Upgrade to Pro — share decks privately, control downloads, hide ads and more …

15分で始められる Tenable.io on AWS

Avatar for sakamaki sakamaki
October 26, 2018
0
650

15分で始められる Tenable.io on AWS

AWS向けTenable.ioソリューション活用セミナー「15分で始められる Tenable.io on AWS」の登壇資料です。

Avatar for sakamaki

sakamaki

October 26, 2018
Tweet

More Decks by sakamaki

See All by sakamaki
AWS Well-Architected Frameworkの概要
Avatar for sakamaki sakamaki
0
1.4k

Featured

See All Featured
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
279
23k
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
656
61k
The Success of Rails: Ensuring Growth for the Next 100 Years
Avatar for Eileen M. Uchitelle eileencodes
46
7.6k
Navigating Team Friction
Avatar for Lara Hogan lara
189
15k
Fireside Chat
Avatar for paigeccino paigeccino
39
3.6k
Faster Mobile Websites
Avatar for Dean Hume deanohume
309
31k
A designer walks into a library…
Avatar for Paul Jervis Heath pauljervisheath
207
24k
It's Worth the Effort
Avatar for 3n 3n
187
28k
Testing 201, or: Great Expectations
Avatar for Joseph Mastey jmmastey
45
7.6k
Performance Is Good for Brains [We Love Speed 2024]
Avatar for Tammy Everts tammyeverts
12
1.1k
Principles of Awesome APIs and How to Build Them.
Avatar for Keavy McMinn keavy
126
17k
Gamification - CAS2011
Avatar for David Bonilla davidbonilla
81
5.4k

Transcript

  1. !1 AWSࣄۀຊ෦ίϯαϧςΟϯά෦ ࡔר Ұٛ 2018/10/25 ෼Ͱ࢝ΊΒΕΔ5FOBCMFJPPO"84

  2. εϥΠυ͸ޙͰೖख͢Δ͜ͱ͕ग़དྷ·͢ͷͰ ൃදதͷ಺༰ΛϝϞ͢Δඞཁ͸͋Γ·ͤΜɻ ࣸਅࡱӨΛ͢Δ৔߹͸ ϑϥογϡɾγϟολʔԻ͕ग़ͳ͍Α͏ʹ͝഑ྀ͍ͩ͘͞ Attention

  3. ࣗݾ঺հ   ܦྺ 4JFSͰΠϯϑϥΤϯδχΞ ೥݄ೖࣾ ࠷ۙ͞Θ͍ͬͯΔ"84αʔϏε -BNCEBɺ4UFQ'VODUJPOT ࡔרҰٛ "84ࣄۀຊ෦ίϯαϧςΟϯά෦

  4. ຊ೔ͷηογϣϯͰ఻͍͑ͨ͜ͱ !4 5FOBCMFJPΛར༻͢Ε͹ ੬ऑੑ਍அ͕؆୯ʹߦ͑Δ

  5.   ࠓ೔࿩͢͜ͱɾ࿩͞ͳ͍͜ͱ

  6. ࠓ೔࿩͢͜ͱʢAgendaʣ !6 "84Ͱ5FOBCMFJPΛར༻͢ΔϝϦοτ εΩϟφΠϯελϯεͷߏஙखॱ εΩϟϯ࣮ࢪʗݕग़ͨ͠ڴҖΛੋਖ਼ εΩϟϯͷ࣮ࢪύλʔϯ ·ͱΊ

  7. ࠓ೔࿩͞ͳ͍͜ͱ !7 8FC"QQMJDBUJPOTʢ΢ΣϒΞϓϦ਍அʣ $POUBJOFS4FDVSJUZʢίϯςφ਍அʣ

  8.   AWSͰTenable.ioΛར༻ ͢ΔϝϦοτ

  9. ಥવͰ͕͢.. !9 "84্Ͱ੬ऑੑ਍அͨ͠ ࣄ͋Γ·͔͢ʁ

  10. ੬ऑੑ਍அʹ޲͚ͨਃ੥ !10 εΩϟϯର৅ͷ*1ΞυϨεʗ*% ςετͰ࢖༻͢ΔଳҬ෯ ϐʔΫ࣌ͷϦΫΤετ εΩϟϯΛ࣮ࢪ͢Δ։࢝࣌ࠁ εΩϟϯΛ࣮ࢪ͢Δऴྃ࣌ࠁ ɾ ɾ ɾ

