Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cloud Security From Scratch

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for Sena Yakut Sena Yakut
December 27, 2023
110
0

Cloud Security From Scratch

Avatar for Sena Yakut

Sena Yakut

December 27, 2023

More Decks by Sena Yakut

See All by Sena Yakut
The Magic Behind Automated Security Response on AWS
Avatar for Sena Yakut senayakut
0
17
AWS Cloud Security Fundamentals
Avatar for Sena Yakut senayakut
0
130
When Cloud Security Meets AI: A Playbook for the Future Leaders
Avatar for Sena Yakut senayakut
0
63
Oops, I Broke It Again - Practicing Safe Chaos in the Cloud
Avatar for Sena Yakut senayakut
0
61
Your AWS Account Got Hacked. What Happens Now?
Avatar for Sena Yakut senayakut
0
73
From Prompt to Prediction: Understanding LLM Outputs
Avatar for Sena Yakut senayakut
0
46
Thank U, Next... Prompt - Securing Generative AI Like a Queen
Avatar for Sena Yakut senayakut
0
75
Dangerous by Design Cloud Security Flaws We Keep Repeating
Avatar for Sena Yakut senayakut
0
390
re:Inforce 2025 - Serverless Threat Response for Amazon S3 Malware Detection
Avatar for Sena Yakut senayakut
0
83

Featured

See All Featured
Avoiding the “Bad Training, Faster” Trap in the Age of AI
Avatar for Mike Taylor tmiket
0
170
The Straight Up "How To Draw Better" Workshop
Avatar for Dennis Kardys denniskardys
239
140k
Kristin Tynski - Automating Marketing Tasks With AI
Avatar for Tech SEO Connect techseoconnect
PRO
0
270
How to Think Like a Performance Engineer
Avatar for Harry Roberts csswizardry
28
2.6k
Information Architects: The Missing Link in Design Systems
Avatar for Michelle Chin soysaucechin
0
960
Visual Storytelling: How to be a Superhuman Communicator
Avatar for David Neal reverentgeek
2
550
How to Ace a Technical Interview
Avatar for Jacob Kaplan-Moss jacobian
281
24k
Building Better People: How to give real-time feedback that sticks.
Avatar for Will Jessup wjessup
370
20k
Discover your Explorer Soul
Avatar for Emna emna__ayadi
2
1.1k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
Avatar for Akihiro Kokubo akihiro_kokubo
PRO
71
40k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
35
3.5k
Measuring Dark Social's Impact On Conversion and Attribution
Avatar for Stephen Akadiri stephenakadiri
2
210

Transcript

  1. Cloud Security From Scratch Sena Yakut, 2023

  2. About Me Senior Cloud Security Engineer @Lyrebird Studio senayakut.com /sena-yakut

    Security & Identity @sena_yakutt

  3. Cloud Security Challenges - Lots of different environments, - Lots

    of cloud services that we should protect, - Lack of skills, - Lots of cloud security products, struggling to choose which one is the best, - Everyday, a new scenario, - Development is still ongoing, we need to think about security also. - Attackers are fast learners.

  4. Shared Responsibility Model for Cloud

  5. Your To-Do List for an AWS Account Use a distribution

    list for the root account - The most important account for cloud resources, - Phishing is still a most dangerous threat. - Use a group instead of one person. - Store securely the password.

  6. Your To-Do List for an AWS Account Use MFA -

    MFA is not an option, it’s a necessity. - Enable MFA wherever you can. - Use Authenticator apps, OTP tokens, etc. - Use multiple MFA options.

  7. Your To-Do List for an AWS Account Enable AWS CloudTrail

    - Who, when, what? - Focuses on the AWS environment and users, - Configure AWS CloudTrail in all regions enabled, - Store CloudTrail Logs, - Enable log file integrity for your logs.

  8. Your To-Do List for an AWS Account Enable AWS CloudTrail

  9. Your To-Do List for an AWS Account Enable Amazon GuardDuty

    - Threat detection, - Continuous monitoring service, - For your AWS accounts and workloads, - Just a few clicks for enabling, - Actionable results for your environment.

  10. Your To-Do List for an AWS Account Enable Amazon GuardDuty

  11. Your To-Do List for an AWS Account Enable Amazon GuardDuty

  12. Your To-Do List for an AWS Account Centralize Your Security

    Logs - Lots of logs: CloudWatch, Access Logs, CloudTrail, VPC Flow Logs etc. - Centralized storage in different AWS account is important.

  13. Your To-Do List for an AWS Account Centralize Your Security

    Logs

  14. Your To-Do List for an AWS Account Use Infrastructure as

    Code - Minimize the risk of human error, - Increased efficiency, - You’ll code all security best practices once, they can be deployed without any security misconfigurations anytime you want.

  15. Your To-Do List for an AWS Account Use Infrastructure as

    Code IaC security scanning options

  16. Your To-Do List for an AWS Account Review Your Resources

    Regularly - Use CSPM tools, - Review, audit, alert, monitor with different options.

  17. Your To-Do List for an AWS Account Review Your Resources

    Regularly

  18. Your To-Do List for an AWS Account Review Your Resources

    Regularly

  19. Questions?