Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

Cloud Security Monitoring at Auth0 - Security BSides Seattle

338 vues

Publié le

The slides from Eugene Kogan's talk on cloud security monitoring at Auth0, presented at Security BSides Seattle, 2017. More details at our blog: https://auth0.engineering/cloud-security-monitoring-at-auth0-ff5e87ad1141

Publié dans : Logiciels
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

Cloud Security Monitoring at Auth0 - Security BSides Seattle

  1. 1. Cloud Security Monitoring Security BSides Seattle Eugene Kogan - @eugk - February 4, 2017 (for startups, mostly)
  2. 2. 1. Who 2. Why 3. What 4. How 5. When
  3. 3. 1. Who
  4. 4. CloudSecurityAlliance.org
  5. 5. 2. Why
  6. 6. 3. What
  7. 7. –President Ronald Reagan Trust, but verify.
  8. 8. Awareness Visualization Misuse detection Change detection Incident detection Incident response
  9. 9. Splunk Graylog Elastic Stack Loggly Logentries Fluentd Sumo Logic AWS G Suite Dropbox GitHub GitLab Slack Zendesk Salesforce Jenkins Syslog Webhooks
  10. 10. 4. How
  11. 11. _sourceCategory=cloudtrail_aws_logs* | json auto | where event_name matches "*Trail" or event_name matches "StartLogging" or event_name matches "StopLogging" | lookup awsaccountname from /shared/ awsaccounts on recipient_account_id = awsaccountid | count as count by event_name, recipient_account_id, awsaccountname, user_name, principle_id, accesskey_id
  12. 12. github.com/auth0/audit-droid
  13. 13. github.com/a2o/snoopy
  14. 14. github.com/nccgroup/Scout2
  15. 15. 5. When
  16. 16. You should be doing cloud security monitoring today.
  17. 17. Action items Know which cloud services your organization uses Have a modern platform for collection, analysis, alerting Collect the right data from cloud and internal systems Use this data wisely Ensure your staff has the right skills to do all of the above
  18. 18. The end 🖖 auth0.engineering/tagged/security twitter.com/eugk

×