Upgrade to Pro — share decks privately, control downloads, hide ads and more …

re:Inforce 2021 ReCap

fnifni
August 29, 2021
Technology
0
180

re:Inforce 2021 ReCap

Security-JAWS#22のシークレットセッションで発表した、日本一早いre:Inforce 2021 のReCapです
#secjaws #secjaws22

fnifni

August 29, 2021
Tweet

More Decks by fnifni

See All by fnifni
生成AIのガバナンスとこれから
fnifni
0
91
AWS re:Inforce 2024 に コミュニティから登壇してきた話
fnifni
0
25
COM224: How organizations are actually applying AWS security best practices
fnifni
0
26
BsidesTokyo2024_AWSセキュリティの ベストプラクティスに関する 利用実態調査のレポートの紹介
fnifni
0
24
re:Inforce2024-recap_英語力ゴミカスでもフル英語登壇を乗り切る成功メソッド
fnifni
0
95
信頼ルールはGoogle Drive共有の孫の手になるか?
fnifni
0
190
ゼロトラスト導入支援ってどんなことやってるの?
fnifni
0
52
ログの話
fnifni
0
55
CloudTailをAzure Sentinelで 分析するということ
fnifni
1
180

Other Decks in Technology

See All in Technology
国土交通省 データコンペ参加者向け勉強会
takehikohashimoto
0
250
ジョブマッチングサービスにおける相互推薦システムの応用事例と課題
hakubishin3
2
500
Observability を実現するためにアセットを活用しよう(AWS 秋の Observability 祭り ~明日使えるアセット祭り~ )
tsujiba
0
110
プロダクトエンジニアが活躍する環境を作りたくて 事業責任者になった話 ~プロダクトエンジニアの行き着く先~
gimupop
1
510
物価高なラスベガスでの過ごし方
zakky
0
470
10分でわかるfreee エンジニア向け会社説明資料
freee
18
520k
VPC間の接続方法を整理してみた #自治体クラウド勉強会
non97
1
1k
Oracle Cloud Infrastructure データベース・クラウド:各バージョンのサポート期間
oracle4engineer
PRO
27
12k
Platform Engineering ことはじめ
oracle4engineer
PRO
5
520
スプリントゴールにチームの状態も設定する背景とその効果 / Team state in sprint goals why and impact
kakehashi
2
120
来年もre:Invent2024 に行きたいあなたへ - “集中”と“つながり”で楽しむ -
ny7760
0
550
Spring Frameworkの新標準!? ~ RestClientとHTTPインターフェース入門 ~
ogiwarat
1
200

Featured

See All Featured
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
108
49k
What’s in a name? Adding method to the madness
productmarketing
PRO
22
3.1k
[Rails World 2023 - Day 1 Closing Keynote] - The Magic of Rails
eileencodes
32
1.8k
The MySQL Ecosystem @ GitHub 2015
samlambert
250
12k
Reflections from 52 weeks, 52 projects
jeffersonlam
346
20k
Easily Structure & Communicate Ideas using Wireframe
afnizarnur
191
16k
Adopting Sorbet at Scale
ufuk
73
9k
Rebuilding a faster, lazier Slack
samanthasiow
79
8.6k
The Invisible Side of Design
smashingmag
297
50k
Documentation Writing (for coders)
carmenintech
65
4.4k
The Cult of Friendly URLs
andyhume
78
6k
Imperfection Machines: The Place of Print at Facebook
scottboms
264
13k

Transcript

  1. re:Inforce 2021 ReCap Japan’s earliest re:Inforce challenge to ReCap By

    Hirokazu Yoshida / At S-JAWS#21 / 2021.8.27

  2. re:Inforce 2021 ReCap ೔ຊҰૣ͍re:InforceͷReCap΁ͷ௅ઓ ٢ాͻΖ͔ͣ / S-JAWS#21 / 2021.8.27

  3. Who am I !? Hirokazu Yoshida @ CloudNative Inc. Job

    : Security Engineer Community : Security-JAWS Favorite AWS Service :

  4. Attention !! • ຊηογϣϯ͸ɺݸਓͷݟղʹجͮ͘΋ͷͰ͢ • ॴଐ͢ΔاۀɺஂମͷҙݟΛ୅ද͢Δ΋ͷͰ͸͋Γ·ͤΜ • and more …

  5. re:Inforceͬͯ ͳΜ͡ΌΒ΄͍ʁ

  6. About re:Inforce • AWS͕ओ࠵͢ΔηΩϡϦςΟɺΞΠσϯςΟςΟɺ 
 ίϯϓϥΠΞϯεʹಛԽͨ͠ϥʔχϯάΧϯϑΝϨϯε • ॳճ͸2019೥ʹϘετϯͰ։࠵ʢ೔ຊਓͷࢀՃऀ͸61໊ʣ • 2020೥

    (ώϡʔετϯ) ͸ɺίϩφͷӨڹͰதࢭ • ࠓ೥͸தࢭͷةػΛ৐Γӽ͑ɺ౔ஃ৔Ͱόʔνϟϧ୹ॖ։࠵

  7. ΄ʔΜ re:Inforceͬͯ re:InventͷηΩϡϦςΟ൛ ͳΜͰ͠ΐʁ

  8. ηΩϡϦςΟ৽ػೳͷൃදϥογϡ ͨͷ͠Έ΍ͳ͊ʂ

  9. ͱࢥ͍ͬͯͨ࣌ظ΋ ͋Γ·ͨ͠

  10. About re:Inforce • AWS͕ओ࠵͢ΔηΩϡϦςΟɺΞΠσϯςΟςΟɺ 
 ίϯϓϥΠΞϯεʹಛԽͨ͠ϥʔχϯάΧϯϑΝϨϯε • ॳճ͸2019೥ʹϘετϯͰ։࠵ʢ೔ຊਓͷࢀՃऀ͸61໊ʣ • 2020೥͸ɺίϩφͷӨڹͰதࢭ

    • ࠓ೥΋தࢭͷةػΛ৐Γӽ͑ɺ౔ஃ৔Ͱόʔνϟϧ୹ॖ։࠵

  11. ৽ػೳগͳ͍ʂͬͯ ͦ΋ͦ΋ओࢫ͕ҧ͏

  12. ͦΕͰ΋͋ͬͨ ৽ػೳͷൃදΛ঺հ͠·͢

  13. Functions introduced as new features • AWS Backup Audit Manager

    • AWS Backup͕ಈ࡞͍ͯ͠Δʮ೔ใʯΛݟΔ͜ͱ͕Ͱ͖Δ

  14. Functions introduced as new features • AWS IoT CoreͷVPC Endpoint

    (Private Link) ରԠ • IoT Coreͷ௨৴ΛެڞͷΠϯλʔωοτʹग़ͣ͞ʹऩू͢Δ

  15. Functions introduced as new features • Level 1 MSSPϓϩάϥϜͷ։࢝ •

    جຊతͳ඼࣭ج४Λຬͨͨ͠ύʔτφʔ͕ొ࿥͞Ε͍ͯΔ • 10छྨͷ෼໺Ͱӡ༻΋ؚΊͨ௕ظతʹ৴པͰ͖ΔηΩϡϦ ςΟ੡඼ΛखʹೖΕΔ͜ͱ͕Ͱ͖Δ

  16. Functions introduced as new features • IAM Access Analyzer (2021೥4݄)

    • ϙϦγʔཤྺͷରԠ

  17. Functions introduced as new features • IAM Access Analyzer (2021೥4݄)

    • ϙϦγʔͷݕূ

  18. Functions introduced as new features • IAM Access Analyzer (2021೥4݄)

    • ϙϦγʔͷϓϨϏϡʔ

  19. Functions introduced as new features • IAM Access Analyzer (2021೥4݄)

    • ࢖ΘΕͯͳ͍ΞΫγϣϯ 
 ͷݕग़

  20. Functions introduced as new features? • Wickrͷങऩ (2021೥6݄)

  21. ֤ηογϣϯ͔Β֞ؒݟΔ ϝοηʔδΛ঺հ

  22. Today's Agenda • Keynote • Leadership session: Data Protection &

    Privacy • Leadership session: Governance, Risk & Compliance • Leadership session: Culture of Security • Leadership session: Identity & Access Management • Leadership session: Threat Detection & Incident Response

  23. Today's Agenda • Keynote • Leadership session: Data Protection &

    Privacy • Leadership session: Governance, Risk & Compliance • Leadership session: Culture of Security • Leadership session: Identity & Access Management • Leadership session: Threat Detection & Incident Response

  24. Threat Detection & Incident Response • GuardDutyͰڴҖΛݕग़ • Security HubͰݕग़ࣄ߲Λू໿ɺίϯϓϥΠΞϯεҧ൓Λݕग़

    • ରԠͷࣗಈԽ΍νϡʔχϯάΛߦͬͯɺΞϥʔτ׳ΕΛ๷͙

  25. Ransomware • ΦϖϨʔγϣϯ༻ͱόοΫΞοϓ༻ͰΞΧ΢ϯτΛ෼͚Δ • S3όʔδϣχϯάͱΦϒδΣΫτϩοΫͷར༻ • DRΛؚΊͨแׅతͳόοΫΞοϓܭըͱήʔϜσΠ • ͞Βʹ۷ΓԼ͛ΔͳΒNIST SP1800-25Λࢀߟʹ͢Δͱ͍͍

