SlideShare ist ein Scribd-Unternehmen logo

AWS Government Symposium 2015: Defending Workloads Against Vulnerabilities

Als PPTX, PDF herunterladen
Amazon Web Services
Amazon Web Services

This document summarizes a presentation about defending workloads from zero-day vulnerabilities. It discusses the traditional responsibility model where the customer is responsible for security up to the operating system layer. It then introduces AWS' shared responsibility model where AWS is responsible for security of the cloud infrastructure and the customer is responsible for security in the operating system and above. The presentation covers responding to the Shellshock bash vulnerability by reviewing network and security configurations, applying intrusion prevention, creating a new AMI with the patch, and implementing integrity monitoring. It emphasizes automating response workflows and instantiating from hardened AMIs to rapidly repair systems upon discovery of new vulnerabilities.

Technologie
1 von 50
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Defending your workloads against the next zero-day vulnerability Justin Foster @justin_foster CTO & GM, Cloud Workload Security Trend Micro ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved.
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 The Story More at aws.trendmicro.com 2012 re:Invent SPR203 : Cloud Security is a Shared Responsibility http://bit.ly/2012-spr203 2013 re:Invent SEC208: How to Meet Strict Security & Compliance Requirements in the Cloud http://bit.ly/2013-sec208 SEC307: How Trend Micro Build their Enterprise Security Offering on AWS http://bit.ly/2013-sec307 2014 re:Invent SEC313: Updating Security Operations for the Cloud http://bit.ly/2014-sec313 SEC314: Customer Perspectives on Implementing Security Controls with AWS http://bit.ly/2014-sec314
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Traditional Responsibility Model You Physical Infrastructure Network Virtualization Operating System Applications Data Service Configuration More at aws.amazon.com/security
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Shared Responsibility Model AWS Physical Infrastructure Network Virtualization You Operating System Applications Data Service Configuration More at aws.amazon.com/security
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Shared Responsibility Model AWS Physical Infrastructure Network Virtualization You Operating System Applications Data Service Configuration More at aws.amazon.com/security
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 PCI DSS Level 1 SOC 1/ISAE 3402 SOC 2 SOC 3 ISO 9001 IRAP (.au) FIPS 140-2 CJIS CSA FERPA HIPAA FedRAMP (SM) DoD CSM 1-2, 3-5 DIACAP ISO 27001 MTCS 3 ITAR MPAA G-Cloud Section 508/VPAT FISMA Shared Responsibility Model More at aws.amazon.com/compliance/
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Shared Responsibility Model AWS Physical Infrastructure Network Virtualization You Operating System Applications Data Service Configuration More at aws.amazon.com/security
Vulnerability Respond Repair
Vulnerability ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 by Andreas Lindh (@addelindh)
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 bash is a common command line interpreter
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 a:() { b; } | attack 10 | 10 vulnerability. Widespread & easy to exploit
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 1989 Fantastic summary by David A. Wheeler at http://www.dwheeler.com/essays/shellshock.html#timeline
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 1989 By Norlando Pobre
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 By Gavin Stewart 1989
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 By VersusLiveQuizShow 1989
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 "MicroTAC" by Redrum0486 at English Wikipedia 1989
Time Since Last Event Event Action Action Timeline 1989-08-05 8:32 Added to codebase 27 days, 10:20:00 Released to public 9141 days, 21:18:35 Initial report React Clock starts 1 day, 22:19:13 More details React 2 days, 7:30:12 Official patch :: CVE-2014-6271 Patch 4 days, 5:49:25 5 days, 9:16:35 Limited disclosure :: CVE-2014-6271 React 2 days, 4:37:25 More details React 3:44:00 More details React 0:27:51 Public disclosure React 0:36:30 More details React
Important Shellshock Events Time Since Last Event Event Action Action Timeline 1989-08-05 8:32 Added to codebase 27 days, 10:20:00 Released to public 9141 days, 21:18:35 Initial report React Clock starts 2 days, 7:30:12 Official patch :: CVE-2014-6271 Patch 4 days, 5:49:25 3:29:09 Official patch :: CVE-2014-7169 Patch 9 days, 19:17:00 3:15:00 Official patch :: CVE-2014-7186, CVE-2014-7187 Patch 4 days, 17:30:00 1 day, 11:55:00 Official patch :: CVE-2014-6277 Patch 1 day, 11:55:00 2 days, 20:24:00 Official patch :: CVE-2014-6278 Patch 2 days, 20:24:00
24h 48h 72h Attack Source IP – CVE-2014-6271, 7169, 6277, 6278 Disclosure
24h 48h 72h Attack Source IP – CVE-2014-6271, 7169, 6277, 6278 Disclosure
24h 48h 72h Disclosure Attack Source IP – CVE-2014-6271, 7169, 6277, 6278
Respond ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Day 1
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 TCP : 443TCP : 443 TCP : 4433TCP : 4433 Primary workflow for our deployment
IAM Roles
AWS IaM Review
Security Groups
AWS Security Group Review
Network Segmentation
AWS Network Review
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 AWS VPC Checklist Review IAM roles Security groups Network segmentation Network access control lists (NACL) More in the Auditing Security Checklist for Use of AWS, media.amazonwebservices.com/AWS_Auditing_Security_Checklist.pdf
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 TCP : 443TCP : 443 TCP : 4433TCP : 4433 Primary workflow for our deployment
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 HTTPSTPS Intrusion prevention can look at each packet and then take action depending on what it finds
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
Intrusion Prevention in Action
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Review All instances covered Workload appropriate rules Centrally managed Security controls must scale out automatically with the deployment
Repair ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Day 2
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 All instances deployment from task-specific AMI TCP : 443TCP : 443 TCP : 4433TCP : 4433
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Workflow should be completely automated Instantiate DestroyConfigure AMI Creation Workflow Bake Instantiate Test
AMI Creation
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Instances tend to drift from the known good state, monitoring key files & processes is important AMI Instance AlertIntegrity Monitoring
Integrity Monitoring
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Keys Respond Review configuration Apply intrusion prevention Repair Patch vulnerability in new AMI Leverage integrity monitoring
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Keys Visibility Security Time
AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Thank You. This presentation will be loaded to SlideShare the week following the Symposium. http://www.slideshare.net/AmazonWebServices AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Empfohlen

DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...Amazon Web Services
 
Transforming Education in the Cloud
Transforming Education in the CloudTransforming Education in the Cloud
Transforming Education in the CloudAmazon Web Services
 
Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Amazon Web Services
 
Adobe : The Future of SaaS
Adobe : The Future of SaaSAdobe : The Future of SaaS
Adobe : The Future of SaaSAmazon Web Services
 
AWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAmazon Web Services
 
Using AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSUsing AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSAmazon Web Services
 
NASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsNASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsAmazon Web Services
 
3. 195883 open gis data slides jw_edit_js-mh
3. 195883 open gis data slides jw_edit_js-mh3. 195883 open gis data slides jw_edit_js-mh
3. 195883 open gis data slides jw_edit_js-mhAmazon Web Services
 

Empfohlen

DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...
DevOps in the Public Sector: How the Democratic Party Implemented DevOps to M...Amazon Web Services
 
Transforming Education in the Cloud
Transforming Education in the CloudTransforming Education in the Cloud
Transforming Education in the CloudAmazon Web Services
 
Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Modern IT Governance Through Transparency and Automation
Modern IT Governance Through Transparency and Automation Amazon Web Services
 
Adobe : The Future of SaaS
Adobe : The Future of SaaSAdobe : The Future of SaaS
Adobe : The Future of SaaSAmazon Web Services
 
AWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAWS GovCloud (US) – A Deep Dive into Compliance
AWS GovCloud (US) – A Deep Dive into ComplianceAmazon Web Services
 
Using AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSUsing AWS Services to Go “All In” on AWS
Using AWS Services to Go “All In” on AWSAmazon Web Services
 
NASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsNASA Goddard: Head in the Clouds
NASA Goddard: Head in the CloudsAmazon Web Services
 
