SlideShare ist ein Scribd-Unternehmen logo

Carry security with you to the cloud - DEM14-SR - New York AWS Summit

Amazon Web Services
Amazon Web Services

The cloud is here, and AWS is leading the charge in enabling customers to migrate their data centers and data to the cloud. With these changing needs, enterprises need a proactive, automated approach to monitoring and securing cloud infrastructure. With this shift, there is a natural tension between decentralized, distributed DevOps and the traditional command-and-control approach of classic security management. In this session, you learn common security best practices when migrating to the cloud, how DevOps and InfoSec teams can align to the new DevSecOps paradigm, and why continuous compliance management is a new business imperative. This presentation is brought to you by AWS partner, Symantec.

1 von 19
Downloaden Sie, um offline zu lesen
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Carry Security with You to the Cloud Anand Visvanathan Director Product Management Symantec D E M 1 4 - S R
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Enterprise Stages of AWS Adoption Project Foundation Migration Reinvention Discovery Targeted At Scale ClientValue Cloud Adoption Over Time
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Why Is Security Traditionally So Hard? Lack of visibility Low degree of automation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Shared Security Model
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Shared Responsibility for Security “I need to ensure security of our assets “IN” the cloud.” Security Analyst/Admin
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Common Customer Challenges Security and Agility are a Tradeoff Temporal and API-driven Nature of the Cloud Continuous Validation of Compliance Posture 7
How Security Changes in the Cloud
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T DevSecOps Principles Decentralization of security roles. Security accountability moves closer to the application owner 1 Develop security practices in line with the shared responsibility model of the cloud provider 2 Incorporate security in to the release management practice (CI/CD) 3 Attack Vectors are the entire fabric of the cloud including PaaS services, data & infrastructure 4 9
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T KPIs = Time to remediation, compliance posture, time since last incident Risk-driven mitigation Policy & Compliance KPIs = Frequencies of deployments, velocity, failure rates, quality Infrastructure as code Agile development DevSecOps: Operational Transformation DevOps Security 10
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T DevSecOps: Operational Transformation DevOps Security Embedding Security in to the DevOps pipeline with automation
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T DevSecOps: Methodology Transformation Develop/Code Build Test Service Integration Deploy Monitor & Measure New Rev 12 Production Feedback • Leverage a software release management practice for continuous security posture validation (CI/CD). • Insert security tools and processes to automate and operationalize security. • Establish remediation standards.
How to Build a Security Strategy that Scales
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How Symantec Automates Security for the CI/CD Pipeline 14 Production Feedback Develop/Code Build Test Service Integration Deploy Monitor & Measure New Rev Identify app vulnerabilities CWP Validate app security CWP Validate services CWA Ec2 instance/app inventory CWP Service inventory CWA Bake in Security (AMI) or SSM Agent CWP Monitor FIM, app/OS events, security alerts CWP Continuous assessment & remediation CWA
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Regions Compute Storage Database Networking Shared Responsibility Model Changes Security Client-side data encryption & data integrity authentication Server-side encryption (File system and/or data) Networking traffic protection (encryption, integrity, identity) SOFTWARE HARDWARE/AWS GLOBAL INFRASTRUCTURE Customer data Platform, applications, identity & access management Operating system, network & firewall configuration AWS Responsibility for security “of” the cloud Customer Responsibility for security “in” the cloud Availability zones Edge locations 15
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Shared Responsibility Model Changes Security Regions Compute Storage Database Networking Client-side data encryption & data integrity authentication Server-side encryption (File system and/or data) Networking traffic protection (encryption, integrity, identity) SOFTWARE HARDWARE/AWS GLOBAL INFRASTRUCTURE Customer data Platform, applications, identity & access management Operating system, network & firewall configuration AWS Responsibility for security “of” the cloud Customer Responsibility for security “in” the cloud Availability zones Edge locations Cloud Workload Protection for Storage Cloud Workload Protection Cloud Workload Assurance Continuous Compliance Validation Runtime protection for your instances Malware Scanning for S3 Buckets 16
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security: Design Principles AWS Shared Responsibility Model Implement “least privilege” and separation of duties Apply security at all layers Protect data in transit and at rest Enable traceability ✓ ✓ ✓ ✓
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Related breakouts Session title Speaker name Session title Speaker name Session title Speaker name
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Anand Visvanathan Anand_Visvanathan@Symantec.com