  26. Identity and Access Management • ύεϫʔυͷ࢖͍ճ͠ʹΑΔةݥੑ • SSOͷଞɺۈ຿࣌ؒ֎ͷΞΫςΟϏςΟ΍෺ཧσόΠεΛซ༻͢Δଟཁૉೝূ • IAM

    Access Analyzer͸ήʔϜνΣϯδϟʔ • ύʔϛογϣϯ͸ఆظతʹ؂ࠪ • ϢʔβʔάϧʔϓΛ࢖ͬͯɺݖݶ؅ཧͷ൥ࡶ͞Λܰݮ͠Α͏

  27. Network Infrastructure Security • HBOmaxͷࣄྫɿݕग़ͱରԠ • ։ൃ / ϓϩμΫτνʔϜʹద੾ͳΨʔυϨʔϧͷߏங •

    GuardDutyͰڴҖΛݕग़ɺSecurity HubʹFindingsΛू໿ • Event HubʹͦΕͧΕΛू໿

  28. Network Infrastructure Security • HBOmaxͷࣄྫɿݕग़ͱରԠ • ηΩϡϦςΟΤϯδχΞ͸ɺSlackΛհͯ͠मਖ਼ͷͨΊͷyaml Λ࡞੒ • Cloud

    CustodianͰyamlΛLambdaʹม׵ͯࣗ͠ಈԽΛଅਐ

  29. Network Infrastructure Security • HBOmaxͷࣄྫɿݕग़ͱରԠ

  30. Network Infrastructure Security • Con fi dential Computing • AWS

    Nitro Enclaves • ӬଓతͳετϨʔδ΍ΠϯλϥΫςΟϒͳΞΫηεɺ֎෦ωοτϫʔΫ͕ͳ ͍ • ڐՄ͞ΕͨίʔυͷΈ͕Enclaves಺Ͱ࣮ߦ͞Ε͍ͯΔ͜ͱΛݕূͰ͖Δ • KMSͱ౷߹͞Ε͍ͯΔEnclavesͷΈ͕ػີ৘ใʹΞΫηε͢Δ͜ͱ͕Ͱ͖Δ

  31. Data Protection & Privacy • θϩτϥετΞʔΩςΫνϟ • ීวతͳࣄฑͷू߹ମ • ҉໧ͷ৴པͷഉআɺܧଓతͳݕূɺ࠷খݖݶɾ࠷খظؒͰϢʔβʔΛઃఆɺ

    ҟৗͳ׆ಈ΍ѱҙͷ͋Δ׆ಈͷ؂ࢹɺཻ౓ͷߴ͍ϦεΫϕʔείϯτϩʔ ϧɺηΩϡϦςΟͷࣗಈԽ • AWSͷߟ͑ํ • ID؅ཧͱωοτϫʔΫ؅ཧͷ྆ํΛิ͍ͬͯ͘

