AWS Security Week | Getting to Continuous Security and Compliance Monitoring on AWS

Securing aws workloads with embedded application security

AWS Security Strategy

Teri Radichel

Native cloud security monitoring

Automated Intrusion Detection and Response on AWS

Teri Radichel

Of CORS thats a thing how CORS in the cloud still kills security

Using Splunk/ELK for auditing AWS/GCP/Azure security posture

Jose Hernandez

EKS security best practices

Serverless means handing off server management to the cloud platforms – along with their security risks. With the “pros” ensuring our servers are patched, what’s left for application owners to protect? As it turns out, quite a lot. This talk discusses the aspects of security serverless doesn’t solve, the problems it could make worse, and the tools and practices you can use to keep yourself safe. Required audience experience Basic knowledge of how FaaS and Serverless works Objective of the talk As many companies explore the world of serverless, it’s important they understand the aspects of security this new world helps them with, and the ones they need to care more about. This talk will provide a framework to understand how to prioritise and approach security for Serverless apps.

Are You Ready for a Cloud Pentest?

Teri Radichel

Serverless Security: What's Left To Protect

Guy Podjarny

Policy as code what helm developers need to know about security

LibbySchulze

AWS live hack: Docker + Snyk Container on AWS

Eric Smalling

Speaker: Cheryl Biswas Cloud. It's the land of opportunity. Enterprises are doing mass migrations from older and legacy systems to harness greater power and efficiency from innovative new tech. Following that money trail are opportunistic attackers, seeking the computing strength and near-invisibility afforded by enterprise cloud environments to mine bitcoin. Cryptominers are everywhere. And yes, Virginia, they are in the Cloud. These nebulous power-rich realms let attackers set up mining rigs to feast on enterprise resources, while flying below the detection of cloud or conventional security resources. The concern here is that once attackers gain access to our networks, they can pivot and move laterally, to find even greater reward in the vast amounts of data available.

Mining Malevolence: Cryptominers in the Cloud

MozDef Workshop slide

The cloud is compelling and in many cases necessary for organizations to effectively operate. Cloud security, on the other hand, is not as clear. Many cloud services need a hook into the on-premises environment in order to synchronize users and groups. Additionally, cloud security controls vary by the provider in availability, capability, and cost. This results in a disjointed view of user authentication, security, and potential configuration issues. This talk explores some common cloud configuration scenarios and associated security issues.

Keynote - Cloudy Vision: How Cloud Integration Complicates Security

Speaker 1: Ashwin Vamshi Speaker 2: Abhinav Singh Cloud services are built for increased collaboration and productivity, and provide capabilities like auto sync and API level communication. This has led enterprises to exclusively use SaaS, PaaS and IaaS services for storing and sharing critical and confidential data. End users as well as security products tend to place implicit trust in cloud vendors such as Microsoft, AWS, Google, and SaaS app vendors such as Box, Salesforce, DropBox. As a result, cybercriminals have started launching their attacks from these trusted cloud services. This talk will focus on how attackers are abusing these trusted cloud services to create Phishing attacks that are highly effective and hard to detect.

Phishing in the cloud era

The programmability of the cloud has revolutionized infrastructure deployments at scale and, at the same time, has enabled the automation of both the attack and defense of these deployments. In this talk, I will discuss the open-source tools and the techniques that my organization has used to scale security in the cloud to keep pace with our deployments. I’ll also cover how we’ve used automation to adapt security processes to cloud strategies such as immutable servers. Some topics include: temporal leasing of API access keys and database credentials, automation of patching groups and scans, and automated enforcement of configuration policy.

Scaling Security in the Cloud With Open Source

Protecting serverless is a new topic. This presentation aims at showing what new security challenges it brings, and how CISO and security teams should approach it. The serverless space evolves fast and there is no convergence on best practices yet. The switch to a serverless architecture involves several changes, for instance developers doing much more ops with serverless, deploying 20 times more services than previously...