    "84Ͱͷېࢭߦҝͱ۠ผ͢ΔͨΊʹɺࣄલʹঝೝ͕ඞཁ

  11. (ݸਓతʹ)ਃ੥Ͱਏ͍ͱ͜Ζ !11 ਃ੥ϑΥʔϜ͕ӳޠ ࠷௕೔෼ͷਃ੥ ΞλοΫͱ۠ผ͢ΔͨΊʹਃ੥߲໨͕ଟ͍ʢ౰વ͚ͩͲʣ ࣄલਃ੥͕ඞཁͰঝೝ·Ͱ਺Ӧۀ೔ཁ͢Δ ٸͳεέδϡʔϧͷมߋʹରԠͮ͠Β͍

  12. ࢥͬͨࣄ͋Γ·ͤΜ͔ʁ !12 खܰʹ੬ऑੑ਍அ͕͍ͨ͠

  13.   5FOBCMFJP

  14. ࣄલঝೝ͞ΕͨεΩϟφΠϝʔδ !14 "84.BSLFUQMBDFʹొ࿥͞Ε͍ͯΔɺ εΩϟφΠϝʔδʢ/FTTVT4DBOOFSʣΛ ར༻͢Δ͜ͱͰɺ"84΁ͷਃ੥ෆཁͰε Ωϟϯʢ੬ऑੑ਍அʣ͕Մೳ

  15. ࣄલঝೝ͞ΕͨεΩϟφΠϝʔδ !15 "84ࣄલঝೝࡁΈ

  16. AWSͰTenable.ioΛར༻͢ΔϝϦοτ !16 ࣄલঝೝ͞ΕͨεΩϟφʢ"84POMZʣ "1*ίωΫλʢ"84POMZʣ ΞηοτΛ؂ࢹ͠৽͍͠΋ͷ͸௥Ճɺ ݹ͍΋ͷ͸࡟আ౳ɺΞηοτΛಈతʹ؅ཧ ؂ࠪεΩϟϯ͕Մೳ ϕετϓϥΫςΟε΍$*4౳ʹରͯ͠ͷϕϯνϚʔΫ

  17.   εΩϟφΠϯελϯεߏங

  18. ࠓճͷߏஙൣғ !18 εΩϟϯ࡞੒ εΩϟφΠϯελϯεߏங

  19. εΩϟϯͷͳ͕Ε !19 5FOBCMFJPΑΓεΩϟϯ࣮ߦ εΩϟφʹεΩϟϯ໋ྩ λʔήοταʔόεΩϟϯ։࢝ εΩϟϯ݁ՌΞοϓϩʔυ ਍அ݁Ռ֬ೝ

  20. εΩϟϯͷͳ͕Ε !20

  21.   5FOBCMFJPίϯιʔϧ ϦϯΫΩʔऔಘ

  22. Tenable.ioʗLinking Keyऔಘ !22 ʮ4DBOTʯΛΫϦοΫ

  23. Tenable.ioʗLinking Keyऔಘ !23 ʮ4DBOOFSTʯΛΫϦοΫ

  24. Tenable.ioʗLinking Keyऔಘ !24 ϦϯΫΩʔΛ߇͑Δ

  25.   "84Ϛωδϝϯτίϯιʔϧ *".ϩʔϧ࡞੒

  26. AWSʗIAMϩʔϧ࡞੒ !26 ϩʔϧΛ࢖༻͢ΔαʔϏε͸ʮ&$ʯ

  27. AWSʗIAMϩʔϧ࡞੒ !27 "NB[PO&$3FBE0OMZ"DDFTTݖݶΛ෇༩

  28. AWSʗIAMϩʔϧ࡞੒ !28 ೚ҙͷϩʔϧ໊

  29. AWSʗIAMϩʔϧ࡞੒ !29

  30.   "84Ϛωδϝϯτίϯιʔϧ εΩϟφΠϯελϯε࡞੒

  31. !31 AWSʗεΩϟφΠϯελϯε࡞੒ "84.BSLFUQMBDFΑΓʮ5FOBCMFʯͰݕࡧ

  32. !32 AWSʗεΩϟφΠϯελϯε࡞੒ ιϑτ΢ΣΞྉۚෆཁ

  33. !33 AWSʗεΩϟφΠϯελϯε࡞੒ ΠϯελϯελΠϓ͸ɺUNFEJVNɺUMBSHFɺNϑΝϛϦʔ ύϑΥʔϚϯεΛॏࢹ͢Δ৔߹͸NMBSHFҎ্͕ਪ঑

