SlideShare a Scribd company logo

AWS雲端自動化合規檢核與資安警訊通報管理

Amazon Web Services
Amazon Web Services
1 of 34
Download to read offline
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS雲端自動化合規檢核與資安警訊通報管理 AWS Security Hub Partner Solutions Architect Jason Wang AWS Taiwan
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Services overview
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Protect Detect Respond Automate Investigate RecoverIdentify AWS Systems Manager AWS Config AWS Lambda Amazon CloudWatch Amazon Inspector Amazon Macie Amazon GuardDuty AWS Security Hub AWS IoT Device Defender KMSIAM AWS Single Sign-On Snapshot Archive AWS CloudTrail Amazon CloudWatch Amazon VPC AWS WAF AWS Shield AWS Secrets Manager AWS Firewall Manager AWS Foundational and Layered Security Services AWS Organizations Personal Health Dashboard Amazon Route 53 AWS Direct Connect AWS Transit Gateway Amazon VPC PrivateLink AWS Step Functions Amazon Cloud Directory AWS CloudHSM AWS Certificate Manager AWS Control Tower AWS Service Catalog AWS Well- Architected Tool AWS Trusted Advisor Resource Access manager AWS Directory Service Amazon Cognito Amazon S3 Glacier AWS Security Hub AWS Systems Manager AWS CloudFormation AWS OpsWorks Amazon Detective
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Introduction AWS Security Hub
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Problem statements Large volume of alerts and the need to prioritize 3 Too many security alerts Lack of an integrated view of security and compliance across accounts 4 Lack of an integrated view Dozens of security tools with different data formats 2 Too many security alert formats Many compliance requirements and not enough time to build the checks 1 Backlog of compliance requirements
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is AWS Security Hub? AWS Security Hub is the compliance and security center for AWS customers One part SIEM-like aggregation for AWS-related “findings” One part automated checks against compliance standards
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Introduction to AWS Security Hub Enable AWS Security Hub for all your accounts. Account 1 Account 2 Account 3 Conduct automated compliance scans and checks. Take action based on findings. Continuously aggregate and prioritize findings. Better visibility into security issues. Easier to stay in compliance.
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is AWS Security Hub?
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Target options Introduction to AWS Security Hub Responding to Findings Insights: Remediation AWS Security Hub Amazon CloudWatch CloudWatch Event Aggregate Report Take Action AWS Security Services OR Partner solutions Detect Selected findings and insights
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Benefits
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Benefits Take Action Aggregated findings Compliance standards
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Automated compliance checks 43 fully automated, nearly continuous checks
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Standards Based on CIS AWS Foundations Benchmark • 43 fully automated, nearly continuous checks • Findings are displayed on main dashboard for quick access. • Best practices information is provided to help mitigate gaps to be in compliance.
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Avoid the use of the "root" account Ensure CloudTrail is enabled in all regions Ensure no Security groups allow ingress from 0.0.0.0/0 to port 22 Ensure IAM policies that allow full "*:*" administrative privileges are not created 43 pre configured rules for CIS Compliance Standards Examples:
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Standards
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Standards Example: 1.1 Avoid the use of the "root" account
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Benefits Aggregated findings Compliance standards Take Action
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Aggregated findings ~100 JSON-formatted fields Finding Types • Sensitive Data Identifications • Software and Configuration Checks • Unusual Behaviors • Tactics, Techniques, and Procedures (TTPs) • Effects AWS Security Finding Format Severity Normalized 0 30 70 100 Sensitive Data Identifications Software and Config checks Unusual behaviors EffectsTTPs
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Aggregated findings
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Insights help identify resources that require attention
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub insights • Dashboard provides visibility into the top security findings • 20 pre-built insights provided by AWS and AWS partners • Customer can create their own insights • Examples: EC2 instances that have missing security patches S3 buckets with stored credentials S3 buckets with public read and write permissions Top AMIs by counts of findings
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Benefits Aggregated findings Compliance standards Take Action
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Take Action Partner Solutions Custom Actions Amazon Security Hub With other Services Amazon CloudWatch Events AWS Services
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub Rule Custom Action Simple Notification Service { "source": [ "aws.securityhub" ], "resources": [ "arn:aws:securityhub:us-west- 2:xxxxxxxxxxxx:action/custom/send_to_email" ] } Event (event- based) Email
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub Rule Event Custom Action Lambda Function Rule Event Custom Action Kinesis Stream Rule Event Custom Action Run command Simple Notification Service
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Take Action Partner Solutions Custom Actions via Amazon Security Hub With other services via Amazon CloudWatch Events AWS Services
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Taking Action with Security Hub partner AWS Security Hub Amazon CloudWatch Events Amazon GuardDuty Amazon Inspector Amazon Macie Partner Solutions ! Target options
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Customizable response and remediation actions OpsCenter (AWS Systems Manager) or 1. All findings automatically send to CloudWatch events; AND 2. AWS Security Hub user selects findings in the console and takes a custom action on them. These findings are sent to CloudWatch decorated with a custom action ID 3. User creates CloudWatch event rules to look for certain findings associated with a custom action id or types of findings. 4. The rule defines a target – typically a Lambda function, Step Function, or Automation document 5. The target could be things like a chat, ticketing, on-call management, SOAR platform, or custom remediation playbook Amazon CloudWatch AWS Lambda AWS Security Hub Event (time-base) Rule AWS Step Functions
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Services Availability (Regions) Existing Regions with AWS Security Hub Coming soon Regions Existing Regions Oregon Northern California AWS GovCloud (US-West) Ohio Canada Central Ireland London Stockholm Paris Frankfurt Milan Bahrain Cape Town Mumbai Singapore Jakarta Hong Kong Ningxia Beijing Seoul Tokyo Sydney AWS GovCloud (US-East) Northern Virginia
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Reference Customers
© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank You !

Recommended

Lambda Function Security
Lambda Function SecurityLambda Function Security
Lambda Function SecurityAmazon Web Services
 
Public Cloud Security Blueprint
Public Cloud Security BlueprintPublic Cloud Security Blueprint
Public Cloud Security BlueprintAmazon Web Services
 
Cloud ibrido nella PA
Cloud ibrido nella PACloud ibrido nella PA
Cloud ibrido nella PAAmazon Web Services
 
Unify security, compliance, and finance teams with governance at scale - GRC2...
Unify security, compliance, and finance teams with governance at scale - GRC2...Unify security, compliance, and finance teams with governance at scale - GRC2...
Unify security, compliance, and finance teams with governance at scale - GRC2...Amazon Web Services
 
Protect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksProtect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksAmazon Web Services
 
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Amazon Web Services
 
Enabling digital transformation of your business on AWS - DEM08-S - Mexico Ci...
Enabling digital transformation of your business on AWS - DEM08-S - Mexico Ci...Enabling digital transformation of your business on AWS - DEM08-S - Mexico Ci...
Enabling digital transformation of your business on AWS - DEM08-S - Mexico Ci...Amazon Web Services
 
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Amazon Web Services
 

Recommended

Lambda Function Security
Lambda Function SecurityLambda Function Security
Lambda Function SecurityAmazon Web Services
 
Public Cloud Security Blueprint
Public Cloud Security BlueprintPublic Cloud Security Blueprint
Public Cloud Security BlueprintAmazon Web Services
 
Cloud ibrido nella PA
Cloud ibrido nella PACloud ibrido nella PA
Cloud ibrido nella PAAmazon Web Services
 
Unify security, compliance, and finance teams with governance at scale - GRC2...
Unify security, compliance, and finance teams with governance at scale - GRC2...Unify security, compliance, and finance teams with governance at scale - GRC2...
Unify security, compliance, and finance teams with governance at scale - GRC2...Amazon Web Services
 
Protect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksProtect your applications from DDoS/BOT & Advanced Attacks
Protect your applications from DDoS/BOT & Advanced AttacksAmazon Web Services
 