Empfohlen

The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...Amazon Web Services
 
如何成功的完成混合雲遷移專案
如何成功的完成混合雲遷移專案如何成功的完成混合雲遷移專案
如何成功的完成混合雲遷移專案Amazon Web Services
 
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...Amazon Web Services
 
How to speed up and scale your innovation efforts - MAD203 - Chicago AWS Summit
How to speed up and scale your innovation efforts - MAD203 - Chicago AWS SummitHow to speed up and scale your innovation efforts - MAD203 - Chicago AWS Summit
How to speed up and scale your innovation efforts - MAD203 - Chicago AWS SummitAmazon Web Services
 
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Amazon Web Services
 
[NEW LAUNCH] Introducing AWS Deep Learning Containers
[NEW LAUNCH] Introducing AWS Deep Learning Containers[NEW LAUNCH] Introducing AWS Deep Learning Containers
[NEW LAUNCH] Introducing AWS Deep Learning ContainersAmazon Web Services
 
Twelve-Factor serverless applications - MAD311 - Chicago AWS Summit
Twelve-Factor serverless applications - MAD311 - Chicago AWS SummitTwelve-Factor serverless applications - MAD311 - Chicago AWS Summit
Twelve-Factor serverless applications - MAD311 - Chicago AWS SummitAmazon Web Services
 
Journey into the Cloud with VMware Cloud on AWS: Deep Dive - CMP303 - Anaheim...
Journey into the Cloud with VMware Cloud on AWS: Deep Dive - CMP303 - Anaheim...Journey into the Cloud with VMware Cloud on AWS: Deep Dive - CMP303 - Anaheim...
Journey into the Cloud with VMware Cloud on AWS: Deep Dive - CMP303 - Anaheim...Amazon Web Services
 

Empfohlen

The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...The evolution of continuous cloud security and compliance - DEM05-S - New Yor...
The evolution of continuous cloud security and compliance - DEM05-S - New Yor...Amazon Web Services
 
如何成功的完成混合雲遷移專案
如何成功的完成混合雲遷移專案如何成功的完成混合雲遷移專案
如何成功的完成混合雲遷移專案Amazon Web Services
 
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...
Accelerating your cloud migration with VMware Cloud on AWS - CMP205 - Chicago...Amazon Web Services
 
How to speed up and scale your innovation efforts - MAD203 - Chicago AWS Summit
How to speed up and scale your innovation efforts - MAD203 - Chicago AWS SummitHow to speed up and scale your innovation efforts - MAD203 - Chicago AWS Summit
How to speed up and scale your innovation efforts - MAD203 - Chicago AWS SummitAmazon Web Services
 
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Making CI/CD pipelines safer with application monitoring and tracing - MAD202...
Making CI/CD pipelines safer with application monitoring and tracing - MAD202...Amazon Web Services
 
[NEW LAUNCH] Introducing AWS Deep Learning Containers
[NEW LAUNCH] Introducing AWS Deep Learning Containers[NEW LAUNCH] Introducing AWS Deep Learning Containers
[NEW LAUNCH] Introducing AWS Deep Learning ContainersAmazon Web Services
 
Twelve-Factor serverless applications - MAD311 - Chicago AWS Summit
Twelve-Factor serverless applications - MAD311 - Chicago AWS SummitTwelve-Factor serverless applications - MAD311 - Chicago AWS Summit
Twelve-Factor serverless applications - MAD311 - Chicago AWS SummitAmazon Web Services
 
Journey into the Cloud with VMware Cloud on AWS: Deep Dive - CMP303 - Anaheim...
Journey into the Cloud with VMware Cloud on AWS: Deep Dive - CMP303 - Anaheim...Journey into the Cloud with VMware Cloud on AWS: Deep Dive - CMP303 - Anaheim...
Journey into the Cloud with VMware Cloud on AWS: Deep Dive - CMP303 - Anaheim...Amazon Web Services
 
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Amazon Web Services
 
Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...
Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...
Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...Amazon Web Services
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
 
Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...
Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...
Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...Amazon Web Services
 
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Amazon Web Services
 
Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...
Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...
Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...Amazon Web Services
 