  34. !34 AWSʗεΩϟφΠϯελϯε࡞੒ ࡞੒ͨ͠*".ϩʔϧΛࢦఆ

  35. !35 \ OBNF"84@4DBOOFS  LFZFCEEB999999999  JBN@SPMF5FOBCMF3PMF ^ AWSʗεΩϟφΠϯελϯε࡞੒ +40/ܗࣜͰϢʔβʔσʔλʢςΩετʣΛೖྗ

  36. !36 AWSʗεΩϟφΠϯελϯε࡞੒ OBNF 5FOBCMFJP্ʹදࣔ͞ΕΔεΩϟφ໊ LFZ औಘͨ͠ϦϯΫΩʔ JBN@SPMF εΩϟφΠϯελϯεʹ෇༩ͨ͠*".ϩʔϧ

  37. !37 AWSʗεΩϟφΠϯελϯε࡞੒ ετϨʔδαΠζ͸ɺ(J#Ҏ্Λࢦఆ

  38. !38 AWSʗεΩϟφΠϯελϯε࡞੒ ೚ҙͷλάΛ෇༩

  39. !39 AWSʗεΩϟφΠϯελϯε࡞੒ Πϯό΢ϯυτϥϑΟοΫͳ͠ ʢεΩϟφΠϯελϯε΁ϩάΠϯ͸ߦΘͳ͍ʣ

  40. !40 AWSʗεΩϟφΠϯελϯε࡞੒ ࢦఆͨ͠஋Λ֬ೝͯ͠ΠϯελϯεΛ࡞੒

  41. !41 AWSʗεΩϟφΠϯελϯε࡞੒ ΩʔϖΞෆཁ

  42. !42 AWSʗεΩϟφΠϯελϯε࡞੒ εΩϟφΠϯελϯε࡞੒׬ྃʂʂ

  43.   5FOBCMFJPίϯιʔϧ εΩϟϯ࡞੒

  44. !44 Tenable.ioʗεΩϟϯ࡞੒ εΩϟφ Πϯελϯε ͕ೝࣝ͞Εͨ͜ͱΛ֬ೝ

  45. Tenable.ioʗεΩϟϯ࡞੒ !45 ʮ/FX4DBOʯΛΫϦοΫ

  46. !46 Tenable.ioʗεΩϟϯ࡞੒ εΩϟϯςϯϓϨʔτΛબ୒

  47. !47 Tenable.ioʗεΩϟϯ࡞੒

  48. !48 AWSʗεΩϟφΠϯελϯε࡞੒ /BNF ࡞੒͢ΔεΩϟϯ໊ 'PMEFS εΩϟϯ݁Ռͷ֨ೲϑΥϧμ 4DBOOFS εΩϟϯ࣌ʹར༻͢ΔεΩϟφ

  49. !49 Tenable.ioʗεΩϟϯ࡞੒ λʔήοταʔόʢεΩϟϯର৅ʣΛબ୒

  50. !50 Tenable.ioʗεΩϟϯ࡞੒ $SFEFOUJBMTઃఆ

  51. !51 Tenable.ioʗεΩϟϯ࡞੒ &$ͷೝূ৘ใΛೖྗ

  52. !52 Tenable.ioʗεΩϟϯ࡞੒ &$εΩϟφΛར༻ͨ͠ɺεΩϟϯ͕׬੒

  53.   εΩϟϯ࣮ࢪʗ ݕग़ͨ͠ڴҖΛੋਖ਼

  54. !54 λʔήοταʔόઃఆ εΩϟφΠϯελϯε͔ΒͷΞΫηεΛڐՄ ඞཁͳϓϩτίϧ͸5$1ɺ6%1ɺ*$.1

  55. !55 εΩϟϯ࣮ࢪ ֘౰εΩϟϯͷʮ-BVODIʯͰεΩϟϯ։࢝

  56. εΩϟϯ࣮ࢪ !56 ਺෼ͰεΩϟϯ͕׬ྃ

  57.   εΩϟϯ݁Ռ֬ೝ

  58. !58 εΩϟϯ݁Ռ֬ೝ  "TTFUT ݕग़͞ΕͨڴҖͷ݅਺ɺ04౳ͷ਍அର৅ͷ৘ใΛදࣔ  7VMOFSBCJMJUJFT $744 ڞ௨੬ऑੑධՁγεςϜ ͷ஋ʹج͖ͮϨϕϧ෼͚͞ΕͨڴҖΛදࣔ