3. 195883 open gis data slides jw_edit_js-mh
3. 195883 open gis data slides jw_edit_js-mh3. 195883 open gis data slides jw_edit_js-mh
3. 195883 open gis data slides jw_edit_js-mhAmazon Web Services
 
C2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingC2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingAmazon Web Services
 
AWS GovCloud (US) - An Overview
AWS GovCloud (US) - An OverviewAWS GovCloud (US) - An Overview
AWS GovCloud (US) - An OverviewAmazon Web Services
 
Hybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSHybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSAmazon Web Services
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingAmazon Web Services
 
Accelerating Time to Science: Transforming Research in the Cloud
Accelerating Time to Science: Transforming Research in the Cloud Accelerating Time to Science: Transforming Research in the Cloud
Accelerating Time to Science: Transforming Research in the Cloud Amazon Web Services
 
Enterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationEnterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationAmazon Web Services
 
AWS as a Data Platform
AWS as a Data PlatformAWS as a Data Platform
AWS as a Data PlatformAmazon Web Services
 
An Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAn Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAmazon Web Services
 
Big Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformBig Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformAmazon Web Services
 
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Amazon Web Services
 
Acquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public SectorAcquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public SectorAmazon Web Services
 
Citizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsCitizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsAmazon Web Services
 
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPAAmazon Web Services
 
Perspectives from the NIH Associate Director for Data Science (ADDS) Office
Perspectives from the NIH Associate Director for Data Science (ADDS) OfficePerspectives from the NIH Associate Director for Data Science (ADDS) Office
Perspectives from the NIH Associate Director for Data Science (ADDS) OfficeAmazon Web Services
 
(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and Automation(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and AutomationAmazon Web Services
 
C2S: What’s Next
C2S: What’s NextC2S: What’s Next
C2S: What’s NextAmazon Web Services
 
AWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAmazon Web Services
 
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...Amazon Web Services
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...Amazon Web Services
 
AWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAmazon Web Services
 

Weitere ähnliche Inhalte

Was ist angesagt?

C2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingC2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingAmazon Web Services
 
Hybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSHybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSAmazon Web Services
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingAmazon Web Services
 
Accelerating Time to Science: Transforming Research in the Cloud
Accelerating Time to Science: Transforming Research in the Cloud Accelerating Time to Science: Transforming Research in the Cloud
Accelerating Time to Science: Transforming Research in the Cloud Amazon Web Services
 
Enterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationEnterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationAmazon Web Services
 
An Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAn Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAmazon Web Services
 
Big Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformBig Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformAmazon Web Services
 
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Amazon Web Services
 
Acquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public SectorAcquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public SectorAmazon Web Services
 
Citizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsCitizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsAmazon Web Services
 
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPAAmazon Web Services
 
Perspectives from the NIH Associate Director for Data Science (ADDS) Office
Perspectives from the NIH Associate Director for Data Science (ADDS) OfficePerspectives from the NIH Associate Director for Data Science (ADDS) Office
Perspectives from the NIH Associate Director for Data Science (ADDS) OfficeAmazon Web Services
 
(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and Automation(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and AutomationAmazon Web Services
 
AWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAmazon Web Services
 
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...Amazon Web Services
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. Amazon Web Services
 

Was ist angesagt? (20)

C2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid PrototypingC2S Tech Tips: Rapid Prototyping
C2S Tech Tips: Rapid Prototyping
 
AWS GovCloud (US) - An Overview
AWS GovCloud (US) - An OverviewAWS GovCloud (US) - An Overview
AWS GovCloud (US) - An Overview
 
Hybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWSHybrid IT Approach and Technologies on AWS
Hybrid IT Approach and Technologies on AWS
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud Computing
 
Accelerating Time to Science: Transforming Research in the Cloud
Accelerating Time to Science: Transforming Research in the Cloud Accelerating Time to Science: Transforming Research in the Cloud
Accelerating Time to Science: Transforming Research in the Cloud
 
Enterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher EducationEnterprise Cloud Adoption Strategies in Higher Education
Enterprise Cloud Adoption Strategies in Higher Education
 
AWS as a Data Platform
AWS as a Data PlatformAWS as a Data Platform
AWS as a Data Platform
 
An Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay PilotAn Update on the AWS/FedRAMP TIC Overlay Pilot
An Update on the AWS/FedRAMP TIC Overlay Pilot
 
Big Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better PlatformBig Data in The Cloud: Architecting a Better Platform
Big Data in The Cloud: Architecting a Better Platform
 
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
Federal Compliance Deep Dive: FISMA, FedRAMP, and Beyond - AWS Symposium 2014...
 
Acquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public SectorAcquisition Strategies and Contract Vehicles in the Public Sector
Acquisition Strategies and Contract Vehicles in the Public Sector
 
Citizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical AppsCitizen Services: The New Mission Critical Apps
Citizen Services: The New Mission Critical Apps
 
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C. Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
Moving Workloads into AWS GovCloud (US) - AWS Symposium 2014 - Washington D.C.
 
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPASecurity & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
Security & Privacy: Using AWS to Meet Requirements for HIPAA, CJIS, and FERPA
 
Perspectives from the NIH Associate Director for Data Science (ADDS) Office
Perspectives from the NIH Associate Director for Data Science (ADDS) OfficePerspectives from the NIH Associate Director for Data Science (ADDS) Office
Perspectives from the NIH Associate Director for Data Science (ADDS) Office
 
(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and Automation(ISM206) Modern IT Governance Through Transparency and Automation
(ISM206) Modern IT Governance Through Transparency and Automation
 
C2S: What’s Next
C2S: What’s NextC2S: What’s Next
C2S: What’s Next
 
AWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get StartedAWS GovCloud (US): How to Get Started
AWS GovCloud (US): How to Get Started
 
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
AWS GovCloud (US) Fundamentals: Past, Present, and Future - AWS Symposium 201...
 
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C. AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
AWS Deployment Best Practices - AWS Symposium 2014 - Washington D.C.
 

Ähnlich wie AWS Government Symposium 2015: Defending Workloads Against Vulnerabilities

AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...Amazon Web Services
 
AWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAmazon Web Services
 
Scaling by Design: AWS Web Services Patterns
Scaling by Design: AWS Web Services PatternsScaling by Design: AWS Web Services Patterns
Scaling by Design: AWS Web Services PatternsAmazon Web Services
 
Scaling by Design: AWS Web Services Patterns
Scaling by Design: AWS Web Services PatternsScaling by Design: AWS Web Services Patterns
Scaling by Design: AWS Web Services PatternsAmazon Web Services
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSAmazon Web Services
 
DevOps You Build It, You Own It!
DevOps You Build It, You Own It!DevOps You Build It, You Own It!
DevOps You Build It, You Own It!Amazon Web Services
 
02 amazon workspaces aws wwps dc symposium - halachmi - version 1 5
02 amazon workspaces aws wwps dc symposium - halachmi - version 1 502 amazon workspaces aws wwps dc symposium - halachmi - version 1 5
02 amazon workspaces aws wwps dc symposium - halachmi - version 1 5Amazon Web Services
 
AWS Power Tools: Advanced AWS CloudFormation and CLI
AWS Power Tools: Advanced AWS CloudFormation and CLIAWS Power Tools: Advanced AWS CloudFormation and CLI
AWS Power Tools: Advanced AWS CloudFormation and CLIAmazon Web Services
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingAmazon Web Services
 
Driving Innovation with Open Data
Driving Innovation with Open DataDriving Innovation with Open Data
Driving Innovation with Open DataAmazon Web Services
 
Running Microsoft Workloads on AWS
Running Microsoft Workloads on AWSRunning Microsoft Workloads on AWS
Running Microsoft Workloads on AWSAmazon Web Services
 
Hybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationHybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationAmazon Web Services
 
