Soumettre la recherche
Mettre en ligne
Meetup Protect from Ransomware Attacks
•
0 j'aime
•
120 vues
C
CloudHesive
Suivre
Meetup Protect from Ransomware Attacks
Lire moins
Lire la suite
Technologie
Signaler
Partager
Signaler
Partager
1 sur 30
Télécharger maintenant
Télécharger pour lire hors ligne
Recommandé
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud Migration
CloudHesive
AWS Control Tower
AWS Control Tower
CloudHesive
5 Steps for Preventing Ransomware
5 Steps for Preventing Ransomware
RapidSSLOnline.com
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
Amazon Web Services
Aws security best practices
Aws security best practices
Sundeep Roxx
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's Perspective
Jason Chan
Intro to AWS Security
Intro to AWS Security
Amazon Web Services
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
Amazon Web Services
Recommandé
Best Practices in Secure Cloud Migration
Best Practices in Secure Cloud Migration
CloudHesive
AWS Control Tower
AWS Control Tower
CloudHesive
5 Steps for Preventing Ransomware
5 Steps for Preventing Ransomware
RapidSSLOnline.com
Journey Through the Cloud - Security Best Practices on AWS
Journey Through the Cloud - Security Best Practices on AWS
Amazon Web Services
Aws security best practices
Aws security best practices
Sundeep Roxx
AWS Security: A Practitioner's Perspective
AWS Security: A Practitioner's Perspective
Jason Chan
Intro to AWS Security
Intro to AWS Security
Amazon Web Services
Managing Security with AWS | AWS Public Sector Summit 2017
Managing Security with AWS | AWS Public Sector Summit 2017
Amazon Web Services
AWS Security Webinar: The Key to Effective Cloud Encryption
AWS Security Webinar: The Key to Effective Cloud Encryption
Amazon Web Services
AWS_Security_Essentials
AWS_Security_Essentials
Amazon Web Services
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
Amazon Web Services
Information Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
East Midlands Cyber Security Forum
Practical Steps to Hack-Proofing AWS
Practical Steps to Hack-Proofing AWS
Amazon Web Services
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
Amazon Web Services
Aws
Aws
AhamedBashaN
5 minutes on security
5 minutes on security
CloudHesive
Understanding AWS Security
Understanding AWS Security
Amazon Web Services
AWS Cloud Security
AWS Cloud Security
AWS Riyadh User Group
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat Response
Amazon Web Services
AWS Shared Security Model in Practice
AWS Shared Security Model in Practice
Alert Logic
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”
Amazon Web Services
Best Practices for Security at Scale
Best Practices for Security at Scale
Amazon Web Services
AWS Security Architecture - Overview
AWS Security Architecture - Overview
Sai Kesavamatham
Building Secure Services using Containers
Building Secure Services using Containers
Amazon Web Services
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
Amazon Web Services
Network Security and Access Control within AWS
Network Security and Access Control within AWS
Amazon Web Services
Building a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with Puppet
Tim Nolet
AWS Security Fundamentals
AWS Security Fundamentals
Amazon Web Services
Introduction to AWS Security
Introduction to AWS Security
Amazon Web Services
Introduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF Loft
Amazon Web Services
Contenu connexe
Tendances
AWS Security Webinar: The Key to Effective Cloud Encryption
AWS Security Webinar: The Key to Effective Cloud Encryption
Amazon Web Services
AWS_Security_Essentials
AWS_Security_Essentials
Amazon Web Services
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
Amazon Web Services
Information Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
East Midlands Cyber Security Forum
Practical Steps to Hack-Proofing AWS
Practical Steps to Hack-Proofing AWS
Amazon Web Services
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
Amazon Web Services
Aws
Aws
AhamedBashaN
5 minutes on security
5 minutes on security
CloudHesive
Understanding AWS Security
Understanding AWS Security
Amazon Web Services
AWS Cloud Security
AWS Cloud Security
AWS Riyadh User Group
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat Response
Amazon Web Services
AWS Shared Security Model in Practice
AWS Shared Security Model in Practice
Alert Logic
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”
Amazon Web Services
Best Practices for Security at Scale
Best Practices for Security at Scale
Amazon Web Services
AWS Security Architecture - Overview
AWS Security Architecture - Overview
Sai Kesavamatham
Building Secure Services using Containers
Building Secure Services using Containers
Amazon Web Services
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
Amazon Web Services
Network Security and Access Control within AWS
Network Security and Access Control within AWS
Amazon Web Services
Building a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with Puppet
Tim Nolet
AWS Security Fundamentals
AWS Security Fundamentals
Amazon Web Services
Tendances
(20)
AWS Security Webinar: The Key to Effective Cloud Encryption
AWS Security Webinar: The Key to Effective Cloud Encryption
AWS_Security_Essentials
AWS_Security_Essentials
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013
Information Security in AWS - Dave Walker
Information Security in AWS - Dave Walker
Practical Steps to Hack-Proofing AWS
Practical Steps to Hack-Proofing AWS
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
AWS 201 - A Walk through the AWS Cloud: AWS Security Best Practices
Aws
Aws
5 minutes on security
5 minutes on security
Understanding AWS Security
