Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
re:Inforce 2021 ReCap
Search
fnifni
August 29, 2021
Technology
0
180
re:Inforce 2021 ReCap
Security-JAWS#22のシークレットセッションで発表した、日本一早いre:Inforce 2021 のReCapです
#secjaws #secjaws22
fnifni
August 29, 2021
Tweet
Share
More Decks by fnifni
See All by fnifni
生成AIのガバナンスとこれから
fnifni
0
88
AWS re:Inforce 2024 に コミュニティから登壇してきた話
fnifni
0
24
COM224: How organizations are actually applying AWS security best practices
fnifni
0
24
BsidesTokyo2024_AWSセキュリティの ベストプラクティスに関する 利用実態調査のレポートの紹介
fnifni
0
24
re:Inforce2024-recap_英語力ゴミカスでもフル英語登壇を乗り切る成功メソッド
fnifni
0
94
信頼ルールはGoogle Drive共有の孫の手になるか?
fnifni
0
190
ゼロトラスト導入支援ってどんなことやってるの?
fnifni
0
52
ログの話
fnifni
0
55
CloudTailをAzure Sentinelで 分析するということ
fnifni
1
180
Other Decks in Technology
See All in Technology
【若手エンジニア応援LT会】AWS Security Hubの活用に苦労した話
kazushi_ohata
0
160
Product Engineer Night #6プロダクトエンジニアを育む仕組み・施策
hacomono
PRO
1
460
新卒1年目が向き合う生成AI事業の開発を加速させる技術選定 / ai-web-launcher
cyberagentdevelopers
PRO
7
1.5k
グローバル展開を見据えたサービスにおける機械翻訳プラクティス / dp-ai-translating
cyberagentdevelopers
PRO
1
150
急成長中のWINTICKETにおける品質と開発スピードと向き合ったQA戦略と今後の展望 / winticket-autify
cyberagentdevelopers
PRO
1
160
サイロ化した金融システムを、packwerk を利用して無事故でリファクタリングした話
coincheck_recruit
3
3.7k
[JAWS-UG金沢支部×コンテナ支部合同企画]コンテナとは何か
furuton
3
230
Commitment vs Harrisonism - Keynote for Scrum Niseko 2024
miholovesq
6
1k
大規模データ基盤チームのオンプレTiDB運用への挑戦 / dpu-tidb
cyberagentdevelopers
PRO
1
110
「最高のチューニング」をしないために / hack@delta 24.10
fujiwara3
21
3.4k
新R25、乃木坂46 Mobileなどのファンビジネスを支えるマルチテナンシーなプラットフォームの全体像 / cam-multi-cloud
cyberagentdevelopers
PRO
1
130
使えそうで使われないCloudHSM
maikamibayashi
0
170
Featured
See All Featured
Become a Pro
speakerdeck
PRO
24
5k
Navigating Team Friction
lara
183
14k
10 Git Anti Patterns You Should be Aware of
lemiorhan
654
59k
Evolution of real-time – Irina Nazarova, EuRuKo, 2024