A Framework for Cloud IT and Business Transformation
A Framework for Cloud IT and Business TransformationA Framework for Cloud IT and Business Transformation
A Framework for Cloud IT and Business TransformationAmazon Web Services
 
Networking: New Capabilities for Amazon Virtual Private Cloud
Networking: New Capabilities for Amazon Virtual Private Cloud Networking: New Capabilities for Amazon Virtual Private Cloud
Networking: New Capabilities for Amazon Virtual Private Cloud Amazon Web Services
 
Using Security to Build with Confidence in AWS
Using Security to Build with Confidence in AWSUsing Security to Build with Confidence in AWS
Using Security to Build with Confidence in AWSAmazon Web Services
 
1 cloud-transformation-strategies 062615.final
1 cloud-transformation-strategies 062615.final1 cloud-transformation-strategies 062615.final
1 cloud-transformation-strategies 062615.finalAmazon Web Services
 
Using Security To Build With Confidence - Session Sponsored by Trend Micro
Using Security To Build With Confidence - Session Sponsored by Trend MicroUsing Security To Build With Confidence - Session Sponsored by Trend Micro
Using Security To Build With Confidence - Session Sponsored by Trend MicroAmazon Web Services
 
Using Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend MicroUsing Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend MicroAmazon Web Services
 

Ähnlich wie AWS Government Symposium 2015: Defending Workloads Against Vulnerabilities (20)

AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
AWS CodeDeploy, AWS CodePipeline, and AWS CodeCommit: Transforming Software D...
 
AWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private SectorAWS Cost Management Lessons from the Private Sector
AWS Cost Management Lessons from the Private Sector
 
Scaling by Design: AWS Web Services Patterns
Scaling by Design: AWS Web Services PatternsScaling by Design: AWS Web Services Patterns
Scaling by Design: AWS Web Services Patterns
 
Scaling by Design: AWS Web Services Patterns
Scaling by Design: AWS Web Services PatternsScaling by Design: AWS Web Services Patterns
Scaling by Design: AWS Web Services Patterns
 
Enhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWSEnhanced Security and Compliance with AWS
Enhanced Security and Compliance with AWS
 
DevOps You Build It, You Own It!
DevOps You Build It, You Own It!DevOps You Build It, You Own It!
DevOps You Build It, You Own It!
 
02 amazon workspaces aws wwps dc symposium - halachmi - version 1 5
02 amazon workspaces aws wwps dc symposium - halachmi - version 1 502 amazon workspaces aws wwps dc symposium - halachmi - version 1 5
02 amazon workspaces aws wwps dc symposium - halachmi - version 1 5
 
AWS Power Tools: Advanced AWS CloudFormation and CLI
AWS Power Tools: Advanced AWS CloudFormation and CLIAWS Power Tools: Advanced AWS CloudFormation and CLI
AWS Power Tools: Advanced AWS CloudFormation and CLI
 
Introduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud ComputingIntroduction to AWS Services and Cloud Computing
Introduction to AWS Services and Cloud Computing
 
Driving Innovation with Open Data
Driving Innovation with Open DataDriving Innovation with Open Data
Driving Innovation with Open Data
 
Running Microsoft Workloads on AWS
Running Microsoft Workloads on AWSRunning Microsoft Workloads on AWS
Running Microsoft Workloads on AWS
 
Hybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your OrganizationHybrid Cloud Solutions to Transform Your Organization
Hybrid Cloud Solutions to Transform Your Organization
 
A Framework for Cloud IT and Business Transformation
A Framework for Cloud IT and Business TransformationA Framework for Cloud IT and Business Transformation
A Framework for Cloud IT and Business Transformation
 
Networking: New Capabilities for Amazon Virtual Private Cloud
Networking: New Capabilities for Amazon Virtual Private Cloud Networking: New Capabilities for Amazon Virtual Private Cloud
Networking: New Capabilities for Amazon Virtual Private Cloud
 
Using Security to Build with Confidence in AWS
Using Security to Build with Confidence in AWSUsing Security to Build with Confidence in AWS
Using Security to Build with Confidence in AWS
 