Understanding AWS Security
AWS Cloud Security
AWS Cloud Security
Incident Response: Preparing and Simulating Threat Response
Incident Response: Preparing and Simulating Threat Response
AWS Shared Security Model in Practice
AWS Shared Security Model in Practice
AWS Security Overview and “What’s New”
AWS Security Overview and “What’s New”
Best Practices for Security at Scale
Best Practices for Security at Scale
AWS Security Architecture - Overview
AWS Security Architecture - Overview
Building Secure Services using Containers
Building Secure Services using Containers
The 2014 AWS Enterprise Summit - Understanding AWS Security
The 2014 AWS Enterprise Summit - Understanding AWS Security
Network Security and Access Control within AWS
Network Security and Access Control within AWS
Building a Hyper Secure VPC on AWS with Puppet
Building a Hyper Secure VPC on AWS with Puppet
AWS Security Fundamentals
AWS Security Fundamentals
Similaire à Meetup Protect from Ransomware Attacks
Introduction to AWS Security
Introduction to AWS Security
Amazon Web Services
Introduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF Loft
Amazon Web Services
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
Brian Andrzejewski
Security@Scale
Security@Scale
Amazon Web Services
Introduction to AWS Security
Introduction to AWS Security
Amazon Web Services
Introduction to AWS Security
Introduction to AWS Security
Amazon Web Services
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...
himanipatel524244
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
Amazon Web Services
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Amazon Web Services
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWS
Amazon Web Services
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
Dennis Traub
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Amazon Web Services
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Alert Logic
Protecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and Features
Amazon Web Services
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & Remediation
Amazon Web Services
SEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) Scale
Amazon Web Services
Protecting Your Data
Protecting Your Data
Amazon Web Services
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Alert Logic
How Redlock Automates Security on AWS
How Redlock Automates Security on AWS
Amazon Web Services
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...
Amazon Web Services
Similaire à Meetup Protect from Ransomware Attacks
(20)
Introduction to AWS Security
Introduction to AWS Security
Introduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF Loft
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
AWS reInforce 2021: TDR202 - Lessons learned from the front lines of Incident...
Security@Scale
Security@Scale
Introduction to AWS Security
Introduction to AWS Security
Introduction to AWS Security
Introduction to AWS Security
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...
awsomedaymodules14gettingstartedwithaws161013161135convertedpptx__2022_01_10_...
Intro to Threat Detection and Remediation on AWS
Intro to Threat Detection and Remediation on AWS
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWS
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
Build a Java Spring Application on Amazon ECS - CON332 - re:Invent 2017
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
Protecting Your Data- AWS Security Tools and Features
Protecting Your Data- AWS Security Tools and Features
AWS Security Week: Intro To Threat Detection & Remediation
AWS Security Week: Intro To Threat Detection & Remediation
SEC301 Security @ (Cloud) Scale
SEC301 Security @ (Cloud) Scale
Protecting Your Data
Protecting Your Data
The AWS Shared Responsibility Model in Practice
The AWS Shared Responsibility Model in Practice
How Redlock Automates Security on AWS
How Redlock Automates Security on AWS
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...
Build a Hybrid Cloud Architecture Using AWS Landing Zones (ENT304-R1) - AWS r...
Plus de CloudHesive
Serverless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of Florida
CloudHesive
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
CloudHesive
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
CloudHesive
Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...
CloudHesive
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
CloudHesive
ConnectPath Introduction
ConnectPath Introduction
CloudHesive
Modernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdf
CloudHesive
Modernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdf
CloudHesive
End User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptx
CloudHesive
Analytics at CloudHesive
Analytics at CloudHesive
CloudHesive
Supporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo Logic
CloudHesive
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
CloudHesive
Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations
CloudHesive
reInvent reCap 2022
reInvent reCap 2022
CloudHesive
Serverless without Code (Lambda)
Serverless without Code (Lambda)
CloudHesive
AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)
CloudHesive
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition Meetup
CloudHesive
Security on AWS
Security on AWS
CloudHesive
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
CloudHesive
Amazon Connect Bootcamp
Amazon Connect Bootcamp
CloudHesive
Plus de CloudHesive
(20)
Serverless Generative AI on AWS, AWS User Groups of Florida
Serverless Generative AI on AWS, AWS User Groups of Florida
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Amazon Connect & AI - Shaping the Future of Customer Interactions - GenAI and...