Scalable serverless architectures using event-driven design - MAD301 - Atlant...
Scalable serverless architectures using event-driven design - MAD301 - Atlant...Scalable serverless architectures using event-driven design - MAD301 - Atlant...
Scalable serverless architectures using event-driven design - MAD301 - Atlant...Amazon Web Services
 
Database Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitDatabase Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitAmazon Web Services
 
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...Amazon Web Services
 
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Amazon Web Services
 
Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...Amazon Web Services
 
CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...Amazon Web Services
 
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...Amazon Web Services
 
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...Amazon Web Services
 
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Amazon Web Services
 
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...Amazon Web Services
 
.NET on AWS
.NET on AWS.NET on AWS
.NET on AWSAmazon Web Services
 
What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...
What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...
What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...Amazon Web Services
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Amazon Web Services
 
Build data-driven, high-performance, internet-scale applications with AWS dat...
Build data-driven, high-performance, internet-scale applications with AWS dat...Build data-driven, high-performance, internet-scale applications with AWS dat...
Build data-driven, high-performance, internet-scale applications with AWS dat...Amazon Web Services
 
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 Amazon Web Services
 
Elevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudElevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudAmazon Web Services
 

Weitere ähnliche Inhalte

Was ist angesagt?

Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Amazon Web Services
 
Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...
Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...
Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...Amazon Web Services
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Amazon Web Services
 
Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...
Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...
Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...Amazon Web Services
 
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Amazon Web Services
 
Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...
Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...
Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...Amazon Web Services
 
Scalable serverless architectures using event-driven design - MAD301 - Atlant...
Scalable serverless architectures using event-driven design - MAD301 - Atlant...Scalable serverless architectures using event-driven design - MAD301 - Atlant...
Scalable serverless architectures using event-driven design - MAD301 - Atlant...Amazon Web Services
 
Database Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitDatabase Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitAmazon Web Services
 
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...Amazon Web Services
 
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Amazon Web Services
 
Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...Amazon Web Services
 
CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...Amazon Web Services
 
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...Amazon Web Services
 
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...Amazon Web Services
 
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Amazon Web Services
 
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...Amazon Web Services
 
What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...
What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...
What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...Amazon Web Services
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Amazon Web Services
 
Build data-driven, high-performance, internet-scale applications with AWS dat...
Build data-driven, high-performance, internet-scale applications with AWS dat...Build data-driven, high-performance, internet-scale applications with AWS dat...
Build data-driven, high-performance, internet-scale applications with AWS dat...Amazon Web Services
 

Was ist angesagt? (20)

Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
Safeguard the Integrity of Your Code for Fast and Secure Deployments - SVC206...
 
Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...
Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...
Accelerating your Cloud Migration with VMware Cloud on AWS - SVC210 - Atlanta...
 
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...Delivering infrastructure, security, and operations as code with AWS - DEM10-...
Delivering infrastructure, security, and operations as code with AWS - DEM10-...
 
Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...
Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...
Technical deep dive: Cloud data management with Veeam and AWS - SVC202-S - Ch...
 
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
Deploy and manage Kubernetes on AWS from your on-premises environment - DEM04...
 
Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...
Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...
Tech Talk: Using Veeam for direct restoration to Amazon EC2 - DEM15-S - New Y...
 
Scalable serverless architectures using event-driven design - MAD301 - Atlant...
Scalable serverless architectures using event-driven design - MAD301 - Atlant...Scalable serverless architectures using event-driven design - MAD301 - Atlant...
Scalable serverless architectures using event-driven design - MAD301 - Atlant...
 
Database Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS SummitDatabase Freedom - ADB304 - Santa Clara AWS Summit
Database Freedom - ADB304 - Santa Clara AWS Summit
 
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...How Millennium Management achieves provable security with AWS Zelkova - FSV30...
How Millennium Management achieves provable security with AWS Zelkova - FSV30...
 
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
Move desktops & applications to AWS with Amazon WorkSpaces & AppStream 2.0 - ...
 
Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...
Deploy and scale your first cloud application with Amazon Lightsail - CMP208 ...
 
CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...CI/CD best practices for building modern applications - MAD310 - New York AWS...
CI/CD best practices for building modern applications - MAD310 - New York AWS...
 
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
Overcoming tomorrow's operational challenges with AIOps - DEM05-R1 - Santa Cl...
 
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
Moving desktops & applications to AWS with Amazon WorkSpaces & AppStream 2 - ...
 
