Upgrade to Pro — share decks privately, control downloads, hide ads and more …

15分で始められる Tenable.io on AWS

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for sakamaki sakamaki
October 26, 2018
740
0

15分で始められる Tenable.io on AWS

AWS向けTenable.ioソリューション活用セミナー「15分で始められる Tenable.io on AWS」の登壇資料です。

Avatar for sakamaki

sakamaki

October 26, 2018

More Decks by sakamaki

See All by sakamaki
AWS Well-Architected Frameworkの概要
Avatar for sakamaki sakamaki
0
1.5k

Featured

See All Featured
Git: the NoSQL Database
Avatar for Brandon Keepers bkeepers
PRO
432
67k
Color Theory Basics | Prateek | Gurzu
Avatar for Gurzu gurzu
0
370
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
3.1k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
37
7.3k
技術選定の審美眼(2025年版) / Understanding the Spiral of Technologies 2025 edition
Avatar for Takuto Wada twada
PRO
118
120k
Groundhog Day: Seeking Process in Gaming for Health
Avatar for Sebastian Deterding codingconduct
0
210
How to Get Subject Matter Experts Bought In and Actively Contributing to SEO & PR Initiatives.
Avatar for Liv Day livdayseo
0
140
Intergalactic Javascript Robots from Outer Space
Avatar for Vicent Martí tanoku
273
27k
Navigating Team Friction
Avatar for Lara Hogan lara
192
16k
Tips & Tricks on How to Get Your First Job In Tech
Avatar for Honza Javorek honzajavorek
1
540
10 Git Anti Patterns You Should be Aware of
Avatar for Lemi Orhan Ergin lemiorhan
PRO
659
62k
AI Search: Implications for SEO and How to Move Forward - #ShenzhenSEOConference
Avatar for Aleyda Solis aleyda
1
1.3k

Transcript

  1. !1 AWSࣄۀຊ෦ίϯαϧςΟϯά෦ ࡔר Ұٛ 2018/10/25 ෼Ͱ࢝ΊΒΕΔ5FOBCMFJPPO"84

  2. εϥΠυ͸ޙͰೖख͢Δ͜ͱ͕ग़དྷ·͢ͷͰ ൃදதͷ಺༰ΛϝϞ͢Δඞཁ͸͋Γ·ͤΜɻ ࣸਅࡱӨΛ͢Δ৔߹͸ ϑϥογϡɾγϟολʔԻ͕ग़ͳ͍Α͏ʹ͝഑ྀ͍ͩ͘͞ Attention

  3. ࣗݾ঺հ   ܦྺ 4JFSͰΠϯϑϥΤϯδχΞ ೥݄ೖࣾ ࠷ۙ͞Θ͍ͬͯΔ"84αʔϏε -BNCEBɺ4UFQ'VODUJPOT ࡔרҰٛ "84ࣄۀຊ෦ίϯαϧςΟϯά෦

  4. ຊ೔ͷηογϣϯͰ఻͍͑ͨ͜ͱ !4 5FOBCMFJPΛར༻͢Ε͹ ੬ऑੑ਍அ͕؆୯ʹߦ͑Δ

  5.   ࠓ೔࿩͢͜ͱɾ࿩͞ͳ͍͜ͱ

  6. ࠓ೔࿩͢͜ͱʢAgendaʣ !6 "84Ͱ5FOBCMFJPΛར༻͢ΔϝϦοτ εΩϟφΠϯελϯεͷߏஙखॱ εΩϟϯ࣮ࢪʗݕग़ͨ͠ڴҖΛੋਖ਼ εΩϟϯͷ࣮ࢪύλʔϯ ·ͱΊ

  7. ࠓ೔࿩͞ͳ͍͜ͱ !7 8FC"QQMJDBUJPOTʢ΢ΣϒΞϓϦ਍அʣ $POUBJOFS4FDVSJUZʢίϯςφ਍அʣ

  8.   AWSͰTenable.ioΛར༻ ͢ΔϝϦοτ

  9. ಥવͰ͕͢.. !9 "84্Ͱ੬ऑੑ਍அͨ͠ ࣄ͋Γ·͔͢ʁ

  10. ੬ऑੑ਍அʹ޲͚ͨਃ੥ !10 εΩϟϯର৅ͷ*1ΞυϨεʗ*% ςετͰ࢖༻͢ΔଳҬ෯ ϐʔΫ࣌ͷϦΫΤετ εΩϟϯΛ࣮ࢪ͢Δ։࢝࣌ࠁ εΩϟϯΛ࣮ࢪ͢Δऴྃ࣌ࠁ ɾ ɾ ɾ

