[Presented at BsidesSeattle 2016 on 2016-02-20]
[http://www.securitybsides.com/w/page/103147483/BsidesSeattle2015]
Traditional security strategies and controls have long been struggling to keep up with the rapidly evolving threat landscape, and we have quickly learned that these familiar tools and tactics are inadequate for the challenges organizations face in securing cloud environments. The combined dynamics of rapidly-changing elastic infrastructure in the cloud and today’s accelerated threat landscape combine to produce a potentially catastrophic failure scenario for organizations pinning their security strategy on outdated legacy technologies. Complicating matters is the fact that traditional on-premises security tools either can’t offer the same protection for cloud infrastructure assets or often require too many architectural changes to a cloud environment, negating much of the anticipated gains. Simply put, security technologies built for the on-premises datacenter have no place in the cloud - they look and act out of place, don’t take full advantage of the environment, and often need to be operated by specialists in a less-than-elegant fashion. Having participated in some of the biggest AWS deployments ever executed, we have learned a great deal about the most common risks you are likely to encounter and can offer advice for mitigating and remediating them. We will cover everything from API key and MFA Token management to IAM and Use Roles with STS AssumeRole, and we will detail the top ten most fundamental security best practices that will markedly reduce your organization’s overall risk profile.