Upgrade to Pro — share decks privately, control downloads, hide ads and more …

【ビジネス編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話

Tmorinaga
August 25, 2016
Technology
1
1.9k

 【ビジネス編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話

20160825 大阪

Tmorinaga

August 25, 2016
Tweet

More Decks by Tmorinaga

See All by Tmorinaga
OpsJAWS#13 IAMベストプラクティス
tmorinaga
1
3.3k
Developers.IO 2017 E3
tmorinaga
0
930
JAWS DAYS 2017 Security-JAWS発表資料
tmorinaga
2
3.7k
AWS WAFのログが3時間しか見れないのでなんとかしてみる
tmorinaga
3
3.8k
re:Growth 2016 in Tokyo
tmorinaga
0
1.9k
Developers.IO 2016 in Fukuoka
tmorinaga
1
610
【エンジニア編】AWS活用を考えているなら”必ず!"知っておくべきセキュリティの話
tmorinaga
1
3.6k
OpsJAWS#4 CloudWatch Events Hands-on
tmorinaga
3
1.5k

Other Decks in Technology

See All in Technology
DMMオンラインサロン エンジニア採用資料/ for-software-engineers
onlinesalon
0
2.3k
CyberAgent AI事業本部MLOps研修基礎編
hosimesi11
3
490
フルComposeでTVアプリを作った話
sasakitomohiro
0
280
[DevDojo] Introduction to Machine Learning
mercari
PRO
0
120
2023.06.01_LangChain/Llamaindex/Whisperを使ったアプリケーション開発のまとめと展望
pharma_x_tech
0
640
NAB Show 2023 動画技術関連レポート / NAB Show 2023 Report
cyberagentdevelopers
PRO
1
130
全AWSエンジニアに捧ぐ、CloudWatch 設計・運用 虎の巻 / CloudWatch design and operation bible
iselegant
28
10k
Head toward Java 20 and Java 21
line_developers
PRO
0
290
C# の async/await は実際にどうやって動いているか
nenonaninu
4
11k
KEDAで始めるイベント駆動システム #k8snovice / keda-tutorial
chmikata
1
130
GLOBIS データサイエンスチームのご紹介/ GLOBIS Data Science Team is hiring.
globis_gdp
0
1.9k
Save the state
keithyokoma
0
240

Featured

See All Featured
The Invisible Customer
myddelton
113
12k
Debugging Ruby Performance
tmm1
68
11k
RailsConf 2023
tenderlove
0
97
GraphQLの誤解/rethinking-graphql
sonatard
41
8.2k
Intergalactic Javascript Robots from Outer Space
tanoku
263
26k
Making Projects Easy
brettharned
102
5k
Designing for humans not robots
tammielis
245
24k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
9
780
Git: the NoSQL Database
bkeepers
PRO
420
60k
A Philosophy of Restraint
colly
195
15k
The Language of Interfaces
destraynor
149
21k
Fantastic passwords and where to find them - at NoRuKo
philnash
33
2k

Transcript

  1. Deep Security؂ࢹɾ෼ੳαʔϏε
    HOOT Security
    ͷ͝঺հ
    Ϋϥεϝιουגࣜձࣾ
    ιϦϡʔγϣϯΞʔΩςΫτ ৿Ӭେࢤ

    View Slide

  2. ࣗݾ঺հ

    View Slide

  3. Morinaga Taishi(@morimoritaitai)
    AWS Solution Archetect
    ✦ झຯ : ήʔϜ(શൠ) / ञ / Χϝϥ
    ✦ ڵຯ : Security / DevOps
    ✦ ޷͖ͳαʔϏε:Config/CloudTrail/IAM
    AWS Certified
    Solutions Architect - Professional
    DevOps Engineer - Professional
    I ❤ Config