Accelerating Business and Research Through Automation and Artificial Intellig...
Accelerating Business and Research Through Automation and Artificial Intellig...
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
Amazon Connect Rethink Your Contact Center with CloudHesive.pptx
ConnectPath Introduction
ConnectPath Introduction
Modernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX v2.pdf
Modernize your contact center with ConnectPath CX — Chart.pdf
Modernize your contact center with ConnectPath CX — Chart.pdf
End User Computing at CloudHesive.pptx
End User Computing at CloudHesive.pptx
Analytics at CloudHesive
Analytics at CloudHesive
Supporting your CMMC initiatives with Sumo Logic
Supporting your CMMC initiatives with Sumo Logic
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Best Practices and Resources to Effectively Manage and Optimize Your AWS Costs
Serverless data and analytics on AWS for operations
Serverless data and analytics on AWS for operations
reInvent reCap 2022
reInvent reCap 2022
Serverless without Code (Lambda)
Serverless without Code (Lambda)
AWS Advanced Analytics Automation Toolkit (AAA)
AWS Advanced Analytics Automation Toolkit (AAA)
Security on AWS, 2021 Edition Meetup
Security on AWS, 2021 Edition Meetup
Security on AWS
Security on AWS
NIST Cybersecurity Framework (CSF) on the Public Cloud
NIST Cybersecurity Framework (CSF) on the Public Cloud
Amazon Connect Bootcamp
Amazon Connect Bootcamp
Dernier
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Katpro Technologies
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
The Digital Insurer
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
Radu Cotescu
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
Gabriella Davis
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Results
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
Antenna Manufacturer Coco
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
RTylerCroy
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
debabhi2
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
ThousandEyes
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
wesley chun
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
Dernier
(20)
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Powerful Google developer tools for immediate impact! (2023-24 C)
Powerful Google developer tools for immediate impact! (2023-24 C)
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
How to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Meetup Protect from Ransomware Attacks
1.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Mike P., Solutions Architect Eduardo Lovera, Solutions Architect August 17, 2021 Ransomware Protecting and Recovering
2.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Agenda • What is Ransomware? • AWS and Provable Security • Protection and Recovery • Amazon GuardDuty • Amazon Detective • AWS Backup • Q&A
3.
© 2021, Amazon
Web Services, Inc. or its Affiliates. What is Ransomware?
4.
© 2021, Amazon
Web Services, Inc. or its Affiliates. 1989 The first known ransomware, the 1989 AIDS Trojan is written. Multiple variants on multiple platforms are causing damage. 2015 A ransomware worm based on the Stamp.Ek exploit kit surfaces and a Mac OS X-specific ransomware worm arrives on the scene. CryptoLocker rakes in $5 million in the last four months of the year. 2013 A ransomware worm imitating the Windows Product Activation notice appears. 2011 By mid-2006, worms such as Gpcode, TROJ.RANSOM.A, Archiveus, Krotten, Cryzip and May Archive start using more sophisticated RSA Encryption. 2006 In May, extortion ransomware appears. 2005 Ransomware evolution
5.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Ransomware – From minor annoyance to BIG business Annoyance Disruption Extortion
6.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Does not encrypt files; it locks the victim out of their device, preventing them from using it. Once they are locked out, cybercriminals demand a ransom to unlock the device. Locker Ransomware Crypto Ransomware Encrypts valuable files on a computer so that the user cannot access them; attackers make money by demanding victims pay a ransom to get their files back. Main types of ransomware
7.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Why has ransomware been effective?
8.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Concrete examples of customer security events Diverse initial vectors and impacts • Exploit based • Active Directory lateral movement • Database vector • AWS Credential vector • S3 bucket ransom • Threats of resource deletion
9.
© 2021, Amazon
Web Services, Inc. or its Affiliates. AWS and Provable Security
10.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Shared responsibility model AWS Security OF the Cloud AWS is responsible for protecting the infrastructure that runs all of the services offered in the AWS Cloud Security IN the Cloud Customer responsibility will be determined by the AWS Cloud services that a customer selects Customer
11.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Principle of least privilege Storage Development & Management Tools Content Delivery Analytics Compute Messaging Database App Services Mobile Payments Networking On-Demand Workforce VPC Securely control individual And group access to your AWS resources User IAM
12.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Segment Amazon Virtual Private Clouds
13.
© 2021, Amazon
Web Services, Inc. or its Affiliates. But how do you know proactively that you are prepared? Not enough time, resources, money, or know-how . . .
14.
© 2021, Amazon
Web Services, Inc. or its Affiliates. 1. Inventory 2. Vulnerability management 3. Policy enforcement 4. Integrity monitoring 5. Logging and baselining 6. Backups 7. Secure storage 8. Network protection 9. Blocklisting
15.