    "84Ͱͷېࢭߦҝͱ۠ผ͢ΔͨΊʹɺࣄલʹঝೝ͕ඞཁ

  11. (ݸਓతʹ)ਃ੥Ͱਏ͍ͱ͜Ζ !11 ਃ੥ϑΥʔϜ͕ӳޠ ࠷௕೔෼ͷਃ੥ ΞλοΫͱ۠ผ͢ΔͨΊʹਃ੥߲໨͕ଟ͍ʢ౰વ͚ͩͲʣ ࣄલਃ੥͕ඞཁͰঝೝ·Ͱ਺Ӧۀ೔ཁ͢Δ ٸͳεέδϡʔϧͷมߋʹରԠͮ͠Β͍

  12. ࢥͬͨࣄ͋Γ·ͤΜ͔ʁ !12 खܰʹ੬ऑੑ਍அ͕͍ͨ͠

  13.   5FOBCMFJP

  14. ࣄલঝೝ͞ΕͨεΩϟφΠϝʔδ !14 "84.BSLFUQMBDFʹొ࿥͞Ε͍ͯΔɺ εΩϟφΠϝʔδʢ/FTTVT4DBOOFSʣΛ ར༻͢Δ͜ͱͰɺ"84΁ͷਃ੥ෆཁͰε Ωϟϯʢ੬ऑੑ਍அʣ͕Մೳ

  15. ࣄલঝೝ͞ΕͨεΩϟφΠϝʔδ !15 "84ࣄલঝೝࡁΈ

  16. AWSͰTenable.ioΛར༻͢ΔϝϦοτ !16 ࣄલঝೝ͞ΕͨεΩϟφʢ"84POMZʣ "1*ίωΫλʢ"84POMZʣ ΞηοτΛ؂ࢹ͠৽͍͠΋ͷ͸௥Ճɺ ݹ͍΋ͷ͸࡟আ౳ɺΞηοτΛಈతʹ؅ཧ ؂ࠪεΩϟϯ͕Մೳ ϕετϓϥΫςΟε΍$*4౳ʹରͯ͠ͷϕϯνϚʔΫ

  17.   εΩϟφΠϯελϯεߏங

  18. ࠓճͷߏஙൣғ !18 εΩϟϯ࡞੒ εΩϟφΠϯελϯεߏங

  19. εΩϟϯͷͳ͕Ε !19 5FOBCMFJPΑΓεΩϟϯ࣮ߦ εΩϟφʹεΩϟϯ໋ྩ λʔήοταʔόεΩϟϯ։࢝ εΩϟϯ݁ՌΞοϓϩʔυ ਍அ݁Ռ֬ೝ

  20. εΩϟϯͷͳ͕Ε !20

  21.   5FOBCMFJPίϯιʔϧ ϦϯΫΩʔऔಘ

  22. Tenable.ioʗLinking Keyऔಘ !22 ʮ4DBOTʯΛΫϦοΫ

  23. Tenable.ioʗLinking Keyऔಘ !23 ʮ4DBOOFSTʯΛΫϦοΫ

  24. Tenable.ioʗLinking Keyऔಘ !24 ϦϯΫΩʔΛ߇͑Δ

  25.   "84Ϛωδϝϯτίϯιʔϧ *".ϩʔϧ࡞੒

  26. AWSʗIAMϩʔϧ࡞੒ !26 ϩʔϧΛ࢖༻͢ΔαʔϏε͸ʮ&$ʯ

  27. AWSʗIAMϩʔϧ࡞੒ !27 "NB[PO&$3FBE0OMZ"DDFTTݖݶΛ෇༩

  28. AWSʗIAMϩʔϧ࡞੒ !28 ೚ҙͷϩʔϧ໊

  29. AWSʗIAMϩʔϧ࡞੒ !29

  30.   "84Ϛωδϝϯτίϯιʔϧ εΩϟφΠϯελϯε࡞੒

  31. !31 AWSʗεΩϟφΠϯελϯε࡞੒ "84.BSLFUQMBDFΑΓʮ5FOBCMFʯͰݕࡧ

  32. !32 AWSʗεΩϟφΠϯελϯε࡞੒ ιϑτ΢ΣΞྉۚෆཁ

  33. !33 AWSʗεΩϟφΠϯελϯε࡞੒ ΠϯελϯελΠϓ͸ɺUNFEJVNɺUMBSHFɺNϑΝϛϦʔ ύϑΥʔϚϯεΛॏࢹ͢Δ৔߹͸NMBSHFҎ্͕ਪ঑

