Tweet
Tweet

Slide 1

Slide 1 text

re:Inforce 2021 ReCap Japan’s earliest re:Inforce challenge to ReCap By Hirokazu Yoshida / At S-JAWS#21 / 2021.8.27

Slide 2

Slide 2 text

re:Inforce 2021 ReCap ೔ຊҰૣ͍re:InforceͷReCap΁ͷ௅ઓ ٢ాͻΖ͔ͣ / S-JAWS#21 / 2021.8.27

Slide 3

Slide 3 text

Who am I !? Hirokazu Yoshida @ CloudNative Inc. Job : Security Engineer Community : Security-JAWS Favorite AWS Service :

Slide 4

Slide 4 text

Attention !! • ຊηογϣϯ͸ɺݸਓͷݟղʹجͮ͘΋ͷͰ͢ • ॴଐ͢ΔاۀɺஂମͷҙݟΛ୅ද͢Δ΋ͷͰ͸͋Γ·ͤΜ • and more …

Slide 5

Slide 5 text

re:Inforceͬͯ ͳΜ͡ΌΒ΄͍ʁ

Slide 6

Slide 6 text

About re:Inforce • AWS͕ओ࠵͢ΔηΩϡϦςΟɺΞΠσϯςΟςΟɺ 
 ίϯϓϥΠΞϯεʹಛԽͨ͠ϥʔχϯάΧϯϑΝϨϯε • ॳճ͸2019೥ʹϘετϯͰ։࠵ʢ೔ຊਓͷࢀՃऀ͸61໊ʣ • 2020೥ (ώϡʔετϯ) ͸ɺίϩφͷӨڹͰதࢭ • ࠓ೥͸தࢭͷةػΛ৐Γӽ͑ɺ౔ஃ৔Ͱόʔνϟϧ୹ॖ։࠵

Slide 7

Slide 7 text

΄ʔΜ re:Inforceͬͯ re:InventͷηΩϡϦςΟ൛ ͳΜͰ͠ΐʁ

Slide 8

Slide 8 text

ηΩϡϦςΟ৽ػೳͷൃදϥογϡ ͨͷ͠Έ΍ͳ͊ʂ

Slide 9

Slide 9 text

ͱࢥ͍ͬͯͨ࣌ظ΋ ͋Γ·ͨ͠

Slide 10

Slide 10 text

About re:Inforce • AWS͕ओ࠵͢ΔηΩϡϦςΟɺΞΠσϯςΟςΟɺ 
 ίϯϓϥΠΞϯεʹಛԽͨ͠ϥʔχϯάΧϯϑΝϨϯε • ॳճ͸2019೥ʹϘετϯͰ։࠵ʢ೔ຊਓͷࢀՃऀ͸61໊ʣ • 2020೥͸ɺίϩφͷӨڹͰதࢭ • ࠓ೥΋தࢭͷةػΛ৐Γӽ͑ɺ౔ஃ৔Ͱόʔνϟϧ୹ॖ։࠵

Slide 11

Slide 11 text

৽ػೳগͳ͍ʂͬͯ ͦ΋ͦ΋ओࢫ͕ҧ͏

Slide 12

Slide 12 text

ͦΕͰ΋͋ͬͨ ৽ػೳͷൃදΛ঺հ͠·͢

Slide 13

Slide 13 text

Functions introduced as new features • AWS Backup Audit Manager • AWS Backup͕ಈ࡞͍ͯ͠Δʮ೔ใʯΛݟΔ͜ͱ͕Ͱ͖Δ

Slide 14

Slide 14 text

Functions introduced as new features • AWS IoT CoreͷVPC Endpoint (Private Link) ରԠ • IoT Coreͷ௨৴ΛެڞͷΠϯλʔωοτʹग़ͣ͞ʹऩू͢Δ

Slide 15

Slide 15 text

Functions introduced as new features • Level 1 MSSPϓϩάϥϜͷ։࢝ • جຊతͳ඼࣭ج४Λຬͨͨ͠ύʔτφʔ͕ొ࿥͞Ε͍ͯΔ • 10छྨͷ෼໺Ͱӡ༻΋ؚΊͨ௕ظతʹ৴པͰ͖ΔηΩϡϦ ςΟ੡඼ΛखʹೖΕΔ͜ͱ͕Ͱ͖Δ