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019
Establishing AWS as a trusted partner - GRC325 - AWS re:Inforce 2019 Amazon Web Services
 
Enabling digital transformation of your business on AWS - DEM08-S - Mexico Ci...
Enabling digital transformation of your business on AWS - DEM08-S - Mexico Ci...Enabling digital transformation of your business on AWS - DEM08-S - Mexico Ci...
Enabling digital transformation of your business on AWS - DEM08-S - Mexico Ci...Amazon Web Services
 
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...
Secure Your Data with Recommended Best Practices Enabled by AWS Security and ...Amazon Web Services
 
AWS Espressif Amazon FreeRTOS
AWS Espressif Amazon FreeRTOSAWS Espressif Amazon FreeRTOS
AWS Espressif Amazon FreeRTOSAmazon Web Services
 
Open Data on AWS
Open Data on AWSOpen Data on AWS
Open Data on AWSAmazon Web Services
 
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...Amazon Web Services
 
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Amazon Web Services
 
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
 
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019 The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019 Amazon Web Services
 
AWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applicationsAWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applicationsAmazon Web Services
 
A security-first approach to delivering end-user computing services - FND327 ...
A security-first approach to delivering end-user computing services - FND327 ...A security-first approach to delivering end-user computing services - FND327 ...
A security-first approach to delivering end-user computing services - FND327 ...Amazon Web Services
 
WildRydes Serverless Data Processing Workshop
WildRydes Serverless Data Processing WorkshopWildRydes Serverless Data Processing Workshop
WildRydes Serverless Data Processing WorkshopAmazon Web Services
 
Costruire Architetture Ibride con AWS
Costruire Architetture Ibride con AWSCostruire Architetture Ibride con AWS
Costruire Architetture Ibride con AWSAmazon Web Services
 
AWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS FoundationsAWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS FoundationsAmazon Web Services
 
AWS PROTECTED: Why This Matters for Australia - AWS Summit Sydney
AWS PROTECTED: Why This Matters for Australia - AWS Summit SydneyAWS PROTECTED: Why This Matters for Australia - AWS Summit Sydney
AWS PROTECTED: Why This Matters for Australia - AWS Summit SydneyAmazon Web Services
 
AWS G-Cloud 12 - Partner Seminar
AWS G-Cloud 12 - Partner SeminarAWS G-Cloud 12 - Partner Seminar
AWS G-Cloud 12 - Partner SeminarAmazon Web Services
 
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
 
Architecting security and governance across your AWS environment
Architecting security and governance across your AWS environmentArchitecting security and governance across your AWS environment
Architecting security and governance across your AWS environmentAmazon Web Services
 
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณAWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณAmazon Web Services
 
Building a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing ZonesBuilding a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing ZonesTom Laszewski
 
Transforming Enterprise IT - Virtual Transformation Day Feb 2019
Transforming Enterprise IT - Virtual Transformation Day Feb 2019Transforming Enterprise IT - Virtual Transformation Day Feb 2019
Transforming Enterprise IT - Virtual Transformation Day Feb 2019Amazon Web Services
 
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
 
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Amazon Web Services
 
Monitorización de seguridad y detección de amenazas con AWS
Monitorización de seguridad y detección de amenazas con AWSMonitorización de seguridad y detección de amenazas con AWS
Monitorización de seguridad y detección de amenazas con AWSjavier ramirez
 
AWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: SecurityAWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: SecurityCobus Bernard
 

More Related Content

What's hot

How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...Amazon Web Services
 
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Amazon Web Services
 
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Amazon Web Services
 
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019 The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019 Amazon Web Services
 
AWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applicationsAWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applicationsAmazon Web Services
 
A security-first approach to delivering end-user computing services - FND327 ...
A security-first approach to delivering end-user computing services - FND327 ...A security-first approach to delivering end-user computing services - FND327 ...
A security-first approach to delivering end-user computing services - FND327 ...Amazon Web Services
 
WildRydes Serverless Data Processing Workshop
WildRydes Serverless Data Processing WorkshopWildRydes Serverless Data Processing Workshop
WildRydes Serverless Data Processing WorkshopAmazon Web Services
 
