Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Cloud Security From Scratch

Sena Yakut
December 27, 2023
0
80

Cloud Security From Scratch

Sena Yakut

December 27, 2023
Tweet

More Decks by Sena Yakut

See All by Sena Yakut
Securing Large Language Models- Threats and Mitigations
senayakut
0
24
Cloud Security Engineering: The Profession of the Future
senayakut
0
28
Gateway to Cloud Security Heaven: Our AWS Expedition
senayakut
0
280
DevSecOps Best Practices- Secure Everything You Have
senayakut
0
130
Securing The Sky Strategies For Protecting Against Cloud Hacking
senayakut
0
91
Cloud Security 101: Ultimate weapon against cyber threats
senayakut
0
110
Journey to the Cloud: An Introduction and Security Overview
senayakut
0
41
Explore Ten Ways to Secure The Cloud
senayakut
0
55
PartyRock-Your Security Supporters
senayakut
0
46

Featured

See All Featured
How STYLIGHT went responsive
nonsquared
95
5.1k
Building a Scalable Design System with Sketch
lauravandoore
459
33k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
3
360
Side Projects
sachag
452
42k
It's Worth the Effort
3n
183
27k
Visualization
eitanlees
143
15k
Fantastic passwords and where to find them - at NoRuKo
philnash
50
2.8k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
106
49k
CSS Pre-Processors: Stylus, Less & Sass
bermonpainter
355
29k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
37
1.8k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
504
140k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
28
7.9k

Transcript

  1. Cloud Security From Scratch Sena Yakut, 2023

  2. About Me Senior Cloud Security Engineer @Lyrebird Studio senayakut.com /sena-yakut

    Security & Identity @sena_yakutt

  3. Cloud Security Challenges - Lots of different environments, - Lots

    of cloud services that we should protect, - Lack of skills, - Lots of cloud security products, struggling to choose which one is the best, - Everyday, a new scenario, - Development is still ongoing, we need to think about security also. - Attackers are fast learners.

  4. Shared Responsibility Model for Cloud

  5. Your To-Do List for an AWS Account Use a distribution

    list for the root account - The most important account for cloud resources, - Phishing is still a most dangerous threat. - Use a group instead of one person. - Store securely the password.

  6. Your To-Do List for an AWS Account Use MFA -

    MFA is not an option, it’s a necessity. - Enable MFA wherever you can. - Use Authenticator apps, OTP tokens, etc. - Use multiple MFA options.

  7. Your To-Do List for an AWS Account Enable AWS CloudTrail

    - Who, when, what? - Focuses on the AWS environment and users, - Configure AWS CloudTrail in all regions enabled, - Store CloudTrail Logs, - Enable log file integrity for your logs.

  8. Your To-Do List for an AWS Account Enable AWS CloudTrail

  9. Your To-Do List for an AWS Account Enable Amazon GuardDuty

    - Threat detection, - Continuous monitoring service, - For your AWS accounts and workloads, - Just a few clicks for enabling, - Actionable results for your environment.

  10. Your To-Do List for an AWS Account Enable Amazon GuardDuty

  11. Your To-Do List for an AWS Account Enable Amazon GuardDuty

  12. Your To-Do List for an AWS Account Centralize Your Security

    Logs - Lots of logs: CloudWatch, Access Logs, CloudTrail, VPC Flow Logs etc. - Centralized storage in different AWS account is important.

  13. Your To-Do List for an AWS Account Centralize Your Security

    Logs

  14. Your To-Do List for an AWS Account Use Infrastructure as

    Code - Minimize the risk of human error, - Increased efficiency, - You’ll code all security best practices once, they can be deployed without any security misconfigurations anytime you want.

  15. Your To-Do List for an AWS Account Use Infrastructure as

    Code IaC security scanning options

  16. Your To-Do List for an AWS Account Review Your Resources

    Regularly - Use CSPM tools, - Review, audit, alert, monitor with different options.

  17. Your To-Do List for an AWS Account Review Your Resources

    Regularly

  18. Your To-Do List for an AWS Account Review Your Resources

    Regularly

  19. Questions?