Slide 16

Slide 16 text

Functions introduced as new features • IAM Access Analyzer (2021೥4݄) • ϙϦγʔཤྺͷରԠ

Slide 17

Slide 17 text

Functions introduced as new features • IAM Access Analyzer (2021೥4݄) • ϙϦγʔͷݕূ

Slide 18

Slide 18 text

Functions introduced as new features • IAM Access Analyzer (2021೥4݄) • ϙϦγʔͷϓϨϏϡʔ

Slide 19

Slide 19 text

Functions introduced as new features • IAM Access Analyzer (2021೥4݄) • ࢖ΘΕͯͳ͍ΞΫγϣϯ 
 ͷݕग़

Slide 20

Slide 20 text

Functions introduced as new features? • Wickrͷങऩ (2021೥6݄)

Slide 21

Slide 21 text

֤ηογϣϯ͔Β֞ؒݟΔ ϝοηʔδΛ঺հ

Slide 22

Slide 22 text

Today's Agenda • Keynote • Leadership session: Data Protection & Privacy • Leadership session: Governance, Risk & Compliance • Leadership session: Culture of Security • Leadership session: Identity & Access Management • Leadership session: Threat Detection & Incident Response

Slide 23

Slide 23 text

Today's Agenda • Keynote • Leadership session: Data Protection & Privacy • Leadership session: Governance, Risk & Compliance • Leadership session: Culture of Security • Leadership session: Identity & Access Management • Leadership session: Threat Detection & Incident Response

Slide 24

Slide 24 text

Threat Detection & Incident Response • GuardDutyͰڴҖΛݕग़ • Security HubͰݕग़ࣄ߲Λू໿ɺίϯϓϥΠΞϯεҧ൓Λݕग़ • ରԠͷࣗಈԽ΍νϡʔχϯάΛߦͬͯɺΞϥʔτ׳ΕΛ๷͙

Slide 25

Slide 25 text

Ransomware • ΦϖϨʔγϣϯ༻ͱόοΫΞοϓ༻ͰΞΧ΢ϯτΛ෼͚Δ • S3όʔδϣχϯάͱΦϒδΣΫτϩοΫͷར༻ • DRΛؚΊͨแׅతͳόοΫΞοϓܭըͱήʔϜσΠ • ͞Βʹ۷ΓԼ͛ΔͳΒNIST SP1800-25Λࢀߟʹ͢Δͱ͍͍

Slide 26

Slide 26 text

Identity and Access Management • ύεϫʔυͷ࢖͍ճ͠ʹΑΔةݥੑ • SSOͷଞɺۈ຿࣌ؒ֎ͷΞΫςΟϏςΟ΍෺ཧσόΠεΛซ༻͢Δଟཁૉೝূ • IAM Access Analyzer͸ήʔϜνΣϯδϟʔ • ύʔϛογϣϯ͸ఆظతʹ؂ࠪ • ϢʔβʔάϧʔϓΛ࢖ͬͯɺݖݶ؅ཧͷ൥ࡶ͞Λܰݮ͠Α͏

Slide 27

Slide 27 text

Network Infrastructure Security • HBOmaxͷࣄྫɿݕग़ͱରԠ • ։ൃ / ϓϩμΫτνʔϜʹద੾ͳΨʔυϨʔϧͷߏங • GuardDutyͰڴҖΛݕग़ɺSecurity HubʹFindingsΛू໿ • Event HubʹͦΕͧΕΛू໿

Slide 28

Slide 28 text

Network Infrastructure Security • HBOmaxͷࣄྫɿݕग़ͱରԠ • ηΩϡϦςΟΤϯδχΞ͸ɺSlackΛհͯ͠मਖ਼ͷͨΊͷyaml Λ࡞੒ • Cloud CustodianͰyamlΛLambdaʹม׵ͯࣗ͠ಈԽΛଅਐ