Serverless security - how to protect what you don't see?

Sqreen

The multitude of security controls and guidelines for both Kubernetes and Azure can be overwhelming. Based on real-life experiences from securing web applications running on Azure Kubernetes Service, Karl has compiled a list of best practices that bring them together. In this session, you will learn how to build, operate and develop secure web applications on top of Azure Kubernetes Service. After this session, you will know which security controls are available, how effective they are and what will be the cost of implementing them.

TechDays Finland 2020: Best practices of securing web applications running on...

Karl Ots

Slides from my talk at ServerlessConf NYC 2017. The talk will cover the various aspects of reducing the attack surface on serverless applications with an emphasis on maintaining least privileged access. I’ll cover the possible ways for attackers to leverage an overly permissive application and what might be the impacts of such attempts. In the talk, I’ll present a demo of an open source tool which can help you maintain least privileged roles and policies for your Lambda functions and reduce the overall attack surface on your serverless application.

Serverless - minimizing the attack surface

Avi Shulman

Tendances (20)

Lacework for AWS Security Overview

Securing aws workloads with embedded application security

AWS Security Strategy

Native cloud security monitoring

Automated Intrusion Detection and Response on AWS

Of CORS thats a thing how CORS in the cloud still kills security

Using Splunk/ELK for auditing AWS/GCP/Azure security posture

EKS security best practices

Are You Ready for a Cloud Pentest?

Serverless Security: What's Left To Protect

Policy as code what helm developers need to know about security

AWS live hack: Docker + Snyk Container on AWS

Mining Malevolence: Cryptominers in the Cloud

MozDef Workshop slide

Keynote - Cloudy Vision: How Cloud Integration Complicates Security

Phishing in the cloud era

Scaling Security in the Cloud With Open Source

Serverless security - how to protect what you don't see?

TechDays Finland 2020: Best practices of securing web applications running on...

Serverless - minimizing the attack surface

Similaire à AWS Security Week | Getting to Continuous Security and Compliance Monitoring on AWS

Customers using AWS benefit from over 1,800 security and compliance controls built into the AWS platform and operations. In this session, you will learn how to take advantage of the advanced security features of the AWS platform to gain the visibility, agility, and control needed to be more secure in the cloud than in legacy environments. We will take a look at innovative ways customers are using AWS to manage security more efficiently. After attending this session, you will be familiar with the shared security responsibility model and ways you can inherit security controls from the rich compliance and accreditation programs maintained by AWS. Learn More: https://aws.amazon.com/government-education/

Managing Security with AWS | AWS Public Sector Summit 2017

by Michael St. Onge, Global Cloud Security Architect, AWS Join us for this hands-on lab where you will learn about the new service Amazon GuardDuty by walking through its capabilities and some real-world attack scenarios. You will need an AWS account to do the lab. This should be your own personal account and not an account through your company given the activity in the lab. AWS Credits will be provided to help cover any costs incurred in the lab. Level 300

Amazon GuardDuty Lab

Addressing public cloud security and compliance is overwhelming given the lack of visibility and monitoring security teams have over their assets in the cloud. This problem is further compounded given the cloud’s benefits of speed and scale and that legacy security tools simply can’t keep pace. Alarmingly, Gartner predicts that through 2022, at least 95 percent of cloud security failures will be the fault of the customer. Join us for a live webinar with Dan Hubbard, Chief Product Officer at Lacework on how to overcome the challenges of protecting your cloud and how to automate security and compliance across AWS, Azure, and GCP, including: Where traditional security falls short and common threats start Why end-to-end visibility is critical across all of your cloud environments How to scale compliance and audit control as your cloud footprint expands What to consider when securing workloads and containers

How to Kickstart Security and Compliance for Your AWS, Azure, and GCP Clouds

SBWebinars

Cloud security best practices in AWS by: Ankit Giri

OWASP Delhi

선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...

