AWS Data User Group Bangalore and Cloudnloud Tech Communtiy Meetup - May 2023
Fortifying security in AWS Cloud : Security Services and Best Practices - Cloudnloud tech community
Event dated: 13 May 2023
Virtual Meetup, Techies Talk organized by Cloudnloud Tech Community and AWS User Group Bangalore.
2022, Amazon Web Services, Inc. or its affiliates. Cybersecurity and its need The Shared Responsibility Model in AWS AWS Security, identity, and Compliance Services Hands-on demo Incident Response AWS Security – Best Practices Session Agenda
terminologies which we will be using in this session - Vulnerability A vulnerability is a weakness in hardware or a software that can be exploited. Threat a threat is anything that could exploit a vulnerability Risk Risk is the probability of a security incident occurring Sensative info Usernames, passwords, secret keys, secrets, config files, 7 Service Entities Events, Incidents and Logs IT Infrastucture Services provided by Cloud Service provider. Attacker, Victim, Organization, Service Provider Security events occurring are called events. These are recorded as logs Servers, Storage and Networking Capabilities
2022, Amazon Web Services, Inc. or its affiliates. AWS Security - Best Practises Secure your credentials Secure your Applications Backup a lot and test your recovery resources before you need them Understand the AWS Shared Responsibility Model Do not use root account credentials for day-to-day interactions with AWS! Activate multi-factor authentication (MFA) on the AWS account root user and any users with interactive access to AWS Identity and Access Management (IAM) Audit IAM users and their policies frequently Monitor your account and its resources Enable logs