    View Slide

  4. ձࣾ঺հ

    View Slide

  5. Classmethod,Inc.

    View Slide

  6. AWSʢΠϯϑϥʣ
    ϞόΠϧΞϓϦ
    Ϗοάσʔλ෼ੳ
    IoTʢηϯαʔʣ

    View Slide

  7. AWSϓϨϛΞ
    ίϯαϧςΟϯάύʔτφʔ
    ʢશੈքͰ46ࣾʣ

    View Slide

  8. AWS Ҡߦίϯϐςϯγʔɹ ɹɹ
    ʢશੈքͰ17ࣾʣ
    Ϗοάσʔλίϯϐςϯγʔɹɹɹ
    ʢશੈքͰ20ࣾʣ
    ϞόΠϧίϯϐςϯγʔɹɹɹɹ
    ʢશੈքͰ 6ࣾʣ

    View Slide

  9. ੈքதʹΦϑΟε

    View Slide

  10. ळ༿ݪɾେࡕɾࡳຈɾ্ӽ
    όϯΫʔόʔɾϕϧϦϯ
    New
    ਓ͕͍Δ৔ॴʹΦϑΟε͕ग़དྷ·͢

    View Slide

  11. Developers.IO

    View Slide

  12. 6600ຊͷٕज़هࣄ
    2780ຊͷAWSهࣄ
    ݄ؒ100ສPV

    View Slide

  13. ࣮຿Λ͍ͯ͠Δࣾһ͕ࣥච
    ϊ΢ϋ΢͸ੵۃతʹެ։

    View Slide

  14. ฐࣾAWS૯߹ࢧԉαʔϏε
    ʮϝϯόʔζʯͷ͝঺հ

    View Slide

  15. AWSΛ࢖͍͍ͨɻ

    View Slide

  16. AWSΛ࢖͍͍ͨɻ
    ৄ͍͠ਓ͕͍ؒͳ͍…

    View Slide

  17. AWSΛ࢖͍͍ͨɻ
    ৄ͍͠ਓ͕͍ؒͳ͍…
    ΫϨδοτΧʔυ෷͍͸ͪΐͬͱ…

    View Slide

  18. AWSΛ࢖͍͍ͨɻ
    ৄ͍͠ਓ͕͍ؒͳ͍…
    ΫϨδοτΧʔυ෷͍͸ͪΐͬͱ…
    ग़དྷΔ͚ͩ҆͘࢖͍͍ͨ…

    View Slide

  19. AWSΛ࢖͍͍ͨɻ
    ৄ͍͠ਓ͕͍ؒͳ͍…
    ΫϨδοτΧʔυ෷͍͸ͪΐͬͱ…
    ग़དྷΔ͚ͩ҆͘࢖͍͍ͨ…
    ӡ༻͸Ͳ͏͢ΔΜͩ…

    View Slide

  20. ͦͷ͓೰Έɺղܾ͠·͢ɻ

    View Slide

  21. AWS૯߹ࢧԉαʔϏε
    ϝϯόʔζ
    • AWSͷઃܭίϯαϧ
    • AWS؀ڥߏங
    • ੥ٻॻ෷͍Ͱͷ੥ٻ୅ߦ
    • ֤छਃ੥୅ߦʢ্ݶ؇࿨ਃ੥ͳͲʣ
    • QAαϙʔτɺAWSαϙʔτ୅ߦ
    • AWSར༻ྉۚͷେ෯ׂҾ
    ͝ఏҊ
    ߏங
    ӡ༻
    ؂ࢹ

    View Slide

  22. AWS૯߹ࢧԉαʔϏε
    ϝϯόʔζ
    • AWSͷઃܭίϯαϧ
    • AWS؀ڥߏங
    • ੥ٻॻ෷͍Ͱͷ੥ٻ୅ߦ
    • ֤छਃ੥୅ߦʢ্ݶ؇࿨ਃ੥ͳͲʣ
    • QAαϙʔτɺAWSαϙʔτ୅ߦ
    • AWSར༻ྉۚͷେ෯ׂҾ
    ͝ఏҊ
    ߏங
    ӡ༻
    ؂ࢹ

    View Slide

  23. AWSͷϕετϓϥΫςΟεΛ
    ஌Γਚͨ͘͠ΤϯδχΞ͕
    ࣭໰ɾ૬ஊʹͷΓ·͢ɻ

    View Slide

  24. AWS૯߹ࢧԉαʔϏε
    ϝϯόʔζ
    • AWSͷઃܭίϯαϧ
    • AWS؀ڥߏங
    • ੥ٻॻ෷͍Ͱͷ੥ٻ୅ߦ
    • ֤छਃ੥୅ߦʢ্ݶ؇࿨ਃ੥ͳͲʣ
    • QAαϙʔτɺAWSαϙʔτ୅ߦ
    • AWSར༻ྉۚͷେ෯ׂҾ
    ͝ఏҊ
    ߏங
    ӡ༻
    ؂ࢹ

    View Slide

  25. ͝ر๬ͷAWS؀ڥΛ
    ૉૣ͘௿ίετͰߏங͠·͢ɻ

    View Slide

  26. AWS૯߹ࢧԉαʔϏε
    ϝϯόʔζ
    • AWSͷઃܭίϯαