Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Convincing security to let you deploy in AWS

Ashish
September 14, 2017
Technology
0
73

Convincing security to let you deploy in AWS

Slides from my talk at AWS Security Meetup in Melbourne, Australia - Sept,2017

https://www.eventbrite.com.au/e/aws-security-meetup-melbourne-sept-14th-2017-2nd-thursday-tickets-37088552860

Ashish

September 14, 2017
Tweet

More Decks by Ashish

See All by Ashish
Traditional Security is Dead! - NYC-Sep2018
hashishrajan
0
38
Automated Detection and Remediation in AWS
hashishrajan
0
70
Long living creds in Cloud?
hashishrajan
0
56
DevSecOps Meetup - Security Challenges in DevOps - Wynand Viljoen
hashishrajan
0
170
GuardDuty - the non AWS version - Feb2018
hashishrajan
0
80
Security in the world of Cloud and Chaos Engineering
hashishrajan
0
69
Walkthrough of a compromised AWS Account - AWS Meetup Nov2016
hashishrajan
0
96
Walkthrough of a compromised AWS Account-InfraCoder-MeetupNov2016
hashishrajan
0
98

Other Decks in Technology

See All in Technology
反実仮想機械学習とは何か
usaito
PRO
11
4.2k
Vertex AI を中心に 生成AIのアップデートを共有します
kaz1437
0
300
Hands-on Gemini, the Google DeepMind LLM
meteatamel
1
110
継続的な改善 x ⾮連続的な進化
sansantech
PRO
3
150
Cracking the KubeCon CfP
inductor
2
240
データベース02: データベースの概念
trycycle
0
150
20分で完全に理解するGrafanaダッシュボード
hamadakoji
3
330
Google Cloud Next '24でブログを10本書いた方法と勉強会を沸かせた方法
yasumuusan
0
290
開発生産性向上サービスを作るFindyが自分たちで開発生産性を爆上げした組織づくりの歩み / Findy's path to boosting its own development productivity 2024-04-17
ma3tk
3
630
MLOpsの「壁」を乗り越える、LINEヤフーの Data Quality as Code
lycorptech_jp
PRO
5
460
NgRx Signal Store
rainerhahnekamp
0
150
ユーザーストーリーのレビューを自動化したみたの
bun913
1
410

Featured

See All Featured
Infographics Made Easy
chrislema
238
18k
Navigating Team Friction
lara
178
13k
Faster Mobile Websites
deanohume
299
30k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
125
32k
Into the Great Unknown - MozCon
thekraken
10
990
How to train your dragon (web standard)
notwaldorf
73
5.2k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
40
4.4k
jQuery: Nuts, Bolts and Bling
dougneiner
59
7.1k
ReactJS: Keep Simple. Everything can be a component!
pedronauck
659
120k
Designing for humans not robots
tammielis
248
25k
The Illustrated Children's Guide to Kubernetes
chrisshort
31
46k
StorybookのUI Testing Handbookを読んだ
zakiyama
13
4.6k

Transcript

  1. Convincing security to let you deploy in AWS AWS Security

    Meetup – September, 2017

  2. Who am I? Ashish Rajan https://au.linkedin.com/in/ashishrajan @hashishrajan Security Architect Trying

    to make cloud a safer space J Versent – 7th in the list of fastest growing startup in Australia for 2016 (source: BRW Australia 2016 edition)

  3. What is covered • Security Training • Magic Beans to

    convince security • Technology challenges Cloud • Security challenges Cloud (AWS) Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  4. Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  5. Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  6. • Public • Multi-Location • Existing Security Measures don’t work

    • Shared Security Model • Public breaches • Unknown What Security doesn’t like Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan
  7. None

  8. What Security does like Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  9. Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  10. M&M Pattern Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  11. Security Challenges Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  12. Security Challenge - 1 IAM Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  13. IAM Identity and Access Management (IAM) Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  14. IAM Identity - Employees Employees Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  15. IAM Identity - Customers Customers Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  16. IAM Identity Management Join, modify, leave Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  17. IAM Identity - Access Management Role based Access Control (RBAC)

    Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  18. IAM Identity - Auditing Auditing - Identities Linkedin: https://au.linkedin.com/in/ashishrajan Twitter:

    @hashishrajan

  19. Security Challenge - 2 Data security and compliance Linkedin: https://au.linkedin.com/in/ashishrajan

    Twitter: @hashishrajan

  20. Data security and compliance Data Residency Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  21. Data security and compliance Data Access Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  22. Security Challenge - 3 Data Encryption Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  23. Encryption Encryption at rest Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  24. Encryption Encryption in transit Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  25. Security Challenge - 4 Backup & Restore Linkedin: https://au.linkedin.com/in/ashishrajan Twitter:

    @hashishrajan

  26. Backup & Restore – Disaster Recovery Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  27. Security Challenge - 5 Monitoring & Alerting Linkedin: https://au.linkedin.com/in/ashishrajan Twitter:

    @hashishrajan

  28. Monitoring & Alerting Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  29. Security Challenge - 6 Patching Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  30. Patching Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  31. Security Challenge - 7 Auditing Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  32. Auditing Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  33. Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  34. Best Practices 1. Security Best Practices Whitepaper 2. Compliance section

    of the cloud provider 3. Center for Internet Security (CIS) Standard for AWS Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  35. Take away To make security say YES! Linkedin: https://au.linkedin.com/in/ashishrajan Twitter:

    @hashishrajan

  36. Next Evolution “IT spending is steadily shifting from traditional IT

    offerings to cloud services (cloud shift). The aggregate amount of cloud shift in 2016 is estimated to reach $111 billion, increasing to $216 billion in 2020. ” – Gartner – July,2016 Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  37. Cloud Customers 1. Financial Agencies 2. Transport Agencies 3. Property

    4. Telecom 5. Health 6. Government Agencies 7. More getting added… Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  38. Next Evolution of security in a cloud world 1. Cloud

    Provider Security Posture 2. Event Driven Security 3. Security in CI/CD Pipeline 4. Security broker for SaaS applications (e.g Dropbox) Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan

  39. Ashish Rajan Linkedin: https://au.linkedin.com/in/ashishrajan Twitter: @hashishrajan