irinanazarova
4
290
Code Reviewing Like a Champion
maltzj
519
39k
jQuery: Nuts, Bolts and Bling
dougneiner
61
7.5k
Producing Creativity
orderedlist
PRO
341
39k
Responsive Adventures: Dirty Tricks From The Dark Corners of Front-End
smashingmag
250
21k
Facilitating Awesome Meetings
lara
49
6k
Typedesign – Prime Four
hannesfritz
39
2.4k
Docker and Python
trallard
40
3.1k
Making the Leap to Tech Lead
cromwellryan
132
8.9k
Transcript
re:Inforce 2021 ReCap Japan’s earliest re:Inforce challenge to ReCap By
Hirokazu Yoshida / At S-JAWS#21 / 2021.8.27
re:Inforce 2021 ReCap ຊҰૣ͍re:InforceͷReCapͷઓ ٢ాͻΖ͔ͣ / S-JAWS#21 / 2021.8.27
Who am I !? Hirokazu Yoshida @ CloudNative Inc. Job
: Security Engineer Community : Security-JAWS Favorite AWS Service :
Attention !! • ຊηογϣϯɺݸਓͷݟղʹجͮ͘ͷͰ͢ • ॴଐ͢ΔاۀɺஂମͷҙݟΛද͢ΔͷͰ͋Γ·ͤΜ • and more …
re:Inforceͬͯ ͳΜ͡ΌΒ΄͍ʁ
About re:Inforce • AWS͕ओ࠵͢ΔηΩϡϦςΟɺΞΠσϯςΟςΟɺ ίϯϓϥΠΞϯεʹಛԽͨ͠ϥʔχϯάΧϯϑΝϨϯε • ॳճ2019ʹϘετϯͰ։࠵ʢຊਓͷࢀՃऀ61໊ʣ • 2020
(ώϡʔετϯ) ɺίϩφͷӨڹͰதࢭ • ࠓதࢭͷةػΛΓӽ͑ɺஃͰόʔνϟϧॖ։࠵
΄ʔΜ re:Inforceͬͯ re:InventͷηΩϡϦςΟ൛ ͳΜͰ͠ΐʁ
ηΩϡϦςΟ৽ػೳͷൃදϥογϡ ͨͷ͠Έͳ͊ʂ
ͱࢥ͍ͬͯͨ࣌ظ ͋Γ·ͨ͠
About re:Inforce • AWS͕ओ࠵͢ΔηΩϡϦςΟɺΞΠσϯςΟςΟɺ ίϯϓϥΠΞϯεʹಛԽͨ͠ϥʔχϯάΧϯϑΝϨϯε • ॳճ2019ʹϘετϯͰ։࠵ʢຊਓͷࢀՃऀ61໊ʣ • 2020ɺίϩφͷӨڹͰதࢭ
• ࠓதࢭͷةػΛΓӽ͑ɺஃͰόʔνϟϧॖ։࠵
৽ػೳগͳ͍ʂͬͯ ͦͦओࢫ͕ҧ͏
ͦΕͰ͋ͬͨ ৽ػೳͷൃදΛհ͠·͢
Functions introduced as new features • AWS Backup Audit Manager
• AWS Backup͕ಈ࡞͍ͯ͠ΔʮใʯΛݟΔ͜ͱ͕Ͱ͖Δ
Functions introduced as new features • AWS IoT CoreͷVPC Endpoint
(Private Link) ରԠ • IoT Coreͷ௨৴ΛެڞͷΠϯλʔωοτʹग़ͣ͞ʹऩू͢Δ
Functions introduced as new features • Level 1 MSSPϓϩάϥϜͷ։࢝ •
جຊతͳ࣭ج४Λຬͨͨ͠ύʔτφʔ͕ొ͞Ε͍ͯΔ • 10छྨͷͰӡ༻ؚΊͨظతʹ৴པͰ͖ΔηΩϡϦ ςΟΛखʹೖΕΔ͜ͱ͕Ͱ͖Δ
Functions introduced as new features • IAM Access Analyzer (20214݄)
• ϙϦγʔཤྺͷରԠ
Functions introduced as new features • IAM Access Analyzer (20214݄)
• ϙϦγʔͷݕূ
Functions introduced as new features • IAM Access Analyzer (20214݄)
• ϙϦγʔͷϓϨϏϡʔ
Functions introduced as new features • IAM Access Analyzer (20214݄)
• ΘΕͯͳ͍ΞΫγϣϯ ͷݕग़
Functions introduced as new features? • Wickrͷങऩ (20216݄)
֤ηογϣϯ͔Β֞ؒݟΔ ϝοηʔδΛհ
Today's Agenda • Keynote • Leadership session: Data Protection &
Privacy • Leadership session: Governance, Risk & Compliance • Leadership session: Culture of Security • Leadership session: Identity & Access Management • Leadership session: Threat Detection & Incident Response
Today's Agenda • Keynote • Leadership session: Data Protection &
Privacy • Leadership session: Governance, Risk & Compliance • Leadership session: Culture of Security • Leadership session: Identity & Access Management • Leadership session: Threat Detection & Incident Response
Threat Detection & Incident Response • GuardDutyͰڴҖΛݕग़ • Security HubͰݕग़ࣄ߲ΛूɺίϯϓϥΠΞϯεҧΛݕग़
• ରԠͷࣗಈԽνϡʔχϯάΛߦͬͯɺΞϥʔτ׳ΕΛ͙
Ransomware • ΦϖϨʔγϣϯ༻ͱόοΫΞοϓ༻ͰΞΧϯτΛ͚Δ • S3όʔδϣχϯάͱΦϒδΣΫτϩοΫͷར༻ • DRΛؚΊͨแׅతͳόοΫΞοϓܭըͱήʔϜσΠ • ͞Βʹ۷ΓԼ͛ΔͳΒNIST SP1800-25Λࢀߟʹ͢Δͱ͍͍
Identity and Access Management • ύεϫʔυͷ͍ճ͠ʹΑΔةݥੑ • SSOͷଞɺۈ࣌ؒ֎ͷΞΫςΟϏςΟཧσόΠεΛซ༻͢Δଟཁૉೝূ • IAM
Access AnalyzerήʔϜνΣϯδϟʔ • ύʔϛογϣϯఆظతʹࠪ • ϢʔβʔάϧʔϓΛͬͯɺݖݶཧͷࡶ͞Λܰݮ͠Α͏
Network Infrastructure Security • HBOmaxͷࣄྫɿݕग़ͱରԠ • ։ൃ / ϓϩμΫτνʔϜʹదͳΨʔυϨʔϧͷߏங •
GuardDutyͰڴҖΛݕग़ɺSecurity HubʹFindingsΛू • Event HubʹͦΕͧΕΛू
Network Infrastructure Security • HBOmaxͷࣄྫɿݕग़ͱରԠ • ηΩϡϦςΟΤϯδχΞɺSlackΛհͯ͠मਖ਼ͷͨΊͷyaml Λ࡞ • Cloud
CustodianͰyamlΛLambdaʹมͯࣗ͠ಈԽΛଅਐ
Network Infrastructure Security • HBOmaxͷࣄྫɿݕग़ͱରԠ
Network Infrastructure Security • Con fi dential Computing • AWS
Nitro Enclaves • ӬଓతͳετϨʔδΠϯλϥΫςΟϒͳΞΫηεɺ֎෦ωοτϫʔΫ͕ͳ ͍ • ڐՄ͞ΕͨίʔυͷΈ͕EnclavesͰ࣮ߦ͞Ε͍ͯΔ͜ͱΛݕূͰ͖Δ • KMSͱ౷߹͞Ε͍ͯΔEnclavesͷΈ͕ػີใʹΞΫηε͢Δ͜ͱ͕Ͱ͖Δ
Data Protection & Privacy • θϩτϥετΞʔΩςΫνϟ • ීวతͳࣄฑͷू߹ମ • ҉ͷ৴པͷഉআɺܧଓతͳݕূɺ࠷খݖݶɾ࠷খظؒͰϢʔβʔΛઃఆɺ
ҟৗͳ׆ಈѱҙͷ͋Δ׆ಈͷࢹɺཻͷߴ͍ϦεΫϕʔείϯτϩʔ ϧɺηΩϡϦςΟͷࣗಈԽ • AWSͷߟ͑ํ • IDཧͱωοτϫʔΫཧͷ྆ํΛิ͍ͬͯ͘