Slide 29

Slide 29 text

Network Infrastructure Security • HBOmaxͷࣄྫɿݕग़ͱରԠ

Slide 30

Slide 30 text

Network Infrastructure Security • Con fi dential Computing • AWS Nitro Enclaves • ӬଓతͳετϨʔδ΍ΠϯλϥΫςΟϒͳΞΫηεɺ֎෦ωοτϫʔΫ͕ͳ ͍ • ڐՄ͞ΕͨίʔυͷΈ͕Enclaves಺Ͱ࣮ߦ͞Ε͍ͯΔ͜ͱΛݕূͰ͖Δ • KMSͱ౷߹͞Ε͍ͯΔEnclavesͷΈ͕ػີ৘ใʹΞΫηε͢Δ͜ͱ͕Ͱ͖Δ

Slide 31

Slide 31 text

Data Protection & Privacy • θϩτϥετΞʔΩςΫνϟ • ීวతͳࣄฑͷू߹ମ • ҉໧ͷ৴པͷഉআɺܧଓతͳݕূɺ࠷খݖݶɾ࠷খظؒͰϢʔβʔΛઃఆɺ ҟৗͳ׆ಈ΍ѱҙͷ͋Δ׆ಈͷ؂ࢹɺཻ౓ͷߴ͍ϦεΫϕʔείϯτϩʔ ϧɺηΩϡϦςΟͷࣗಈԽ • AWSͷߟ͑ํ • ID؅ཧͱωοτϫʔΫ؅ཧͷ྆ํΛิ͍ͬͯ͘

Slide 32

Slide 32 text

Data Protection & Privacy • GDPR΁ͷରԠ • αʔϏεͷػೳ͸GDPRద༻ର৅Ͱ͋Δ͔൱͔Λ໰Θͣɺ 
 ͢΂ͯͷސ٬ʹద༻͞ΕΔ • GDPRͰཁٻ͞ΕΔసૹධՁͷࢧԉϦιʔε

Slide 33

Slide 33 text

Data Protection & Privacy • AWSαʔϏεͷϓϥΠόγʔػೳ • αϙʔτϦΫΤετΛॲཧ͢Δୈࡾऀͷ৘ใΛܝࡌͨ͠ αϒϓϩηοαʔ

Slide 34

Slide 34 text

Data Protection & Privacy • ܭըͳ͠ʹػඍ৘ใΛอଘ͠ͳ͍͜ͱ • ͜ͷ෼໺͸ख୳ΓͰਐΊΔ͜ͱ͸Ͱ͖ͳ͍ • ϏδωεΛऴྃ͢ΔϨϕϧͷϦεΫΛ࣋ͭ • ϏδωεͰى͍ͬͯ͜Δ͜ͱΛ۷ΓԼ͛ͯਖ਼֬ʹཧղ͢Δ͜ͱ

Slide 35

Slide 35 text

Governance, Risk and Compliance • ߴ͍ϨϕϧͷೝূΛड͚ΔͨΊʹ͸ɺ150Ҏ্ͷίϯτϩʔϧΛ ຬͨ͢ඞཁ͕͋Δ • AWSαʔϏε͸ɺ஍Ҭ΍ۀքΛ໰ΘͣԿઍ΋ͷηΩϡϦςΟ؂ࠪ Ͱݕূ͞Ε͍ͯΔ • AWS Artifact͔Β࠷৽ͷCSFূ໌ॻΛμ΢ϯϩʔυͰ͖Δ

Slide 36

Slide 36 text

Governance, Risk and Compliance • ࠓ೔Ͱ͖Δ͜ͱɿCloud؂ࠪΞΧσϛʔ

Slide 37

Slide 37 text

Leadership Sessionͷϝοηʔδ

Slide 38

Slide 38 text

Leadership session: 
 Data Protection & Privacy • จԽΛܗ੒͢Δ • ֤νʔϜʹηΩϡϦςΟ୲౰ऀ͕૊Έࠐ·Ε͍ͯΔ • ҉߸Խ͢Ε͹͍͍Θ͚Ͱ͸ͳ͍ • 伴ͷ؅ཧͱಁ໌ੑʢAlexaͷࣄྫʣ • ϓϥΠόγʔ͸ɺʮԿΛ͢Δ͔ʯͱ͍͏͜ͱ

