Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Amazon inspector で自動セキュリティ診断 / Automatic secur...
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
Ryo Shibayama
November 20, 2016
Technology
0
74
Amazon inspector で自動セキュリティ診断 / Automatic security diagnostics with Amazon inspector
Ryo Shibayama
November 20, 2016
Tweet
Share
More Decks by Ryo Shibayama
See All by Ryo Shibayama
技術広報の集い #3 Lightning Talk - LayerX
serima
0
410
採用は全員で | Chuo TECH #1
serima
4
1.5k
高専 5 年時に 7 泊 8 日の合宿型ビジコンに参加したら人生が変わった
serima
0
430
カジュアル面談を通して “自社”のことを知る
serima
0
260
倒れても進捗 / Progress even if I fall
serima
1
830
CircleCI 導入への入門 / Introduction to CircleCI
serima
0
120
GameWithを支えるインフラ基盤 - スケールイン・アウト戦略編 / GameWith infrastructure - Scale in and out strategy
serima
0
85
エンジニア採用と PHP / Engineer Recruitment and PHP
serima
0
110
できることから始める OSS Contribution / Start OSS Contribution With What You Know
serima
1
240
Other Decks in Technology
See All in Technology
制約が導く迷わない設計 〜 信頼性と運用性を両立するマイナンバー管理システムの実践 〜
bwkw
3
900
Data Hubグループ 紹介資料
sansan33
PRO
0
2.7k
Context Engineeringの取り組み
nutslove
0
310
Bill One急成長の舞台裏 開発組織が直面した失敗と教訓
sansantech
PRO
2
320
CDKで始めるTypeScript開発のススメ
tsukuboshi
1
340
インフラエンジニア必見!Kubernetesを用いたクラウドネイティブ設計ポイント大全
daitak
0
330
ClickHouseはどのように大規模データを活用したAIエージェントを全社展開しているのか
mikimatsumoto
0
210
Tebiki Engineering Team Deck
tebiki
0
24k
15 years with Rails and DDD (AI Edition)
andrzejkrzywda
0
180
外部キー制約の知っておいて欲しいこと - RDBMSを正しく使うために必要なこと / FOREIGN KEY Night
soudai
PRO
12
5k
Webhook best practices for rock solid and resilient deployments
glaforge
1
280
今日から始める Amazon Bedrock AgentCore
har1101
4
400
Featured
See All Featured
Practical Tips for Bootstrapping Information Extraction Pipelines
honnibal
25
1.7k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Balancing Empowerment & Direction
lara
5
880
Designing Experiences People Love
moore
144
24k
Building Better People: How to give real-time feedback that sticks.
wjessup
370
20k
Statistics for Hackers
jakevdp
799
230k
Highjacked: Video Game Concept Design
rkendrick25
PRO
1
280
Skip the Path - Find Your Career Trail
mkilby
0
53
Un-Boring Meetings
codingconduct
0
200
Side Projects
sachag
455
43k
How to optimise 3,500 product descriptions for ecommerce in one day using ChatGPT
katarinadahlin
PRO
0
3.4k
For a Future-Friendly Web
brad_frost
182
10k
Transcript
Amazon Inspector Ͱ ࣗಈηΩϡϦςΟஅ גࣜձࣾβούϥε @serima / ࣲࢁ ྮ
ࣗݾհ • ىۀˠ·͙·͙ˠάϦʔˠβούϥε • βούϥεೖࣾ 1 ܦͬͨ • αʔόαΠυΤϯδχΞ •
Πϯϑϥ͍ͬͯ·͢
Rint
AWS ͬͯ·͢ • βούϥεͰɺҰ෦αʔϏεͰ AWS Λར༻ • EC2/ELB/Route 53/S3/RDS/ElastiCache
• ελϯμʔυͳߏ
੬ऑੑ ಡΊͳ͍
੬ऑੑ • γεςϜͷ҆શ্ͷܽؕ • ηΩϡϦςΟϗʔϧ • ์͓ͬͯ͘ͱɺ͜ΕΛಥ͔ΕͯඃΛड͚Δ Մೳੑ͕͋Δ
ຖिͷΑ͏ʹݟ͔ͭΔ੬ऑੑ
ใݯ • JPCERT • IPA • Wordpress ެࣜαΠτ • PHP
ެࣜαΠτ • ଞʹ͍Ζ͍Ζ…
None
CVE • Common Vulnerabilities and Exposures • ڞ௨੬ऑੑࣝผࢠ • ถࠃͷMITRE͕ࣾఏڙ͍ͯ͠Δ੬ऑੑใ
σʔλϕʔε • CVE-ID ҰҙʹৼΒΕɺੈքڞ௨
ηΩϡϦςΟνΣοΫɺ ͯ͠·͔͢ʁ
Amazon Inspector • 20165݄ʹҰൠར༻։࢝ • EC2 Πϯελϯεͷ੬ऑੑΛݕͯ͘͠ΕΔ αʔϏε
None
None
ԿͷνΣοΫ͕Ͱ͖Δͷ͔ • Common Vulnerabilities and Exposures • CIS Operating System
Security Configuration Benchmarks • Security Best Practices • Runtime Behavior Analysis
खॱ • Inspector ༻ͷϩʔϧΛ࡞͢Δ • ରͱ͢Δ EC2 ΠϯελϯεʹλάΛઃఆ • σʔϞϯΛΠϯετʔϧ
• ධՁςϯϓϨʔτͷ࡞ • Ͳͷλά͕͍ͭͨΠϯελϯεʹ͍࣮ͭͯߦ͢Δͷ͔ • ԿͷηΩϡϦςΟνΣοΫΛߦ͏ͷ͔ • ࣮ߦ
None
$ curl -O https:// d1wk0tztpsntt1.cloudfront. net/linux/latest/install $ sudo bash install
None
ࢼݧ༻ʹ OpenSSL ͷ όʔδϣϯ͕গ͠ݹ͍ ΠϯελϯεΛ༻ҙ
None
݁Ռ
ͦΕͧΕʹ͍ͭͯৄࡉઆ໌ͱରॲ๏͕ࢀরͰ͖Δ
Ϧϕϯδ ͱΓ͋͑ͣॏཁ High ͷͷͳ͘ͳͬͨ
֦͕Γͱͯ͠ • Amazon SNS ରԠ͍ͯ͠ΔͷͰɺྃ࣌ʹ Slack ͳͲʹ௨ • ͪΖΜ SDK
ެ։͞Ε͍ͯΔͷͰɺఆظత ʹࣗಈ࣮ߦͤ͞Δ͜ͱՄೳ ʢࠓͷͱ͜Ζίϯιʔϧ͔ΒͰ͖Δػೳͳ ͛͞ʣ
҆৺ɾ҆શͳ։ൃΛ • ͱ͍͑ɺ͜Ε͚ͩͰෆे • ੬ऑੑʹରͯ͠ɺҰఆͷอݥΛ͔͚Δ • χϡʔεΛνΣοΫͯ͠ɺదͳରԠΛʂ
serima
bwkw
sansan33
nutslove
sansantech
tsukuboshi
daitak
mikimatsumoto
tebiki
andrzejkrzywda
soudai
glaforge
har1101
honnibal
marcelosomers
lara
moore
wjessup
jakevdp
rkendrick25
mkilby
codingconduct
sachag
katarinadahlin
brad_frost