Amazon Web Services Korea

Secure your critical workload on AWS

by Brad Dispensa, Sr. Solutions Architect, AWS Operating a security practice on AWS brings many new challenges that haven't been faced in data center environments. The dynamic nature of infrastructure, the relationship between development team members and their applications, and the architecture paradigms have all changed as a result of building software on top of AWS. In this session we will cover how you can use secure configuration and automation to monitor, audit, and enforce your security policies within an AWS environment. Level 200

Secure Configuration and Automation Overview

The Ultimate Guide for Cloud Penetration Testing. Cloud penetration testing is an artificial attack that is launched by a known ethical hacker in the disguise of a potential hacker just to check the number of vulnerabilities, threats, and loopholes in a particular cloud provider that can sincerely pass on any backdoor access to the real-time hackers and weaken the security posture of the organization.

The Ultimate Guide For Cloud Penetration Testing.pdf

Craw Cyber Security

Security must be the number one priority for any cloud provider and that's no different for AWS. Stephen Schmidt, vice president and chief information officer for AWS, will share his insights into cloud security and how AWS meets the needs of today's IT security challenges. Stephen, with his background with the FBI and his work with AWS customers in the government and space exploration, research, and financial services organizations, shares an industry perspective that's unique and invaluable for today's IT decision makers. At the conclusion of this session, Stephen also provides a brief summary of the other sessions available to you in the security track.

AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013

Building an Automated Security Fabric in AWS

Many organizations struggle daily with the question - "Where do we stand with our AWS security practices?" With the recent release of the Center for Internet Security's CIS AWS Foundations Benchmark, organizations now have an industry-accepted set of security configuration best practices. These benchmarks, in combination with 3rd party security solutions that support them, can form the foundation for security operations at organizations of all sizes through continuous monitoring and auditing.

Wrangling Security & Identity across 99+ AWS Accounts

Andrew Bienert

Developing a Continuous Automated Approach to Cloud Security

Learn how to leverage AWS and security super friends like Trend Micro to create an impenetrable fortress for your AWS workloads, without hindering performance or agility. Join this session and learn three cloud security super powers that will help you thwart villains interested in your workloads. We will walk through three stories of Amazon EC2 security superheroes who saved the day by overcoming compliance and design challenges, using a (not so) secret arsenal of AWS and Trend Micro security tools. Join us to learn: • Design a workload-centric security architecture • Improve visibility of AWS-only or hybrid environments • Stop patching live instances but still prevent exploits

3 Secrets to Becoming a Cloud Security Superhero

In this session, we walk through what you need to do to be prepared to respond to security incidents in your AWS environments. We start off with planning best practices, move through the configurations that will help deliver protective and detective controls, then finally show you how you can improve your response capability. Learn how AWS Organizations, AWS Identity and Access Management (IAM), Amazon GuardDuty, AWS Security Hub, AWS Lambda, AWS WAF, AWS Systems Manager, and AWS Key Management Service (AWS KMS) can help take you from protect and detect to respond and recover.

AWS Security and SecOps

Shiva Narayanaswamy

How to prepare for & respond to security incidents in your AWS environment

Nathan Case

You automated your deployment, elasticized your workloads, and dynamically provisioned your fleet. What do you do next? Tackle automating your security needs using the latest capabilities in the cloud! There’s no single path to building an automated and continuous security architecture that works for every organization, but certain key principles and techniques are used by the early adopter cloud elite that give them distinct advantages. It's time to re-think your organization’s processes and behaviors to demonstrate the latest efficiencies in your security operations. In this webinar, learn how Intuit implements cloud security automation with Evident.io and other innovative cloud technologies. Join us to learn: • How security will be integrated into the overall processes of development and deployment. • How to tie security acceptance tests, a subset of your key security controls, right into the end of your functional testing process to promote builds with confidence at greater speed. • How to be successful with API-enabled, continuous security tools in the cloud. • How to operationalize security alarms, enabling world-class incident response and remediation capabilities.