Slide 39

Slide 39 text

Leadership session: Governance, Risk & Compliance • ίϯϓϥΠΞϯεΛࣗ෼ͨͪͷ΋ͷʹ͢Δ6ͷڭ܇ • 10೥ؒͰੵΈ্͖͛ͯͨCompliance as a CodeΛ 
 ࣮ફ͢ΔͨΊͷڭ܇

Slide 40

Slide 40 text

Leadership session: Governance, Risk & Compliance • ૣࣦ͘ഊ͢Δ͜ͱ • ؂ࠪͷͨΊͷΤϯδχΞ • ίϯϓϥΠΞϯεʹັͤΒΕͨΤϯδχΞ • ઐ໳؂ࠪਓͷ୆಄ • ৑௕ੑΛ࣋ͨͤΔ • ੡඼ͷͲ͜ʹয఺Λ౰ͯΔ͔

Slide 41

Slide 41 text

Leadership session: Governance, Risk & Compliance • ΋ͬͱֶश͍ͨ͠ਓͷͨΊʹ

Slide 42

Slide 42 text

Leadership session: 
 Culture of Security • ηΩϡϦςΟ͸όφφͰͨ͠

Slide 43

Slide 43 text

Tenets ͱ͍͏ݴ༿͕ҿΈࠐΊͳͯ͘ Կ΋ೖ͖ͬͯ·ͤΜͰͨ͠ ͞ʔͤΜ

Slide 44

Slide 44 text

Leadership session: 
 Identity & Access Management • AWS OrganizationsΛ࢖ͬͯϚϧνΞΧ΢ϯτΛ؅ཧ • AWS SSOΛ࢖ͬͯΞΧ΢ϯτͷதԝ؅ཧ • σʔλϖϦϛλ • SCP, VPC Endpoint Policy, Resource-based policys

Slide 45

Slide 45 text

Leadership session: 
 Identity & Access Management • ࠷খݖݶ΁ͷཱྀ • IAM Access Analyzerͷ঺հ • IAM࠲ஊձ

Slide 46

Slide 46 text

Leadership session: 
 Threat Detection & Incident Response • ηΩϡϦςΟػೳΛ࢖ͬͯରԠ࣌ؒΛ୹ॖ͠Α͏

Slide 47

Slide 47 text

Leadership session: 
 Threat Detection & Incident Response • GuardDutyͷϕετϓϥΫςΟεͷ঺հ • ରސ٬ͷηΩϡϦςΟΦϖϨʔγϣϯνʔϜͷ࿩ • ͍Ζ͍Ζ΍ͬͯΔ͚Ͳɺ؅ཧऀϝʔϧ͚ͩ͸Ϛδड৴͠Ζ • ߦ͏΂͖ΞΫγϣϯTop10ʢීวతͳ࿩ʣ

Slide 48

Slide 48 text

Leadership session: 
 Threat Detection & Incident Response • ߦ͏΂͖ΞΫγϣϯTop10ʢීวతͳ࿩ʣ

Slide 49

Slide 49 text

Leadership session: 
 Threat Detection & Incident Response • ߦ͏΂͖ΞΫγϣϯTop10ʢීวతͳ࿩ʣ

Slide 50

Slide 50 text

A bird's eye view • ։ൃϓϩηεʹηΩϡϦςΟΛ૊ΈࠐΉจԽͱ 
 ίϯϓϥΠϯεΛ૊ΈࠐΉจԽ͸ࣅ͍ͯΔ • ϓϥΠόγʔͷߟ͑ํͷ಄ग़͠ʢੈͷதͷૌٻ΁ͷରԠʣ • Compliance as a Code͸ɺ·ͩ·ͩීٴ͍ͯ͠ͳ͍ • ೿खͳ໨৽͍͠΋ͷͰ͸ͳ͘ɺීวతͳࣄฑͷੵΈ্͛

Slide 51

Slide 51 text

Thank you !