Upgrade to Pro — share decks privately, control downloads, hide ads and more …

AWS re:Inforce 2019 recap

AWS User Group Belgrade
July 09, 2019
Technology
0
150

AWS re:Inforce 2019 recap

AWS User group meetup 2 was dedicated to Security. This AWS re:Inforce 2019 recap focuses on top presentations, great presenters and announcements made during the conference

AWS User Group Belgrade

July 09, 2019
Tweet

More Decks by AWS User Group Belgrade

See All by AWS User Group Belgrade
The 11th Annual PostgreSQL Conference Europe
awsugbelgrade
0
43
Aurora Serverless / Goran Opacic
awsugbelgrade
1
46
Development Security Best Practices in AWS
awsugbelgrade
0
150

Other Decks in Technology

See All in Technology
AWS環境におけるランサムウェア攻撃対策の設計
nrinetcom
PRO
0
170
宇宙ベンチャーにおける最近の情シス取り組みについて
axelmizu
0
120
サイボウズフロントエンドエキスパートチームについて / FrontendExpert Team
cybozuinsideout
PRO
5
38k
型情報を用いたLintでコード品質を向上させる
sansantech
PRO
2
140
GitHub Copilot のテクニック集/GitHub Copilot Techniques
rayuron
39
16k
LINE Developersプロダクト(LIFF/LINE Login)におけるフロントエンド開発
lycorptech_jp
PRO
0
150
PHP ユーザのための OpenTelemetry 入門 / phpcon2024-opentelemetry
shin1x1
3
1.4k
[JAWS-UG新潟#20] re:Invent2024 -CloudOperationsアップデートについて-
shintaro_fukatsu
0
120
多様なメトリックとシステムの健全性維持
masaaki_k
0
120
AWS re:Invent 2024 ふりかえり勉強会
yhana
0
460
[Oracle TechNight#85] Oracle Autonomous Databaseを使ったAI活用入門
oracle4engineer
PRO
1
100
クレカ・銀行連携機能における “状態”との向き合い方 / SmartBank Engineer LT Event
smartbank
2
100

Featured

See All Featured
The Cult of Friendly URLs
andyhume
78
6.1k
Designing for Performance
lara
604
68k
Building Applications with DynamoDB
mza
91
6.1k
Typedesign – Prime Four
hannesfritz
40
2.4k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
Why Our Code Smells
bkeepers
PRO
335
57k
Designing on Purpose - Digital PM Summit 2013
jponch
116
7k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
Code Review Best Practice
trishagee
65
17k
Optimizing for Happiness
mojombo
376
70k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.7k
Facilitating Awesome Meetings
lara
50
6.1k

Transcript

  1. User Group Belgrade AWS re:Inforce Boston 2019 Goran Opacic -

    Announcements - Security HUB, VPC mirroring, … - Best talks & topics - Nitro, ABAC, Serverless, … User Group Belgrade

  2. User Group Belgrade Boston

  3. User Group Belgrade Twitter Premier League: Corey Quinn Jeremy Daly

    Teri Radichel Ben Kehoe Richard Boyd re:Inforce 2019 Boston ~10,000 people Next year: Houston Europe 2019: Global Security Roadshow Stockholm October 10 London October 15 Munich November 20

  4. User Group Belgrade UK Ministry Of Justice Security Guidance •

    https://t.co/R9LdVjuRF2 • Amazon Guard Duty, Cloud Trail, Config, …

  5. User Group Belgrade Security HUB • Continuous Compliance

  6. User Group Belgrade Security HUB • Amazon GUARD DUTY –

    NETWORKING • Amazon INSPECTOR – SERVER /Ec2, OS, Network – install agent • Amazon MACIE – FILES - A machine learning-powered security service to discover, classify, and protect sensitive data • PARTNERS

  7. User Group Belgrade Amazon Macie

  8. User Group Belgrade Security HUB

  9. User Group Belgrade Control Tower • Multi-account environment • Guardrails

    for governance • Best practice blueprints • Comprehensive insights • “Well-architected”

  10. User Group Belgrade Control Tower

  11. User Group Belgrade Control Tower • provide identity management using

    AWS SSO Directory • provide federated access using AWS Single Sign-On (AWS SSO) • create a central log archive using AWS CloudTrail and AWS Config • enable security audits across accounts using AWS SSO • implement network configurations using Amazon VPC • define workflows for provisioning accounts using AWS Service Catalog

  12. User Group Belgrade Control Tower - FAQ • You can’t

    deploy AWS Control tower on account with an existing AWS Organizations master account • AWS Control Tower requires a standalone account that is not a member of AWS Organizations for setup. In the near future, you will be able to deploy Control Tower to an existing AWS Organizations account structure. • There is no API available for AWS Control Tower • There is no migration path from AWS Landing Zone to AWS Control Tower at the moment • Pricing – 0

  13. User Group Belgrade Nitro Platform Mark Ryland Director Ofrfice of

    the CISO AWS https://www.youtube.com/watch?v=kN9XcFp5vUM

  14. User Group Belgrade Nitro Platform

  15. User Group Belgrade Nitro Platform

  16. User Group Belgrade Nitro Platform • Encrypt everything & Encryption

    keys managed by Nitro • Networking, EBS File storage • Annapurna labs chip • No Human access • Remotely managed firmware • PCIe bus • HotPlug • vmware • New machines only • VPC Traffic Mirroring – Capture & Inspect Network Traffic

  17. User Group Belgrade Workshops

  18. User Group Belgrade Penetration testing Teri Radichel @TeriRadichel

  19. User Group Belgrade Serverless Security Jeremy Daly @jeremydaly

  20. User Group Belgrade Serverless Security

  21. User Group Belgrade Attribute- Based Access Control (ABAC) Brigid Johnson

    @bjohnso5y

  22. User Group Belgrade Wrap Up • https://aws.amazon.com/blogs/security/reinforce-2019-wrap-up- and-session-links/