6. Mapping the nature of Cyber Security Attacks
6
Compromising User Credentials
• IAM – AWS Identity and Access
Management
• MFA – Multi Factor Authentication
• RBAC model – Role Based
Access Control
• Policies
• Security Tools
Note: Do not use Root Access Keys!
7. Mapping the nature of Cyber Security Attacks
7
Legitimate IT Tools – Harder to
Detect
• Anti – Malware is not enough.
Codes mutate faster than your
signatures
• Applications Whitelisting
• Hardening
• Patch All Things – Servers and
Clients!
8. Mapping the nature of Cyber Security Attacks
8
Rogue inside Network – Avg 8 months
• AWS VPC
• Security Groups
• Defense in Depth
• Intrusion Detection and
Prevention
9. Mapping the nature of Cyber Security Attacks
9
Data Breach = Financial Loss
Thieves can’t steal what you don’t
have – Data minimization :
• No single data vault
• Access “As Needed” basis
• Purge the data
• Encryption
11. Gold Mine of Mind
http://www.troyhunt.com/ - Developer Security – MVP and Pluralsight
Author
https://www.schneier.com/ - Schneier on Security – This is the guy the US
Congress calls on to explain the really important security stuff
https://community.rapid7.com – Rapid7 Community
http://blog.kloud.com.au/ - Any Cloud, Machine Learning, Identity,
Security, IoT, DevOps
http://www.erdalozkaya.com/ - MVP, Certified Hacker, Licensed PenTest
11
12. Q n A
Andreas Wasita – Kloud Solutions
Amit Deshmukh – Rapid7