Contenu connexe Similaire à The AWS Philosophy of Security - SID322 - re:Invent 2017 (20) Plus de Amazon Web Services (20) The AWS Philosophy of Security - SID322 - re:Invent 20171. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
N o v e m b e r 3 0 , 2 0 1 7
The AWS Philosophy of Security
SID322
Eric Brandwine, AWS VP and Distinguished Engineer
2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Some Context
3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
How Do You Do Security?
'Cause I want to security, too!
4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Is This System Secure?
?
5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security Is Easy…
6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Usable Security Though…
7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
It is the goal of every security
organization to build a system that,
over time, maximizes the delivered
customer value while minimizing
the cost of that delivery.
8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Rejected Takeoff
6
19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
A List
No pre-flight checklist
No abort when they spot the lock warning light
No abort when they can't throttle up
Use of the auto throttle to attempt to throttle up
FPSOV pulled despite not being on any procedure
21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The boss will be angry because we have
to abort takeoff. That means we will be
late, and might even miss our clearance
window and be even later.
Maybe we will all die.
or
22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
A review of data from the airplane’s quick
access recorder revealed that the pilots
had neglected to perform complete flight
control checks before 98% of their
previous 175 takeoffs in the airplane,
indicating that this oversight was habitual
and not an anomaly.
23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
“The gradual process through which
unacceptable practice or standards
become acceptable. As the deviant
behavior is repeated without
catastrophic results, it becomes the
social norm for the organization.”
24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
http://science.ksc.nasa.gov/shuttle/missions/
51-l/docs/rogers-commission/Appendix-F.txt
26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
That's how we've always done it.
Nothing bad has ever happened.
I don't think that's how
{humanity/society/the internet} works.
27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Democracy is the worst
form of government,
except for all the others.
—Winston Churchill
29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Humans are the worst
way to put together a
security team, except for
all the others.
—not Winston Churchill
30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What's a Security Guy to Do?
• Calibrate objectively
• Invite (appropriate) outside scrutiny
• Account for the humans in your system
• Service teams
• The Security team
• Customers
• Adversaries
• You
31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Some
Lots
Many
32. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
"Security and operational
excellence are job zero."
33. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Escalate!
34. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Ownership
Leaders are owners. They think long term and don’t
sacrifice long-term value for short-term results. They act
on behalf of the entire company, beyond just their own
team. They never say, “that’s not my job."
35. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Earn Trust
Leaders listen attentively, speak candidly, and treat
others respectfully. They are vocally self-critical, even
when doing so is awkward or embarrassing. Leaders do
not believe their or their team’s body odor smells of
perfume. They benchmark themselves and their teams
against the best.
36. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Customer Obsession
Leaders start with the customer and work backwards.
They work vigorously to earn and keep customer trust.
Although leaders pay attention to competitors, they
obsess over customers.
37. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Measure Everything
and
Report On It
38. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The primary virtue of the programmer is laziness.
—not quite Larry Wall
“Good intentions never work, you need good
mechanisms to make anything happen.”
—Jeff Bezos
39. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
0
10
20
30
40
50
60
0-30 30-60 60-90 90+
NumberofReviews
Days Stale
AppSec Review Staleness
40. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
41. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Insist On the Highest Standards
Leaders have relentlessly high standards—many people
may think these standards are unreasonably high.
Leaders are continually raising the bar and driving their
teams to deliver high quality products, services, and
processes. Leaders ensure that defects do not get sent
down the line and that problems are fixed so they stay
fixed.
42. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Measure Everything
and
Report On It
and
Take an SLA
43. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
44. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
It is the goal of every security
organization to build a system that,
over time, maximizes the delivered
customer value while minimizing
the cost of that delivery.
45. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Security
Time
Lots
46. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Least Privilege
=
Maximum Effort
47. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Prevention
Analysis Response
Detection
48. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
… even well-meaning gatekeepers slow
innovation. When a platform is self-service, even
the improbable ideas can get tried, because
there’s no expert gatekeeper ready to say “that
will never work!” And guess what—many of
those improbable ideas do work, and society is
the beneficiary of that diversity.
49. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Prevention
Analysis Response
Detection
50. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
What Should I Automate?
?
51. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Is Your System Real-Time?
Maybe?
52. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Prevention
Analysis Response
Detection
53. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
“The gradual process through which
unacceptable practice or standards
become acceptable. As the deviant
behavior is repeated without
catastrophic results, it becomes the
social norm for the organization.”
54. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Action Items
Do the thing you signed up to do 12/31/2017
55. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Action Items
Do the thing you signed up to do 12/31/2017
56. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Action Items
Do the thing you signed up to do 1/5/2018
57. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Action Items
Do the thing you signed up to do 1/5/2018
1/3/2018
58. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Action Items
Do the thing you signed up to do 1/5/2018
12/5/2017
11/5/2017
10/5/2017
9/5/2017
59. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Action Items
Do the thing you signed up to do 1/5/2018
7/5/2017
60. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
The Short Version
• Humans are weird
• Account for them, you can't patch them
• Security is everyone's job
• Saying it doesn't make it true
• Measure objectively
• Security is all about efficiency
• Guard your resources, especially your humans
61. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved.
Thank you!