    $SJUJDBMɿɺ)JHIɿະຬɺ.FEJVNɿະຬɺ-PXɿະຬ  3FNFEJBUJPOT ݕग़͞ΕͨڴҖʹର͢Δੋਖ਼ํ๏ΛҰཡදࣔ  )JTUPSZ εΩϟϯཤྺΛදࣔ

  59. εΩϟϯ݁Ռ֬ೝʗAssets !59

  60. εΩϟϯ݁Ռ֬ೝʗVulnerabilities !60

  61. εΩϟϯ݁Ռ֬ೝʗRemediations !61

  62. εΩϟϯ݁Ռ֬ೝʗHistory !62

  63.   ݕग़ͨ͠ڴҖΛੋਖ਼

  64. ݕग़ͨ͠ڴҖΛੋਖ਼ !64 "NB[PO-JOVY".*DVSM "-"4 Λ֬ೝ

  65. !65 ݕग़ͨ͠ڴҖΛੋਖ਼

  66. !66 DVSMʹ͓͚ΔόοϑΝΤϥʔͷ੬ऑੑ ݕग़ͨ͠ڴҖΛੋਖ਼

  67. !67 ੋਖ਼ํ๏΍ɺؔ࿈߲໨΋දࣔ ݕग़ͨ͠ڴҖΛੋਖ਼

  68. !68 TVEPZVNVQEBUFDVSM ಡΈࠐΜͩϓϥάΠϯQSJPSJUJFT VQEBUFNPUE VQHSBEFIFMQFS BN[ONBJOcL# BN[OVQEBUFTcL# ґଘੑͷղܾΛ͍ͯ͠·͢ τϥϯβΫγϣϯͷ֬ೝΛ࣮ߦ͍ͯ͠·͢ɻ ʢলུʣ

    ׬ྃ͠·ͨ͠ ڴҖΛݕग़ͨ͠λʔήοταʔόͰίϚϯυ࣮ߦ ݕग़ͨ͠ڴҖΛੋਖ਼

  69. !69 ࠶εΩϟϯͰڴҖͷ݅਺ݮগΛ֬ೝ ݕग़ͨ͠ڴҖΛੋਖ਼

  70. !70 3FNFEJBUJPOTͷ"DUJPOΛ࣮ࢪͯ͠΋ੋਖ਼͕Մೳ ݕग़ͨ͠ڴҖΛੋਖ਼

  71. !71 3FNFEJBUJPOTͷ"DUJPOΛ࣮ߦ͍ͯ͘͠ͱɽɽ TVEPZVNVQEBUFLFSOFM ಡΈࠐΜͩϓϥάΠϯQSJPSJUJFT VQEBUFNPUE VQHSBEFIFMQFS BN[ONBJOcL# BN[OVQEBUFTcL# ґଘੑͷղܾΛ͍ͯ͠·͢ τϥϯβΫγϣϯͷ֬ೝΛ࣮ߦ͍ͯ͠·͢ɻ

    ɾ ɾ ݕग़ͨ͠ڴҖΛੋਖ਼

  72. !72 ੬ऑੑ͕ݮ͍ͬͯ͘ʂʂ ݕग़ͨ͠ڴҖΛੋਖ਼

  73. !73 7VMOFSBCJMJUJFTͷ4PMVUJPO΍ɺ3FNFEJBUJPOTͷ"DUJPOΛߦ͏͜ͱͰɺ ڴҖΛੋਖ਼͢Δ͜ͱ͸Ͱ͖·͕͢ɺΞϓϦέʔγϣϯͷಈ࡞Λอূ͢ Δ΋ͷͰ͸͋Γ·ͤΜɻύοέʔδΞοϓσʔτ౳ͷରԠʹ͍ͭͯ͸ɺ ࣄલʹόοΫΞοϓΛऔಘ͢Δ౳ɺ؀ڥʹ͋ΘͤͯରԠ͍ͯͩ͘͠͞ɻ ݕग़ͨ͠ڴҖΛੋਖ਼