  34. !34 AWSʗεΩϟφΠϯελϯε࡞੒ ࡞੒ͨ͠*".ϩʔϧΛࢦఆ

  35. !35 \ OBNF"84@4DBOOFS  LFZFCEEB999999999  JBN@SPMF5FOBCMF3PMF ^ AWSʗεΩϟφΠϯελϯε࡞੒ +40/ܗࣜͰϢʔβʔσʔλʢςΩετʣΛೖྗ

  36. !36 AWSʗεΩϟφΠϯελϯε࡞੒ OBNF 5FOBCMFJP্ʹදࣔ͞ΕΔεΩϟφ໊ LFZ औಘͨ͠ϦϯΫΩʔ JBN@SPMF εΩϟφΠϯελϯεʹ෇༩ͨ͠*".ϩʔϧ

  37. !37 AWSʗεΩϟφΠϯελϯε࡞੒ ετϨʔδαΠζ͸ɺ(J#Ҏ্Λࢦఆ

  38. !38 AWSʗεΩϟφΠϯελϯε࡞੒ ೚ҙͷλάΛ෇༩

  39. !39 AWSʗεΩϟφΠϯελϯε࡞੒ Πϯό΢ϯυτϥϑΟοΫͳ͠ ʢεΩϟφΠϯελϯε΁ϩάΠϯ͸ߦΘͳ͍ʣ

  40. !40 AWSʗεΩϟφΠϯελϯε࡞੒ ࢦఆͨ͠஋Λ֬ೝͯ͠ΠϯελϯεΛ࡞੒

  41. !41 AWSʗεΩϟφΠϯελϯε࡞੒ ΩʔϖΞෆཁ

  42. !42 AWSʗεΩϟφΠϯελϯε࡞੒ εΩϟφΠϯελϯε࡞੒׬ྃʂʂ

  43.   5FOBCMFJPίϯιʔϧ εΩϟϯ࡞੒

  44. !44 Tenable.ioʗεΩϟϯ࡞੒ εΩϟφ Πϯελϯε ͕ೝࣝ͞Εͨ͜ͱΛ֬ೝ

  45. Tenable.ioʗεΩϟϯ࡞੒ !45 ʮ/FX4DBOʯΛΫϦοΫ

  46. !46 Tenable.ioʗεΩϟϯ࡞੒ εΩϟϯςϯϓϨʔτΛબ୒

  47. !47 Tenable.ioʗεΩϟϯ࡞੒

  48. !48 AWSʗεΩϟφΠϯελϯε࡞੒ /BNF ࡞੒͢ΔεΩϟϯ໊ 'PMEFS εΩϟϯ݁Ռͷ֨ೲϑΥϧμ 4DBOOFS εΩϟϯ࣌ʹར༻͢ΔεΩϟφ

  49. !49 Tenable.ioʗεΩϟϯ࡞੒ λʔήοταʔόʢεΩϟϯର৅ʣΛબ୒

  50. !50 Tenable.ioʗεΩϟϯ࡞੒ $SFEFOUJBMTઃఆ

  51. !51 Tenable.ioʗεΩϟϯ࡞੒ &$ͷೝূ৘ใΛೖྗ

  52. !52 Tenable.ioʗεΩϟϯ࡞੒ &$εΩϟφΛར༻ͨ͠ɺεΩϟϯ͕׬੒

  53.   εΩϟϯ࣮ࢪʗ ݕग़ͨ͠ڴҖΛੋਖ਼

  54. !54 λʔήοταʔόઃఆ εΩϟφΠϯελϯε͔ΒͷΞΫηεΛڐՄ ඞཁͳϓϩτίϧ͸5$1ɺ6%1ɺ*$.1

  55. !55 εΩϟϯ࣮ࢪ ֘౰εΩϟϯͷʮ-BVODIʯͰεΩϟϯ։࢝

  56. εΩϟϯ࣮ࢪ !56 ਺෼ͰεΩϟϯ͕׬ྃ

  57.   εΩϟϯ݁Ռ֬ೝ

  58. !58 εΩϟϯ݁Ռ֬ೝ  "TTFUT ݕग़͞ΕͨڴҖͷ݅਺ɺ04౳ͷ਍அର৅ͷ৘ใΛදࣔ  7VMOFSBCJMJUJFT $744 ڞ௨੬ऑੑධՁγεςϜ ͷ஋ʹج͖ͮϨϕϧ෼͚͞ΕͨڴҖΛදࣔ