Data Protection & Privacy • GDPRͷରԠ • αʔϏεͷػೳGDPRద༻ରͰ͋Δ͔൱͔ΛΘͣɺ ͯ͢ͷސ٬ʹద༻͞ΕΔ
• GDPRͰཁٻ͞ΕΔసૹධՁͷࢧԉϦιʔε
Data Protection & Privacy • AWSαʔϏεͷϓϥΠόγʔػೳ • αϙʔτϦΫΤετΛॲཧ͢ΔୈࡾऀͷใΛܝࡌͨ͠ αϒϓϩηοαʔ
Data Protection & Privacy • ܭըͳ͠ʹػඍใΛอଘ͠ͳ͍͜ͱ • ͜ͷख୳ΓͰਐΊΔ͜ͱͰ͖ͳ͍ • ϏδωεΛऴྃ͢ΔϨϕϧͷϦεΫΛ࣋ͭ
• ϏδωεͰى͍ͬͯ͜Δ͜ͱΛ۷ΓԼ͛ͯਖ਼֬ʹཧղ͢Δ͜ͱ
Governance, Risk and Compliance • ߴ͍ϨϕϧͷೝূΛड͚ΔͨΊʹɺ150Ҏ্ͷίϯτϩʔϧΛ ຬͨ͢ඞཁ͕͋Δ • AWSαʔϏεɺҬۀքΛΘͣԿઍͷηΩϡϦςΟࠪ Ͱݕূ͞Ε͍ͯΔ
• AWS Artifact͔Β࠷৽ͷCSFূ໌ॻΛμϯϩʔυͰ͖Δ
Governance, Risk and Compliance • ࠓͰ͖Δ͜ͱɿCloudࠪΞΧσϛʔ
Leadership Sessionͷϝοηʔδ
Leadership session: Data Protection & Privacy • จԽΛܗ͢Δ •
֤νʔϜʹηΩϡϦςΟ୲ऀ͕Έࠐ·Ε͍ͯΔ • ҉߸Խ͢Ε͍͍Θ͚Ͱͳ͍ • 伴ͷཧͱಁ໌ੑʢAlexaͷࣄྫʣ • ϓϥΠόγʔɺʮԿΛ͢Δ͔ʯͱ͍͏͜ͱ
Leadership session: Governance, Risk & Compliance • ίϯϓϥΠΞϯεΛࣗͨͪͷͷʹ͢Δ6ͷڭ܇ • 10ؒͰੵΈ্͖͛ͯͨCompliance
as a CodeΛ ࣮ફ͢ΔͨΊͷڭ܇
Leadership session: Governance, Risk & Compliance • ૣࣦ͘ഊ͢Δ͜ͱ • ࠪͷͨΊͷΤϯδχΞ
• ίϯϓϥΠΞϯεʹັͤΒΕͨΤϯδχΞ • ઐࠪਓͷ಄ • ੑΛ࣋ͨͤΔ • ͷͲ͜ʹযΛͯΔ͔
Leadership session: Governance, Risk & Compliance • ͬͱֶश͍ͨ͠ਓͷͨΊʹ
Leadership session: Culture of Security • ηΩϡϦςΟόφφͰͨ͠
Tenets ͱ͍͏ݴ༿͕ҿΈࠐΊͳͯ͘ Կೖ͖ͬͯ·ͤΜͰͨ͠ ͞ʔͤΜ
Leadership session: Identity & Access Management • AWS OrganizationsΛͬͯϚϧνΞΧϯτΛཧ
• AWS SSOΛͬͯΞΧϯτͷதԝཧ • σʔλϖϦϛλ • SCP, VPC Endpoint Policy, Resource-based policys
Leadership session: Identity & Access Management • ࠷খݖݶͷཱྀ •
IAM Access Analyzerͷհ • IAM࠲ஊձ
Leadership session: Threat Detection & Incident Response • ηΩϡϦςΟػೳΛͬͯରԠ࣌ؒΛॖ͠Α͏
Leadership session: Threat Detection & Incident Response • GuardDutyͷϕετϓϥΫςΟεͷհ
• ରސ٬ͷηΩϡϦςΟΦϖϨʔγϣϯνʔϜͷ • ͍Ζ͍ΖͬͯΔ͚Ͳɺཧऀϝʔϧ͚ͩϚδड৴͠Ζ • ߦ͏͖ΞΫγϣϯTop10ʢීวతͳʣ
Leadership session: Threat Detection & Incident Response • ߦ͏͖ΞΫγϣϯTop10ʢීวతͳʣ
Leadership session: Threat Detection & Incident Response • ߦ͏͖ΞΫγϣϯTop10ʢීวతͳʣ
A bird's eye view • ։ൃϓϩηεʹηΩϡϦςΟΛΈࠐΉจԽͱ ίϯϓϥΠϯεΛΈࠐΉจԽࣅ͍ͯΔ • ϓϥΠόγʔͷߟ͑ํͷ಄ग़͠ʢੈͷதͷૌٻͷରԠʣ
• Compliance as a Codeɺ·ͩ·ͩීٴ͍ͯ͠ͳ͍ • खͳ৽͍͠ͷͰͳ͘ɺීวతͳࣄฑͷੵΈ্͛
Thank you !