Tweet
Tweet

Slide 1

Slide 1 text

Cloud Security From Scratch Sena Yakut, 2023

Slide 2

Slide 2 text

About Me Senior Cloud Security Engineer @Lyrebird Studio senayakut.com /sena-yakut Security & Identity @sena_yakutt

Slide 3

Slide 3 text

Cloud Security Challenges - Lots of different environments, - Lots of cloud services that we should protect, - Lack of skills, - Lots of cloud security products, struggling to choose which one is the best, - Everyday, a new scenario, - Development is still ongoing, we need to think about security also. - Attackers are fast learners.

Slide 4

Slide 4 text

Shared Responsibility Model for Cloud

Slide 5

Slide 5 text

Your To-Do List for an AWS Account Use a distribution list for the root account - The most important account for cloud resources, - Phishing is still a most dangerous threat. - Use a group instead of one person. - Store securely the password.

Slide 6

Slide 6 text

Your To-Do List for an AWS Account Use MFA - MFA is not an option, it’s a necessity. - Enable MFA wherever you can. - Use Authenticator apps, OTP tokens, etc. - Use multiple MFA options.

Slide 7

Slide 7 text

Your To-Do List for an AWS Account Enable AWS CloudTrail - Who, when, what? - Focuses on the AWS environment and users, - Configure AWS CloudTrail in all regions enabled, - Store CloudTrail Logs, - Enable log file integrity for your logs.

Slide 8

Slide 8 text

Your To-Do List for an AWS Account Enable AWS CloudTrail

Slide 9

Slide 9 text

Your To-Do List for an AWS Account Enable Amazon GuardDuty - Threat detection, - Continuous monitoring service, - For your AWS accounts and workloads, - Just a few clicks for enabling, - Actionable results for your environment.

Slide 10

Slide 10 text

Your To-Do List for an AWS Account Enable Amazon GuardDuty

Slide 11

Slide 11 text

Your To-Do List for an AWS Account Enable Amazon GuardDuty

Slide 12

Slide 12 text

Your To-Do List for an AWS Account Centralize Your Security Logs - Lots of logs: CloudWatch, Access Logs, CloudTrail, VPC Flow Logs etc. - Centralized storage in different AWS account is important.

Slide 13

Slide 13 text

Your To-Do List for an AWS Account Centralize Your Security Logs

Slide 14

Slide 14 text

Your To-Do List for an AWS Account Use Infrastructure as Code - Minimize the risk of human error, - Increased efficiency, - You’ll code all security best practices once, they can be deployed without any security misconfigurations anytime you want.

Slide 15

Slide 15 text

Your To-Do List for an AWS Account Use Infrastructure as Code IaC security scanning options

Slide 16

Slide 16 text

Your To-Do List for an AWS Account Review Your Resources Regularly - Use CSPM tools, - Review, audit, alert, monitor with different options.

Slide 17

Slide 17 text

Your To-Do List for an AWS Account Review Your Resources Regularly

Slide 18

Slide 18 text

Your To-Do List for an AWS Account Review Your Resources Regularly

Slide 19

Slide 19 text

Questions?