Open GIS Data
Open GIS DataOpen GIS Data
Open GIS Data
 
1 cloud-transformation-strategies 062615.final
1 cloud-transformation-strategies 062615.final1 cloud-transformation-strategies 062615.final
1 cloud-transformation-strategies 062615.final
 
Using Security To Build With Confidence - Session Sponsored by Trend Micro
Using Security To Build With Confidence - Session Sponsored by Trend MicroUsing Security To Build With Confidence - Session Sponsored by Trend Micro
Using Security To Build With Confidence - Session Sponsored by Trend Micro
 
Using Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend MicroUsing Security To Build
 With Confidence In AWS - Trend Micro
Using Security To Build
 With Confidence In AWS - Trend Micro
 
Automate Your Backups at Scale
Automate Your Backups at ScaleAutomate Your Backups at Scale
Automate Your Backups at Scale
 

Mehr von Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mehr von Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Kürzlich hochgeladen

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Kürzlich hochgeladen (20)

Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

AWS Government Symposium 2015: Defending Workloads Against Vulnerabilities

  • 1. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Defending your workloads against the next zero-day vulnerability Justin Foster @justin_foster CTO & GM, Cloud Workload Security Trend Micro ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 2. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 The Story More at aws.trendmicro.com 2012 re:Invent SPR203 : Cloud Security is a Shared Responsibility http://bit.ly/2012-spr203 2013 re:Invent SEC208: How to Meet Strict Security & Compliance Requirements in the Cloud http://bit.ly/2013-sec208 SEC307: How Trend Micro Build their Enterprise Security Offering on AWS http://bit.ly/2013-sec307 2014 re:Invent SEC313: Updating Security Operations for the Cloud http://bit.ly/2014-sec313 SEC314: Customer Perspectives on Implementing Security Controls with AWS http://bit.ly/2014-sec314
  • 3. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Traditional Responsibility Model You Physical Infrastructure Network Virtualization Operating System Applications Data Service Configuration More at aws.amazon.com/security
  • 4. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Shared Responsibility Model AWS Physical Infrastructure Network Virtualization You Operating System Applications Data Service Configuration More at aws.amazon.com/security
  • 5. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Shared Responsibility Model AWS Physical Infrastructure Network Virtualization You Operating System Applications Data Service Configuration More at aws.amazon.com/security
  • 6. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 PCI DSS Level 1 SOC 1/ISAE 3402 SOC 2 SOC 3 ISO 9001 IRAP (.au) FIPS 140-2 CJIS CSA FERPA HIPAA FedRAMP (SM) DoD CSM 1-2, 3-5 DIACAP ISO 27001 MTCS 3 ITAR MPAA G-Cloud Section 508/VPAT FISMA Shared Responsibility Model More at aws.amazon.com/compliance/
  • 7. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Shared Responsibility Model AWS Physical Infrastructure Network Virtualization You Operating System Applications Data Service Configuration More at aws.amazon.com/security
  • 9. Vulnerability ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved
  • 10. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 by Andreas Lindh (@addelindh)
  • 11. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 bash is a common command line interpreter
  • 12. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 a:() { b; } | attack 10 | 10 vulnerability. Widespread & easy to exploit
  • 13.
  • 14. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 1989 Fantastic summary by David A. Wheeler at http://www.dwheeler.com/essays/shellshock.html#timeline
  • 15. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 1989 By Norlando Pobre
  • 16. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 By Gavin Stewart 1989
  • 17. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 By VersusLiveQuizShow 1989
  • 18. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 "MicroTAC" by Redrum0486 at English Wikipedia 1989
  • 19. Time Since Last Event Event Action Action Timeline 1989-08-05 8:32 Added to codebase 27 days, 10:20:00 Released to public 9141 days, 21:18:35 Initial report React Clock starts 1 day, 22:19:13 More details React 2 days, 7:30:12 Official patch :: CVE-2014-6271 Patch 4 days, 5:49:25 5 days, 9:16:35 Limited disclosure :: CVE-2014-6271 React 2 days, 4:37:25 More details React 3:44:00 More details React 0:27:51 Public disclosure React 0:36:30 More details React
  • 20. Important Shellshock Events Time Since Last Event Event Action Action Timeline 1989-08-05 8:32 Added to codebase 27 days, 10:20:00 Released to public 9141 days, 21:18:35 Initial report React Clock starts 2 days, 7:30:12 Official patch :: CVE-2014-6271 Patch 4 days, 5:49:25 3:29:09 Official patch :: CVE-2014-7169 Patch 9 days, 19:17:00 3:15:00 Official patch :: CVE-2014-7186, CVE-2014-7187 Patch 4 days, 17:30:00 1 day, 11:55:00 Official patch :: CVE-2014-6277 Patch 1 day, 11:55:00 2 days, 20:24:00 Official patch :: CVE-2014-6278 Patch 2 days, 20:24:00
  • 21. 24h 48h 72h Attack Source IP – CVE-2014-6271, 7169, 6277, 6278 Disclosure
  • 22. 24h 48h 72h Attack Source IP – CVE-2014-6271, 7169, 6277, 6278 Disclosure
  • 23. 24h 48h 72h Disclosure Attack Source IP – CVE-2014-6271, 7169, 6277, 6278
  • 24. Respond ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Day 1
  • 25. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
  • 26. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
  • 27. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 TCP : 443TCP : 443 TCP : 4433TCP : 4433 Primary workflow for our deployment
  • 34. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 AWS VPC Checklist Review IAM roles Security groups Network segmentation Network access control lists (NACL) More in the Auditing Security Checklist for Use of AWS, media.amazonwebservices.com/AWS_Auditing_Security_Checklist.pdf
  • 35. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 TCP : 443TCP : 443 TCP : 4433TCP : 4433 Primary workflow for our deployment
  • 36. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 HTTPSTPS Intrusion prevention can look at each packet and then take action depending on what it finds
  • 37. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
  • 39. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Review All instances covered Workload appropriate rules Centrally managed Security controls must scale out automatically with the deployment
  • 40. Repair ©2015, Amazon Web Services, Inc. or its affiliates. All rights reserved Day 2
  • 41. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
  • 42. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 All instances deployment from task-specific AMI TCP : 443TCP : 443 TCP : 4433TCP : 4433
  • 43. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Workflow should be completely automated Instantiate DestroyConfigure AMI Creation Workflow Bake Instantiate Test
  • 45. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 aws.amazon.com/architecture : Web application hosting
  • 46. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Instances tend to drift from the known good state, monitoring key files & processes is important AMI Instance AlertIntegrity Monitoring
  • 48. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Keys Respond Review configuration Apply intrusion prevention Repair Patch vulnerability in new AMI Leverage integrity monitoring
  • 49. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Keys Visibility Security Time
  • 50. AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015 Thank You. This presentation will be loaded to SlideShare the week following the Symposium. http://www.slideshare.net/AmazonWebServices AWS Government, Education, and Nonprofit Symposium Washington, DC I June 25-26, 2015

Hinweis der Redaktion

  1. More details at http://aws.amazon.com/compliance/
  2. https://twitter.com/addelindh/status/514840916692324352
  3. 1. Look Away, Chicago 2. My Prerogative, Bobby Brown 3. Every Rose Has Its Thorn, Poison 4. Straight Up, Paula Abdul 5. Miss You Much, Janet Jackson 6. Cold Hearted, Paula Abdul 7. Wind Beneath My Wings, Bette Midler 8. Girl You Know It's True, Milli Vanilli 9. Baby, I Love Your Way / Freebird, Will To Power 10. Giving You the Best That I Got, Anita Baker
  4. http://en.wikipedia.org/wiki/Motorola_MicroTAC iPhone 6 Plus is 6.07oz
  5. http://www.dwheeler.com/essays/shellshock.html#timeline
  6. http://www.dwheeler.com/essays/shellshock.html#timeline
  7. More on Network ACLs at http://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_ACLs.html More on ephemeral ports at http://en.wikipedia.org/wiki/Ephemeral_port