© 2021, Amazon
Web Services, Inc. or its Affiliates. What is the NIST Cybersecurity Framework? Executive Order Presidential Executive Order 13636, “Improving Critical Infrastructure Cybersecurity,” charges NIST in Feb. 2013 Legislation Cybersecurity Enhancement Act of 2014 reinforced the legitimacy and authority of the CSF by codifying it and its voluntary adoption into law 15 In February 2014, the National Institute of Standards and Technology (NIST) published the “Framework for Improving Critical Infrastructure Cybersecurity” (or CSF), a voluntary framework to help organizations of any size and sector improve the cybersecurity, risk management, and resilience of their systems. Originally intended for critical infrastructure, but broader applicability across all organization types. Executive Order Presidential EO 13800, “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure” mandates the use of CSF for all federal IT
16.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Identify Which workloads are critical for recovery? Recover Set up your ability to recover Protect, Detect, and Respond Implement best security practices to prevent an attack Aligning to AWS services
17.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Protection and Recovery
18.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Map Services/Solutions to the NIST CSF Identify – AWS Systems Manager Inventory, Config Protect – Network Segmentation, IAM, SCP, Federate Access, AWS Systems Manager Patch Manager, Control Tower Detect – Inspector, Security Hub, GuardDuty, Security Assessment Solution Respond – Detective, ProServe Security Gameday, Incident Response Plan Recover – Backup, S3 Cross-Region Replication/Glacier, CloudEndure Identify Protect Detect Respond Recover
19.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Detect Detect AWS Security Hub Amazon Inspector Amazon GuardDuty Self Assessment Tool AWS Well- Architected Framework
20.
© 2021, Amazon
Web Services, Inc. or its Affiliates. What is Amazon GuardDuty? Amazon GuardDuty is a threat detection service that uses machine learning, anomaly detection, and integrated threat intelligence to identify and prioritize potential threats. Protects AWS accounts, workloads, and data stored in S3. Identify malicious & highly suspicious activity
21.
© 2021, Amazon
Web Services, Inc. or its Affiliates. How Amazon GuardDuty works? VPC flow logs DNS Logs CloudTrail Events Findings Data Sources Threat intelligence Anomaly Detection (ML) AWS Security Hub CloudWatch Event Finding Types Examples Bitcoin Mining C&C Activity Unusual User behavior Example: • Launch instance • Change Network Permissions Amazon GuardDuty Threat Detection Types HIGH MEDIUM LOW Unusual traffic patterns Example: • Unusual ports and volume Amazon Detective S3 Data Plane Events
22.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Respond Respond Amazon Detective AWS Security Hub AWS Professional Services
23.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Amazon Detective Analyze and visualize security data to rapidly get to the root cause of potential security issues.
24.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Hosted Service: Automated data collection, synthesis, analysis AWS Amazon Detective Findings Telemetry Enrichment Role User Instance IP Address Bucket Behavior & Baselines Behavior Graph Analytics & Insights Data & context S3 data storage How Amazon Amazon Detective works?
25.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Recover Recover AWS Storage Gateway CloudEndure Disaster Recovery Amazon S3 Glacier Amazon Simple Storage Service AWS Backup
26.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Introducing AWS Backup Amazon EFS Amazon EBS Amazon RDS Amazon DynamoDB AWS Storage Gateway AWS Backup A fully managed, policy- based backup service that makes it easy to centrally manage and automate the backup of data across AWS services Amazon Aurora Amazon EC2 FSx for Lustre FSx for Windows
27.
© 2021, Amazon
Web Services, Inc. or its Affiliates. DR & Ransomware Recovery with AWS Backup Vault characteristics: • Backups are highly efficient incremental forever • Backup copies cannot be changed or encrypted • Manage with vault specific CMK/KMS best practices • Air-gapped backups using vault access policies • Prescriptive guidance for vault account access provided AWS Backup Recovery options: • Supports 1-to-many, many-to- many, many-to-1, etc. • Recover from same account locally or from across region • Recover from cross-account locally or across region • Recover from RPOs that are hours, days, weeks or months old • Simple workflow to apply any forensic analysis Build an Isolated Backup Vault
28.
© 2021, Amazon
Web Services, Inc. or its Affiliates. So what do I do? Categorize applications into criticality Align to a security framework Test your incident response plan Test your backups Use AWS services to implement provable security / resiliency Meet with AWS to do a deep dive on your mitigation strategy for ransomware.
29.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Q&A Mike P. Eduardo Lovera
30.
© 2021, Amazon
Web Services, Inc. or its Affiliates. Mike P. preirmi@amazon.com AWS Solutions Architect Thank you Eduardo Lovera edulover@amazon.com AWS Solutions Architect
Télécharger maintenant