Costruire Architetture Ibride con AWS
Costruire Architetture Ibride con AWSCostruire Architetture Ibride con AWS
Costruire Architetture Ibride con AWSAmazon Web Services
 
AWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS FoundationsAWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS FoundationsAmazon Web Services
 
AWS PROTECTED: Why This Matters for Australia - AWS Summit Sydney
AWS PROTECTED: Why This Matters for Australia - AWS Summit SydneyAWS PROTECTED: Why This Matters for Australia - AWS Summit Sydney
AWS PROTECTED: Why This Matters for Australia - AWS Summit SydneyAmazon Web Services
 
AWS G-Cloud 12 - Partner Seminar
AWS G-Cloud 12 - Partner SeminarAWS G-Cloud 12 - Partner Seminar
AWS G-Cloud 12 - Partner SeminarAmazon Web Services
 
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Amazon Web Services
 
Architecting security and governance across your AWS environment
Architecting security and governance across your AWS environmentArchitecting security and governance across your AWS environment
Architecting security and governance across your AWS environmentAmazon Web Services
 
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณAWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณAmazon Web Services
 
Building a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing ZonesBuilding a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing ZonesTom Laszewski
 
Transforming Enterprise IT - Virtual Transformation Day Feb 2019
Transforming Enterprise IT - Virtual Transformation Day Feb 2019Transforming Enterprise IT - Virtual Transformation Day Feb 2019
Transforming Enterprise IT - Virtual Transformation Day Feb 2019Amazon Web Services
 
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Amazon Web Services
 
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Amazon Web Services
 

What's hot (20)

AWS Espressif Amazon FreeRTOS
AWS Espressif Amazon FreeRTOSAWS Espressif Amazon FreeRTOS
AWS Espressif Amazon FreeRTOS
 
Open Data on AWS
Open Data on AWSOpen Data on AWS
Open Data on AWS
 
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
How to Enable Single Sign On to Multiple AWS Accounts and Business Applicatio...
 
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...
Tax returns in the cloud: The journey of Intuit’s data platform - SDD330 - AW...
 
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
Module 3: Security, Architecting Best Practices, Pricing, Partner Solutions, ...
 
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019 The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019
The fundamentals of AWS cloud security - FND209-R - AWS re:Inforce 2019
 
AWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applicationsAWSome Day Online 2020_Module 4: Secure your cloud applications
AWSome Day Online 2020_Module 4: Secure your cloud applications
 
A security-first approach to delivering end-user computing services - FND327 ...
A security-first approach to delivering end-user computing services - FND327 ...A security-first approach to delivering end-user computing services - FND327 ...
A security-first approach to delivering end-user computing services - FND327 ...
 
WildRydes Serverless Data Processing Workshop
WildRydes Serverless Data Processing WorkshopWildRydes Serverless Data Processing Workshop
WildRydes Serverless Data Processing Workshop
 
Costruire Architetture Ibride con AWS
Costruire Architetture Ibride con AWSCostruire Architetture Ibride con AWS
Costruire Architetture Ibride con AWS
 
AWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS FoundationsAWSome Day MODULE 1 - AWS Foundations
AWSome Day MODULE 1 - AWS Foundations
 
AWS PROTECTED: Why This Matters for Australia - AWS Summit Sydney
AWS PROTECTED: Why This Matters for Australia - AWS Summit SydneyAWS PROTECTED: Why This Matters for Australia - AWS Summit Sydney
AWS PROTECTED: Why This Matters for Australia - AWS Summit Sydney
 
AWS G-Cloud 12 - Partner Seminar
AWS G-Cloud 12 - Partner SeminarAWS G-Cloud 12 - Partner Seminar
AWS G-Cloud 12 - Partner Seminar
 
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
Threat detection on AWS: An introduction to Amazon GuardDuty - FND216 - AWS r...
 
