Gateway • Enforce boundaries - AWS services & network • Input validation • Protect sensitive data
37.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Top best practices: Automate security best practices Template infra: AWS CloudFormation / AWS SAM Automate build and test AWS Config rules for verification Automate response to non-compliance Automate response to events
38.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Automate management Automation Patch manager State manager https://amzn.to/2AaOwSg https://amzn.to/2DSTLdK https://amzn.to/2Qihzxm
39.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Automate checks Config Rules
40.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Top best practices: Protect data Encryption mechanisms are enforced Verify accessibility of data, e.g. Amazon S3 & EBS Consider AWS Certificate Manager Consider tokenization to substitute sensitive data Data segmentation and isolation
41.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Classify your data • Start classifying data based on sensitivity • Use resource tags to help define the policy Amazon Macie discover, classify, and protect sensitive data in AWS IAM control: http://bit.ly/IAMctrlTAG
42.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Keep people away from data Dashboards for users Tools for administrators
43.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Top best practices: Incident response Prepare for different scenarios Pre-deploy tools using automation Pre-provision access for response teams Practice responding through game days Continuously improve your processes
44.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Run incident response game day 1. Schedule a four to eight hour block 2. Find a prize (bribery) 3. Supply food & beverages 4. Pick relevant scenarios from: https://amzn.to/2PetNro 5. Create a runbook 6. Practice 7. Have fun!
45.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. How to: Simple run book Event description [Attack Type] [Attack Description] Data to gather for troubleshooting [Evaluation of current data] Steps to troubleshoot and fix [Contain / impact / recovery / forensics] Urgency category [Critical, Important, moderate, informational] Communications & escalation
46.
47.
© 2018, Amazon
Web Services, Inc. or its affiliates. All rights reserved. © 2019, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Take action! CAF: aws.amazon.com/professional-services/CAF/ W-A: aws.amazon.com/well-architected W-A Labs: http://bit.ly/AWSWALabs AWS sec twitter: @AWSSecurityInfo AWS sec blog: https://aws.amazon.com/blogs/security/
Télécharger maintenant