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
Simplify compliance & improve operational efficiency with AWS - SVC302 - Sant...
 
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
Developing your Cloud Center of Excellence using CloudHealth - DEM03 - Atlant...
 
.NET on AWS
.NET on AWS.NET on AWS
.NET on AWS
 
What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...
What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...
What’s new with Amazon S3, Amazon EFS, and other AWS storage services - STG20...
 
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...Safeguarding the integrity of your code for fast, secure deployments - SVC301...
Safeguarding the integrity of your code for fast, secure deployments - SVC301...
 
Build data-driven, high-performance, internet-scale applications with AWS dat...
Build data-driven, high-performance, internet-scale applications with AWS dat...Build data-driven, high-performance, internet-scale applications with AWS dat...
Build data-driven, high-performance, internet-scale applications with AWS dat...
 

Ähnlich wie Carry security with you to the cloud - DEM14-SR - New York AWS Summit

AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 Amazon Web Services
 
Elevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudElevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudAmazon Web Services
 
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Amazon Web Services
 
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...Amazon Web Services
 
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Amazon Web Services
 
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018Amazon Web Services
 
Elevate your security with the cloud
Elevate your security with the cloudElevate your security with the cloud
Elevate your security with the cloudAmazon Web Services
 
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019 DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019 Amazon Web Services
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Cynthia Hsieh
 
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...Amazon Web Services
 
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Amazon Web Services
 
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019 Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019 Amazon Web Services
 
Introduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF LoftIntroduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF LoftAmazon Web Services
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec
 
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019 Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019 Amazon Web Services
 
Shifting everywhere: Security and the cloud at 3M in the ’20s - DEM05-R - AWS...
Shifting everywhere: Security and the cloud at 3M in the ’20s - DEM05-R - AWS...Shifting everywhere: Security and the cloud at 3M in the ’20s - DEM05-R - AWS...
Shifting everywhere: Security and the cloud at 3M in the ’20s - DEM05-R - AWS...Amazon Web Services
 
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...Amazon Web Services
 

Ähnlich wie Carry security with you to the cloud - DEM14-SR - New York AWS Summit (20)

AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019 AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
AWS Executive Security Simulation - FND201-R - AWS re:Inforce 2019
 
Elevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloudElevate_your_security_with_the_cloud
Elevate_your_security_with_the_cloud
 
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
Infrastructure, security, and operations as code - DEM05-S - Mexico City AWS ...
 
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
Delivering infrastructure, security, and operations as code - DEM06 - Santa C...
 
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
Ensure the integrity of your code for fast and secure deployments - SDD319 - ...
 
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
Executive Security Simulation Workshop (WPS206) - AWS re:Invent 2018
 
Elevate your security with the cloud
Elevate your security with the cloudElevate your security with the cloud
Elevate your security with the cloud
 
Protecting Your Data
Protecting Your DataProtecting Your Data
Protecting Your Data
 
Security in the cloud
Security in the cloudSecurity in the cloud
Security in the cloud
 
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019 DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
DevSecOps: Integrating security into pipelines - SDD310 - AWS re:Inforce 2019
 
Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020Get ahead of cloud network security trends and practices in 2020
Get ahead of cloud network security trends and practices in 2020
 
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
Moving 400 Engineers to AWS: Our Journey to Secure Adoption (SEC306-S) - AWS ...
 
Introduction to AWS Security
Introduction to AWS SecurityIntroduction to AWS Security
Introduction to AWS Security
 
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
Security, Risk and Compliance of Your Cloud Journey - Tel Aviv Summit 2018
 
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019 Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019
Build security into your golden AMI pipeline - DEM08 - AWS reInforce 2019
 
Introduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF LoftIntroduction to AWS Security: Security Week at the SF Loft
Introduction to AWS Security: Security Week at the SF Loft
 
Symantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front LinesSymantec Best Practices for Cloud Security: Insights from the Front Lines
Symantec Best Practices for Cloud Security: Insights from the Front Lines
 
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019 Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
Integrating AppSec into Your DevSecOps on AWS - DEM14 - AWS re:Inforce 2019
 
Shifting everywhere: Security and the cloud at 3M in the ’20s - DEM05-R - AWS...
Shifting everywhere: Security and the cloud at 3M in the ’20s - DEM05-R - AWS...Shifting everywhere: Security and the cloud at 3M in the ’20s - DEM05-R - AWS...
Shifting everywhere: Security and the cloud at 3M in the ’20s - DEM05-R - AWS...
 