Architecting security and governance across your AWS environment
Architecting security and governance across your AWS environmentArchitecting security and governance across your AWS environment
Architecting security and governance across your AWS environment
 
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณAWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
AWSome Day Online 2020_โมดูล 4: การรักษาความปลอดภัยแอปพลิเคชันบนระบบคลาวด์ของคุณ
 
Building a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing ZonesBuilding a Hybrid Cloud Architecture Utilizing AWS Landing Zones
Building a Hybrid Cloud Architecture Utilizing AWS Landing Zones
 
Transforming Enterprise IT - Virtual Transformation Day Feb 2019
Transforming Enterprise IT - Virtual Transformation Day Feb 2019Transforming Enterprise IT - Virtual Transformation Day Feb 2019
Transforming Enterprise IT - Virtual Transformation Day Feb 2019
 
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...
Cross-account encryption with AWS KMS and Slack Enterprise Key Management - S...
 
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...Building a security knowledge management platform for AWS - FND224 - AWS re:I...
Building a security knowledge management platform for AWS - FND224 - AWS re:I...
 

Similar to AWS雲端自動化合規檢核與資安警訊通報管理

Monitorización de seguridad y detección de amenazas con AWS
Monitorización de seguridad y detección de amenazas con AWSMonitorización de seguridad y detección de amenazas con AWS
Monitorización de seguridad y detección de amenazas con AWSjavier ramirez
 
AWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: SecurityAWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: SecurityCobus Bernard
 
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud AndaAWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud AndaAmazon Web Services
 
DevopsDays Geneva 2020 - Compliance & Governance as Code
DevopsDays Geneva 2020 - Compliance & Governance as CodeDevopsDays Geneva 2020 - Compliance & Governance as Code
DevopsDays Geneva 2020 - Compliance & Governance as Codejeromevdl
 
Serverless-First Function: Serverless application security
Serverless-First Function: Serverless application securityServerless-First Function: Serverless application security
Serverless-First Function: Serverless application securityRobSutter2
 
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSProteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSAmazon Web Services
 
Threat detection and mitigation at AWS
Threat detection and mitigation at AWSThreat detection and mitigation at AWS
Threat detection and mitigation at AWSNathan Case
 
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...Amazon Web Services
 
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019 Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019 Amazon Web Services
 
Threat detection and mitigation at AWS - SEC201 - New York AWS Summit
Threat detection and mitigation at AWS - SEC201 - New York AWS SummitThreat detection and mitigation at AWS - SEC201 - New York AWS Summit
Threat detection and mitigation at AWS - SEC201 - New York AWS SummitAmazon Web Services
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSAmazon Web Services
 
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, PolandServerless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, PolandDennis Traub
 
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Amazon Web Services
 
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Amazon Web Services
 
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...Amazon Web Services
 
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Amazon Web Services
 
Threat detection - SEC207 - New York AWS Summit
Threat detection - SEC207 - New York AWS SummitThreat detection - SEC207 - New York AWS Summit
Threat detection - SEC207 - New York AWS SummitAmazon Web Services
 

Similar to AWS雲端自動化合規檢核與資安警訊通報管理 (20)

Monitorización de seguridad y detección de amenazas con AWS
Monitorización de seguridad y detección de amenazas con AWSMonitorización de seguridad y detección de amenazas con AWS
Monitorización de seguridad y detección de amenazas con AWS
 
AWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: SecurityAWS SSA Webinar 11 - Getting started on AWS: Security
AWS SSA Webinar 11 - Getting started on AWS: Security
 
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud AndaAWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
AWSome Day Online 2020_Modul 4: Mengamankan aplikasi cloud Anda
 
DevopsDays Geneva 2020 - Compliance & Governance as Code
DevopsDays Geneva 2020 - Compliance & Governance as CodeDevopsDays Geneva 2020 - Compliance & Governance as Code
DevopsDays Geneva 2020 - Compliance & Governance as Code
 
Serverless-First Function: Serverless application security
Serverless-First Function: Serverless application securityServerless-First Function: Serverless application security
Serverless-First Function: Serverless application security
 
Proteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWSProteggere applicazioni e dati nel cloud AWS
Proteggere applicazioni e dati nel cloud AWS
 
Threat detection and mitigation at AWS
Threat detection and mitigation at AWSThreat detection and mitigation at AWS
Threat detection and mitigation at AWS
 
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...
 