  32. Data Protection & Privacy • GDPR΁ͷରԠ • αʔϏεͷػೳ͸GDPRద༻ର৅Ͱ͋Δ͔൱͔Λ໰Θͣɺ 
 ͢΂ͯͷސ٬ʹద༻͞ΕΔ

    • GDPRͰཁٻ͞ΕΔసૹධՁͷࢧԉϦιʔε

  33. Data Protection & Privacy • AWSαʔϏεͷϓϥΠόγʔػೳ • αϙʔτϦΫΤετΛॲཧ͢Δୈࡾऀͷ৘ใΛܝࡌͨ͠ αϒϓϩηοαʔ

  34. Data Protection & Privacy • ܭըͳ͠ʹػඍ৘ใΛอଘ͠ͳ͍͜ͱ • ͜ͷ෼໺͸ख୳ΓͰਐΊΔ͜ͱ͸Ͱ͖ͳ͍ • ϏδωεΛऴྃ͢ΔϨϕϧͷϦεΫΛ࣋ͭ

    • ϏδωεͰى͍ͬͯ͜Δ͜ͱΛ۷ΓԼ͛ͯਖ਼֬ʹཧղ͢Δ͜ͱ

  35. Governance, Risk and Compliance • ߴ͍ϨϕϧͷೝূΛड͚ΔͨΊʹ͸ɺ150Ҏ্ͷίϯτϩʔϧΛ ຬͨ͢ඞཁ͕͋Δ • AWSαʔϏε͸ɺ஍Ҭ΍ۀքΛ໰ΘͣԿઍ΋ͷηΩϡϦςΟ؂ࠪ Ͱݕূ͞Ε͍ͯΔ

    • AWS Artifact͔Β࠷৽ͷCSFূ໌ॻΛμ΢ϯϩʔυͰ͖Δ

  36. Governance, Risk and Compliance • ࠓ೔Ͱ͖Δ͜ͱɿCloud؂ࠪΞΧσϛʔ

  37. Leadership Sessionͷϝοηʔδ

  38. Leadership session: 
 Data Protection & Privacy • จԽΛܗ੒͢Δ •

    ֤νʔϜʹηΩϡϦςΟ୲౰ऀ͕૊Έࠐ·Ε͍ͯΔ • ҉߸Խ͢Ε͹͍͍Θ͚Ͱ͸ͳ͍ • 伴ͷ؅ཧͱಁ໌ੑʢAlexaͷࣄྫʣ • ϓϥΠόγʔ͸ɺʮԿΛ͢Δ͔ʯͱ͍͏͜ͱ

  39. Leadership session: Governance, Risk & Compliance • ίϯϓϥΠΞϯεΛࣗ෼ͨͪͷ΋ͷʹ͢Δ6ͷڭ܇ • 10೥ؒͰੵΈ্͖͛ͯͨCompliance

    as a CodeΛ 
 ࣮ફ͢ΔͨΊͷڭ܇

  40. Leadership session: Governance, Risk & Compliance • ૣࣦ͘ഊ͢Δ͜ͱ • ؂ࠪͷͨΊͷΤϯδχΞ

    • ίϯϓϥΠΞϯεʹັͤΒΕͨΤϯδχΞ • ઐ໳؂ࠪਓͷ୆಄ • ৑௕ੑΛ࣋ͨͤΔ • ੡඼ͷͲ͜ʹয఺Λ౰ͯΔ͔

  41. Leadership session: Governance, Risk & Compliance • ΋ͬͱֶश͍ͨ͠ਓͷͨΊʹ

  42. Leadership session: 
 Culture of Security • ηΩϡϦςΟ͸όφφͰͨ͠

  43. Tenets ͱ͍͏ݴ༿͕ҿΈࠐΊͳͯ͘ Կ΋ೖ͖ͬͯ·ͤΜͰͨ͠ ͞ʔͤΜ

  44. Leadership session: 
 Identity & Access Management • AWS OrganizationsΛ࢖ͬͯϚϧνΞΧ΢ϯτΛ؅ཧ

    • AWS SSOΛ࢖ͬͯΞΧ΢ϯτͷதԝ؅ཧ • σʔλϖϦϛλ • SCP, VPC Endpoint Policy, Resource-based policys

  45. Leadership session: 
 Identity & Access Management • ࠷খݖݶ΁ͷཱྀ •

    IAM Access Analyzerͷ঺հ • IAM࠲ஊձ

  46. Leadership session: 
 Threat Detection & Incident Response • ηΩϡϦςΟػೳΛ࢖ͬͯରԠ࣌ؒΛ୹ॖ͠Α͏

  47. Leadership session: 
 Threat Detection & Incident Response • GuardDutyͷϕετϓϥΫςΟεͷ঺հ

    • ରސ٬ͷηΩϡϦςΟΦϖϨʔγϣϯνʔϜͷ࿩ • ͍Ζ͍Ζ΍ͬͯΔ͚Ͳɺ؅ཧऀϝʔϧ͚ͩ͸Ϛδड৴͠Ζ • ߦ͏΂͖ΞΫγϣϯTop10ʢීวతͳ࿩ʣ

  48. Leadership session: 
 Threat Detection & Incident Response • ߦ͏΂͖ΞΫγϣϯTop10ʢීวతͳ࿩ʣ

  49. Leadership session: 
 Threat Detection & Incident Response • ߦ͏΂͖ΞΫγϣϯTop10ʢීวతͳ࿩ʣ

  50. A bird's eye view • ։ൃϓϩηεʹηΩϡϦςΟΛ૊ΈࠐΉจԽͱ 
 ίϯϓϥΠϯεΛ૊ΈࠐΉจԽ͸ࣅ͍ͯΔ • ϓϥΠόγʔͷߟ͑ํͷ಄ग़͠ʢੈͷதͷૌٻ΁ͷରԠʣ

    • Compliance as a Code͸ɺ·ͩ·ͩීٴ͍ͯ͠ͳ͍ • ೿खͳ໨৽͍͠΋ͷͰ͸ͳ͘ɺීวతͳࣄฑͷੵΈ্͛

  51. Thank you !