○ Passionate about security since high school
○ 12 years in Security
○ “Discovered” the cloud and fell in love!
○ Managed Security Services, Sirius computer Solutions
○ A Jiu Jitsu Practitioner
○ Look me up on Linkedin
■ https://www.linkedin.com/in/ahmadabugharbieh/
■ Email: [email protected]
Ahmed Abugharbia
Traditional Security
● Network Security
● Vulnerability Management
● Security Operation Centers
● Red Team (Penetration Testers)
● Applications Security
● Governance and Compliance
Slide 6
Slide 6 text
AWS Cloud
● AWS Cloud is just different
○ Agile
○ Fast
○ Comprehensive ( So many Services)
○ Changes often
○ New Terminology
Slide 7
Slide 7 text
New concepts
● EC2 Instances
● S3 Buckets
● Containers
● Lambdas
● API Gateways
● And much more
Slide 8
Slide 8 text
We went from this:
Slide 9
Slide 9 text
To something like this:
Slide 10
Slide 10 text
So what has changed?
Less emphasis on network security
● Smaller Attack surface
● New “types” of infrastructure
○ API Gateways, S3s, Lambda
● Attackers’ focus is shifting
Slide 11
Slide 11 text
So what has changed?
More emphasis on Application Security
● New attack vectors
○ AWS Infra related
○ Applications related
Slide 12
Slide 12 text
So what has changed?
Infrastructure as code
● DevOps Integrated security
(DevSecOps)
● Faster Changes
● Easier to Audit?
Slide 13
Slide 13 text
So what has changed?
Security as code
● Automated remediation
● Automated Incident response
Slide 14
Slide 14 text
How to deal with this?
● Learning
● Adapt
● Don't be a blocker