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019 Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
Hands-on with AWS Security Hub - FND213-R - AWS re:Inforce 2019
 
Threat detection and mitigation at AWS - SEC201 - New York AWS Summit
Threat detection and mitigation at AWS - SEC201 - New York AWS SummitThreat detection and mitigation at AWS - SEC201 - New York AWS Summit
Threat detection and mitigation at AWS - SEC201 - New York AWS Summit
 
Introduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWSIntroduction to Threat Detection and Remediation on AWS
Introduction to Threat Detection and Remediation on AWS
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, PolandServerless SecOps Automation on AWS at AWS UG Krakow, Poland
Serverless SecOps Automation on AWS at AWS UG Krakow, Poland
 
Security@Scale
Security@ScaleSecurity@Scale
Security@Scale
 
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019 Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
Scaling threat detection and response in AWS - SDD312-R - AWS re:Inforce 2019
 
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
Data Security in the Cloud - Matt Taylor - AWS TechShift ANZ 2018
 
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...
Security at Scale: Security Hub and the Well Architected Framework - AWS Summ...
 
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
Security Best Practices for Microsoft Workloads (WIN307) - AWS re:Invent 2018
 
Fundamentals of AWS Security
Fundamentals of AWS SecurityFundamentals of AWS Security
Fundamentals of AWS Security
 
Threat detection - SEC207 - New York AWS Summit
Threat detection - SEC207 - New York AWS SummitThreat detection - SEC207 - New York AWS Summit
Threat detection - SEC207 - New York AWS Summit
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