How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...How to act on your security and compliance alerts with AWS Security Hub - FND...
How to act on your security and compliance alerts with AWS Security Hub - FND...
 

Mehr von Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Mehr von Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Carry security with you to the cloud - DEM14-SR - New York AWS Summit

  • 1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Carry Security with You to the Cloud Anand Visvanathan Director Product Management Symantec D E M 1 4 - S R
  • 2. S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
  • 3. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Enterprise Stages of AWS Adoption Project Foundation Migration Reinvention Discovery Targeted At Scale ClientValue Cloud Adoption Over Time
  • 4. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Why Is Security Traditionally So Hard? Lack of visibility Low degree of automation
  • 5. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Shared Security Model
  • 6. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Shared Responsibility for Security “I need to ensure security of our assets “IN” the cloud.” Security Analyst/Admin
  • 7. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Common Customer Challenges Security and Agility are a Tradeoff Temporal and API-driven Nature of the Cloud Continuous Validation of Compliance Posture 7
  • 9. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T DevSecOps Principles Decentralization of security roles. Security accountability moves closer to the application owner 1 Develop security practices in line with the shared responsibility model of the cloud provider 2 Incorporate security in to the release management practice (CI/CD) 3 Attack Vectors are the entire fabric of the cloud including PaaS services, data & infrastructure 4 9
  • 10. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T KPIs = Time to remediation, compliance posture, time since last incident Risk-driven mitigation Policy & Compliance KPIs = Frequencies of deployments, velocity, failure rates, quality Infrastructure as code Agile development DevSecOps: Operational Transformation DevOps Security 10
  • 11. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T DevSecOps: Operational Transformation DevOps Security Embedding Security in to the DevOps pipeline with automation
  • 12. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T DevSecOps: Methodology Transformation Develop/Code Build Test Service Integration Deploy Monitor & Measure New Rev 12 Production Feedback • Leverage a software release management practice for continuous security posture validation (CI/CD). • Insert security tools and processes to automate and operationalize security. • Establish remediation standards.
  • 13. How to Build a Security Strategy that Scales
  • 14. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T How Symantec Automates Security for the CI/CD Pipeline 14 Production Feedback Develop/Code Build Test Service Integration Deploy Monitor & Measure New Rev Identify app vulnerabilities CWP Validate app security CWP Validate services CWA Ec2 instance/app inventory CWP Service inventory CWA Bake in Security (AMI) or SSM Agent CWP Monitor FIM, app/OS events, security alerts CWP Continuous assessment & remediation CWA
  • 15. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Regions Compute Storage Database Networking Shared Responsibility Model Changes Security Client-side data encryption & data integrity authentication Server-side encryption (File system and/or data) Networking traffic protection (encryption, integrity, identity) SOFTWARE HARDWARE/AWS GLOBAL INFRASTRUCTURE Customer data Platform, applications, identity & access management Operating system, network & firewall configuration AWS Responsibility for security “of” the cloud Customer Responsibility for security “in” the cloud Availability zones Edge locations 15
  • 16. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Shared Responsibility Model Changes Security Regions Compute Storage Database Networking Client-side data encryption & data integrity authentication Server-side encryption (File system and/or data) Networking traffic protection (encryption, integrity, identity) SOFTWARE HARDWARE/AWS GLOBAL INFRASTRUCTURE Customer data Platform, applications, identity & access management Operating system, network & firewall configuration AWS Responsibility for security “of” the cloud Customer Responsibility for security “in” the cloud Availability zones Edge locations Cloud Workload Protection for Storage Cloud Workload Protection Cloud Workload Assurance Continuous Compliance Validation Runtime protection for your instances Malware Scanning for S3 Buckets 16
  • 17. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T © 2018, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security: Design Principles AWS Shared Responsibility Model Implement “least privilege” and separation of duties Apply security at all layers Protect data in transit and at rest Enable traceability ✓ ✓ ✓ ✓
  • 18. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Related breakouts Session title Speaker name Session title Speaker name Session title Speaker name
  • 19. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T Thank you! S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved. Anand Visvanathan Anand_Visvanathan@Symantec.com