Next-Level Defense: What re: Invent 2024 Means for Your Security

Transcript

1. Sena Yakut, 2024 Next-Level Defense: What re: Invent 2024 Means

   for Your Security

2. About Me Cloud Security Architect @CyberWhiz All links about me:

3. Our Sponsors

4. “Everything starts with security”

5. “Everything starts with security” • Culture of security importance in

   AWS • Security should be internal mindset • Ownership → required

6. “Everything starts with security” • Threat modeling • Training •

   AWS Security Team teaches other teams to be security champ.

7. New: Centrally Managing Root Access • Root account management is

   most critical thing in AWS environment. • Lots of AWS accounts • Enable MFA • Delete access key / secret key • Centrally manage the root access of all your AWS accounts within an organization • New term: Root sessions → AWS root sessions give temporary access to specific tasks that need root-level permissions. • Manage these tasks from one central account, so you don’t have to log in to each account separately https://senayakut.com/centralized-root-access-management-simplified-with-aws- organizations-5c8bdee20b1e

8. New: Centrally Managing Root Access • You can see this

   new feature in the AWS IAM console.

9. New: Centrally Managing Root Access • All accounts in your

   AWS Organizations

10. New: Centrally Managing Root Access What if we need root

    user credentials for specific actions?

11. New: Centrally Managing Root Access What if we need root

    user credentials for specific actions?

12. New: Declarative Policies for EC2 • Define and enforce configurations

    for all AWS accounts • Apply configuration at scale • Declare and enforce desired configuration for a given AWS service at scale across your organization → Declarative Policies

13. New: Declarative Policies for EC2

14. New: Declarative Policies for EC2

15. New: Amazon GuardDuty Extended Threat Detection

16. New: Amazon GuardDuty Extended Threat Detection

17. New: Amazon GuardDuty Extended Threat Detection

18. New: Amazon GuardDuty Extended Threat Detection New Finding Type!!!

19. New: Amazon GuardDuty Extended Threat Detection

20. New: Amazon GuardDuty Extended Threat Detection

21. New: Amazon GuardDuty Extended Threat Detection Integrates with existing GuardDuty

    workflows, including the AWS Security Hub, Amazon EventBridge, and third- party security event management systems.

22. v New: AWS Security Incident Response Responding security incidents is

    hard work. • Communications • Alert prioritization • Tools / mechanisms

23. New: AWS Security Incident Response

24. v New: AWS Security Incident Response To solve all of

    these: Please see pricing page before use it ☺

25. New: AWS Security Incident Response Proactive Security Response Amazon GuardDuty

    AWS Security Hub + Customer metadata + Service Intelligence = True Positive False Positive

26. New: AWS Security Incident Response Streamlined and Coordinated Incident Response

    Customer Managed Self managed or AWS CIRT supported

27. Thank you!