Automating your AWS Security Operations

You automated your deployment, elasticized your workloads, and dynamically provisioned your fleet. What do you do next? Tackle automating your security needs using the latest capabilities in the cloud! There’s no single path to building an automated and continuous security architecture that works for every organization, but certain key principles and techniques are used by the early adopter cloud elite that give them distinct advantages. It's time to re-think your organization’s processes and behaviors to demonstrate the latest efficiencies in your security operations. In this webinar, learn how Intuit implements cloud security automation with Evident.io and other innovative cloud technologies. This slide deck covers: - How security will be integrated into the overall processes of development and deployment. - How to tie security acceptance tests, a subset of your key security controls, right into the end of your functional testing process to promote builds with confidence at greater speed. - How to be successful with API-enabled, continuous security tools in the cloud. - How to operationalize security alarms, enabling world-class incident response and remediation capabilities.

Automating your AWS Security Operations

Evident.io

Security in the Cloud - AWS Symposium 2014 - Washington D.C.

As delivered by Tim Mackey, Senior Technical Evangelist - Black Duck Software, at LinuxCon and ContainerCon in Berlin 2016. Traditionally, when datacenter operators talk about application security, they've tended to focus on issues related to key management, firewalls and data access. By contrast, application developers have a security focus which is more aligned with code analysis and fuzzing techniques. The reality is, secure application deployment principles extend from the infrastructure layer through the application and include how the application is deployed. With the prevalence of continuous deployment of micro-services, it’s imperative to focus efforts on what attackers’ view as vulnerable; particularly in an environment where new exploits are being disclosed almost daily. In this session we’ll present: • How known vulnerabilities can make their way into production deployments • How deployment of vulnerable code can be minimized • How to determine the vulnerability status of a container • How to determine the risk associated with a specific package

A Cloud Security Ghost Story Craig Balding

craigbalding

Secure Application Development in the Age of Continuous Delivery

Black Duck by Synopsys

Similaire à AWS Security Week | Getting to Continuous Security and Compliance Monitoring on AWS (20)

Managing Security with AWS | AWS Public Sector Summit 2017

Amazon GuardDuty Lab

How to Kickstart Security and Compliance for Your AWS, Azure, and GCP Clouds

Cloud security best practices in AWS by: Ankit Giri

선도 금융사들의 aws security 활용 방안 소개 :: Eugene Yu :: AWS Finance...

Secure your critical workload on AWS

Secure Configuration and Automation Overview

The Ultimate Guide For Cloud Penetration Testing.pdf

AWS Security – Keynote Address (SEC101) | AWS re:Invent 2013

Building an Automated Security Fabric in AWS

Wrangling Security & Identity across 99+ AWS Accounts

Developing a Continuous Automated Approach to Cloud Security

3 Secrets to Becoming a Cloud Security Superhero

AWS Security and SecOps

How to prepare for & respond to security incidents in your AWS environment

Automating your AWS Security Operations

Security in the Cloud - AWS Symposium 2014 - Washington D.C.

A Cloud Security Ghost Story Craig Balding

Secure Application Development in the Age of Continuous Delivery

Plus de Lacework

BSides Denver 2019 - Cloud Wars Episode V: The Cryptojacker Strikes Back

Batten Down the Hatches: A Practical Guide to Securing Kubernetes - RMISC 2019

Containers At-Risk: A Review of 21,000 Cloud Environments

Lacework Protection for AWS S3 Buckets

Guidebook Case Study

The reality of the risks of operating workloads in the cloud is highlighted in this research conducted by Lacework. In early June 2018, Lacework discovered more than 21,000 container orchestration and API management systems on the Internet, and these results highlight the potential for attack points caused by poorly configured resources, lack of credentials, and the use of non-secure protocols. This infographic provides an overview of our findings.

Container Security Research

Security for AWS: Journey to Least Privilege

Containers At-Risk A Review of 21,000 Cloud Environments