AWS雲端自動化合規檢核與資安警訊通報管理

  • 1. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS雲端自動化合規檢核與資安警訊通報管理 AWS Security Hub Partner Solutions Architect Jason Wang AWS Taiwan
  • 2. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Services overview
  • 3. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Protect Detect Respond Automate Investigate RecoverIdentify AWS Systems Manager AWS Config AWS Lambda Amazon CloudWatch Amazon Inspector Amazon Macie Amazon GuardDuty AWS Security Hub AWS IoT Device Defender KMSIAM AWS Single Sign-On Snapshot Archive AWS CloudTrail Amazon CloudWatch Amazon VPC AWS WAF AWS Shield AWS Secrets Manager AWS Firewall Manager AWS Foundational and Layered Security Services AWS Organizations Personal Health Dashboard Amazon Route 53 AWS Direct Connect AWS Transit Gateway Amazon VPC PrivateLink AWS Step Functions Amazon Cloud Directory AWS CloudHSM AWS Certificate Manager AWS Control Tower AWS Service Catalog AWS Well- Architected Tool AWS Trusted Advisor Resource Access manager AWS Directory Service Amazon Cognito Amazon S3 Glacier AWS Security Hub AWS Systems Manager AWS CloudFormation AWS OpsWorks Amazon Detective
  • 4. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Introduction AWS Security Hub
  • 5. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Problem statements Large volume of alerts and the need to prioritize 3 Too many security alerts Lack of an integrated view of security and compliance across accounts 4 Lack of an integrated view Dozens of security tools with different data formats 2 Too many security alert formats Many compliance requirements and not enough time to build the checks 1 Backlog of compliance requirements
  • 6. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is AWS Security Hub? AWS Security Hub is the compliance and security center for AWS customers One part SIEM-like aggregation for AWS-related “findings” One part automated checks against compliance standards
  • 7. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Introduction to AWS Security Hub Enable AWS Security Hub for all your accounts. Account 1 Account 2 Account 3 Conduct automated compliance scans and checks. Take action based on findings. Continuously aggregate and prioritize findings. Better visibility into security issues. Easier to stay in compliance.
  • 8. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is AWS Security Hub?
  • 9. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Target options Introduction to AWS Security Hub Responding to Findings Insights: Remediation AWS Security Hub Amazon CloudWatch CloudWatch Event Aggregate Report Take Action AWS Security Services OR Partner solutions Detect Selected findings and insights
  • 10. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Benefits
  • 11. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Benefits Take Action Aggregated findings Compliance standards
  • 12. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Automated compliance checks 43 fully automated, nearly continuous checks
  • 13. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Standards Based on CIS AWS Foundations Benchmark • 43 fully automated, nearly continuous checks • Findings are displayed on main dashboard for quick access. • Best practices information is provided to help mitigate gaps to be in compliance.
  • 14. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Avoid the use of the "root" account Ensure CloudTrail is enabled in all regions Ensure no Security groups allow ingress from 0.0.0.0/0 to port 22 Ensure IAM policies that allow full "*:*" administrative privileges are not created 43 pre configured rules for CIS Compliance Standards Examples:
  • 15. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Standards
  • 16. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Compliance Standards Example: 1.1 Avoid the use of the "root" account
  • 17. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Benefits Aggregated findings Compliance standards Take Action
  • 18. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Aggregated findings ~100 JSON-formatted fields Finding Types • Sensitive Data Identifications • Software and Configuration Checks • Unusual Behaviors • Tactics, Techniques, and Procedures (TTPs) • Effects AWS Security Finding Format Severity Normalized 0 30 70 100 Sensitive Data Identifications Software and Config checks Unusual behaviors EffectsTTPs
  • 19. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Aggregated findings
  • 20. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Insights help identify resources that require attention
  • 21. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub insights • Dashboard provides visibility into the top security findings • 20 pre-built insights provided by AWS and AWS partners • Customer can create their own insights • Examples: EC2 instances that have missing security patches S3 buckets with stored credentials S3 buckets with public read and write permissions Top AMIs by counts of findings
  • 22. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Benefits Aggregated findings Compliance standards Take Action
  • 23. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Take Action Partner Solutions Custom Actions Amazon Security Hub With other Services Amazon CloudWatch Events AWS Services
  • 24. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub
  • 25. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub
  • 26. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub Rule Custom Action Simple Notification Service { "source": [ "aws.securityhub" ], "resources": [ "arn:aws:securityhub:us-west- 2:xxxxxxxxxxxx:action/custom/send_to_email" ] } Event (event- based) Email
  • 27. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub Rule Event Custom Action Lambda Function Rule Event Custom Action Kinesis Stream Rule Event Custom Action Run command Simple Notification Service
  • 28. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions in Security Hub
  • 29. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Take Action Partner Solutions Custom Actions via Amazon Security Hub With other services via Amazon CloudWatch Events AWS Services
  • 30. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Taking Action with Security Hub partner AWS Security Hub Amazon CloudWatch Events Amazon GuardDuty Amazon Inspector Amazon Macie Partner Solutions ! Target options
  • 31. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Customizable response and remediation actions OpsCenter (AWS Systems Manager) or 1. All findings automatically send to CloudWatch events; AND 2. AWS Security Hub user selects findings in the console and takes a custom action on them. These findings are sent to CloudWatch decorated with a custom action ID 3. User creates CloudWatch event rules to look for certain findings associated with a custom action id or types of findings. 4. The rule defines a target – typically a Lambda function, Step Function, or Automation document 5. The target could be things like a chat, ticketing, on-call management, SOAR platform, or custom remediation playbook Amazon CloudWatch AWS Lambda AWS Security Hub Event (time-base) Rule AWS Step Functions
  • 32. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS Security Hub Services Availability (Regions) Existing Regions with AWS Security Hub Coming soon Regions Existing Regions Oregon Northern California AWS GovCloud (US-West) Ohio Canada Central Ireland London Stockholm Paris Frankfurt Milan Bahrain Cape Town Mumbai Singapore Jakarta Hong Kong Ningxia Beijing Seoul Tokyo Sydney AWS GovCloud (US-East) Northern Virginia
  • 33. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Reference Customers
  • 34. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank You !