    $SJUJDBMɿɺ)JHIɿະຬɺ.FEJVNɿະຬɺ-PXɿະຬ  3FNFEJBUJPOT ݕग़͞ΕͨڴҖʹର͢Δੋਖ਼ํ๏ΛҰཡදࣔ  )JTUPSZ εΩϟϯཤྺΛදࣔ

  59. εΩϟϯ݁Ռ֬ೝʗAssets !59

  60. εΩϟϯ݁Ռ֬ೝʗVulnerabilities !60

  61. εΩϟϯ݁Ռ֬ೝʗRemediations !61

  62. εΩϟϯ݁Ռ֬ೝʗHistory !62

  63.   ݕग़ͨ͠ڴҖΛੋਖ਼

  64. ݕग़ͨ͠ڴҖΛੋਖ਼ !64 "NB[PO-JOVY".*DVSM "-"4 Λ֬ೝ

  65. !65 ݕग़ͨ͠ڴҖΛੋਖ਼

  66. !66 DVSMʹ͓͚ΔόοϑΝΤϥʔͷ੬ऑੑ ݕग़ͨ͠ڴҖΛੋਖ਼

  67. !67 ੋਖ਼ํ๏΍ɺؔ࿈߲໨΋දࣔ ݕग़ͨ͠ڴҖΛੋਖ਼

  68. !68 TVEPZVNVQEBUFDVSM ಡΈࠐΜͩϓϥάΠϯQSJPSJUJFT VQEBUFNPUE VQHSBEFIFMQFS BN[ONBJOcL# BN[OVQEBUFTcL# ґଘੑͷղܾΛ͍ͯ͠·͢ τϥϯβΫγϣϯͷ֬ೝΛ࣮ߦ͍ͯ͠·͢ɻ ʢলུʣ

    ׬ྃ͠·ͨ͠ ڴҖΛݕग़ͨ͠λʔήοταʔόͰίϚϯυ࣮ߦ ݕग़ͨ͠ڴҖΛੋਖ਼

  69. !69 ࠶εΩϟϯͰڴҖͷ݅਺ݮগΛ֬ೝ ݕग़ͨ͠ڴҖΛੋਖ਼

  70. !70 3FNFEJBUJPOTͷ"DUJPOΛ࣮ࢪͯ͠΋ੋਖ਼͕Մೳ ݕग़ͨ͠ڴҖΛੋਖ਼

  71. !71 3FNFEJBUJPOTͷ"DUJPOΛ࣮ߦ͍ͯ͘͠ͱɽɽ TVEPZVNVQEBUFLFSOFM ಡΈࠐΜͩϓϥάΠϯQSJPSJUJFT VQEBUFNPUE VQHSBEFIFMQFS BN[ONBJOcL# BN[OVQEBUFTcL# ґଘੑͷղܾΛ͍ͯ͠·͢ τϥϯβΫγϣϯͷ֬ೝΛ࣮ߦ͍ͯ͠·͢ɻ

    ɾ ɾ ݕग़ͨ͠ڴҖΛੋਖ਼

  72. !72 ੬ऑੑ͕ݮ͍ͬͯ͘ʂʂ ݕग़ͨ͠ڴҖΛੋਖ਼

  73. !73 7VMOFSBCJMJUJFTͷ4PMVUJPO΍ɺ3FNFEJBUJPOTͷ"DUJPOΛߦ͏͜ͱͰɺ ڴҖΛੋਖ਼͢Δ͜ͱ͸Ͱ͖·͕͢ɺΞϓϦέʔγϣϯͷಈ࡞Λอূ͢ Δ΋ͷͰ͸͋Γ·ͤΜɻύοέʔδΞοϓσʔτ౳ͷରԠʹ͍ͭͯ͸ɺ ࣄલʹόοΫΞοϓΛऔಘ͢Δ౳ɺ؀ڥʹ͋ΘͤͯରԠ͍ͯͩ͘͠͞ɻ ݕग़ͨ͠ڴҖΛੋਖ਼