  74.   εΩϟϯ࣮ࢪύλʔϯ

  75. εΩϟϯ࣮ࢪύλʔϯ !75 /FTTVT4DBOOFSΛߏங͢Δύλʔϯ /FTTVT"HFOUΛར༻͢Δύλʔϯ 5FOBCMFJP֎෦εΩϟφΛར༻͢Δύλʔϯ

  76.   /FTTVT"HFOUΛ ར༻͢Δύλʔϯ

  77. Nessus Agentߏ੒ਤ !77 /FTTVT"HFOUΠϯετʔϧ

  78. Nessus AgentΛར༻͢Δύλʔϯ !78 ϝϦοτ "HFOUࣗ਎͕৘ใΛऔಘ͢ΔͷͰɺεΩϟφར༻࣌ ʹൺ΂ͯ71$಺ͷ/8΁ͷӨڹ͸খ͘ɺ෼ੳ͸ߴ଎ ೝূ৘ใ͕ෆཁ Ϣʔεέʔε ϞόΠϧϫʔΧʔ͕ଟ͍ϗετ ηΩϡϦςΟϙϦγʔతʹωοτϫʔΫܦ༝Ͱೝূ

    ৘ใ͕࢖༻Ͱ͖ͳ͍৔߹

  79. !79 ฐࣾϒϩάͰ͝঺հ͍ͯ͠·͢ Nessus AgentΛར༻͢Δύλʔϯ

  80.   5FOBCMFJP֎෦εΩϟφΛ ར༻͢Δύλʔϯ

  81. Tenable.io֎෦εΩϟφΛར༻͢Δύλʔϯ !81 ֎෦εΩϟφΛར༻

  82. !82 ϝϦοτ σϓϩΠෆཁʢ5FOBCMFJPʹඪ४Ͱؚ·Ε͍ͯΔʣ ະ஌ͷ"TTFUTΛಛఆͰ͖Δ Ϣʔεέʔε ڴҖͷΫΠοΫ෼ੳ ϙϦγʔతʹλʔήοταʔόͷมߋ͕Ͱ͖ͳ͍৔߹ ஫ҙ఺ "84΁ͷਃ੥͕ඞཁ Tenable.io֎෦εΩϟφΛར༻͢Δύλʔϯ

  83. !83 ฐࣾϒϩάͰ͝঺հ͍ͯ͠·͢ Tenable.io֎෦εΩϟφΛར༻͢Δύλʔϯ

  84.   ·ͱΊ

  85. ·ͱΊ !85 ࣄલঝೝ͞ΕͨεΩϟφΛར༻͢Ε͹ɺ ؆୯ʹ੬ऑੑ਍அ͕ߦ͑Δ εΩϟφΠϯελϯεͷߏங͸௨ৗͷ&$ ߏஙͱಉ͡खॱ εΩϟϯ࣮ࢪͷύλʔϯʹΑͬͯ͸ɺ"84 ΁ਃ੥͕ඞཁͳ৔߹΋͋Δ

  86. ؔ࿈ࢿྉ !86  5FOBCMFJPGPS"NB[PO8FC4FSWJDFT  IUUQTEPDTUFOBCMFDPNPUIFS5FOBCMFJP"84*OUFHSBUJPO(VJEFQEG  /FTTVT"HFOUΛར༻ͨ͠੬ऑੑ਍அ  IUUQTEFWDMBTTNFUIPEKQDMPVEBXTUFOBCMFJPOFTTVTBHFOUCBTJDOFUXPSLTDBO

     5FOBCMFJPͷ#BTJD/FUXPSL4DBOΛ࣮ࢪͯ͠Έͨ  IUUQTEFWDMBTTNFUIPEKQDMPVEBXTUFOBCMFJPWVMOFSBCJMJUZNBOBHFNFOU CBTJDOFUXPSLTDBO  ੬ऑੑ਍அ͕Ͱ͖Δ5FOBCMFJPΛ"84Ͱར༻͢Δͱ͖ͷߏ੒Π ϝʔδʹ͍ͭͯ·ͱΊͯΈͨ  IUUQTEFWDMBTTNFUIPEKQDMPVEBXTUFOBCMF@BSDIJUFDU@PO@BXT

  87. !87