  74.   εΩϟϯ࣮ࢪύλʔϯ

  75. εΩϟϯ࣮ࢪύλʔϯ !75 /FTTVT4DBOOFSΛߏங͢Δύλʔϯ /FTTVT"HFOUΛར༻͢Δύλʔϯ 5FOBCMFJP֎෦εΩϟφΛར༻͢Δύλʔϯ

  76.   /FTTVT"HFOUΛ ར༻͢Δύλʔϯ

  77. Nessus Agentߏ੒ਤ !77 /FTTVT"HFOUΠϯετʔϧ

  78. Nessus AgentΛར༻͢Δύλʔϯ !78 ϝϦοτ "HFOUࣗ਎͕৘ใΛऔಘ͢ΔͷͰɺεΩϟφར༻࣌ ʹൺ΂ͯ71$಺ͷ/8΁ͷӨڹ͸খ͘ɺ෼ੳ͸ߴ଎ ೝূ৘ใ͕ෆཁ Ϣʔεέʔε ϞόΠϧϫʔΧʔ͕ଟ͍ϗετ ηΩϡϦςΟϙϦγʔతʹωοτϫʔΫܦ༝Ͱೝূ

    ৘ใ͕࢖༻Ͱ͖ͳ͍৔߹

  79. !79 ฐࣾϒϩάͰ͝঺հ͍ͯ͠·͢ Nessus AgentΛར༻͢Δύλʔϯ

  80.   5FOBCMFJP֎෦εΩϟφΛ ར༻͢Δύλʔϯ

  81. Tenable.io֎෦εΩϟφΛར༻͢Δύλʔϯ !81 ֎෦εΩϟφΛར༻

  82. !82 ϝϦοτ σϓϩΠෆཁʢ5FOBCMFJPʹඪ४Ͱؚ·Ε͍ͯΔʣ ະ஌ͷ"TTFUTΛಛఆͰ͖Δ Ϣʔεέʔε ڴҖͷΫΠοΫ෼ੳ ϙϦγʔతʹλʔήοταʔόͷมߋ͕Ͱ͖ͳ͍৔߹ ஫ҙ఺ "84΁ͷਃ੥͕ඞཁ Tenable.io֎෦εΩϟφΛར༻͢Δύλʔϯ

  83. !83 ฐࣾϒϩάͰ͝঺հ͍ͯ͠·͢ Tenable.io֎෦εΩϟφΛར༻͢Δύλʔϯ

  84.   ·ͱΊ

  85. ·ͱΊ !85 ࣄલঝೝ͞ΕͨεΩϟφΛར༻͢Ε͹ɺ ؆୯ʹ੬ऑੑ਍அ͕ߦ͑Δ εΩϟφΠϯελϯεͷߏங͸௨ৗͷ&$ ߏஙͱಉ͡खॱ εΩϟϯ࣮ࢪͷύλʔϯʹΑͬͯ͸ɺ"84 ΁ਃ੥͕ඞཁͳ৔߹΋͋Δ

  86. ؔ࿈ࢿྉ !86  5FOBCMFJPGPS"NB[PO8FC4FSWJDFT  IUUQTEPDTUFOBCMFDPNPUIFS5FOBCMFJP"84*OUFHSBUJPO(VJEFQEG  /FTTVT"HFOUΛར༻ͨ͠੬ऑੑ਍அ  IUUQTEFWDMBTTNFUIPEKQDMPVEBXTUFOBCMFJPOFTTVTBHFOUCBTJDOFUXPSLTDBO

     5FOBCMFJPͷ#BTJD/FUXPSL4DBOΛ࣮ࢪͯ͠Έͨ  IUUQTEFWDMBTTNFUIPEKQDMPVEBXTUFOBCMFJPWVMOFSBCJMJUZNBOBHFNFOU CBTJDOFUXPSLTDBO  ੬ऑੑ਍அ͕Ͱ͖Δ5FOBCMFJPΛ"84Ͱར༻͢Δͱ͖ͷߏ੒Π ϝʔδʹ͍ͭͯ·ͱΊͯΈͨ  IUUQTEFWDMBTTNFUIPEKQDMPVEBXTUFOBCMF@BSDIJUFDU@PO@BXT

  87. !87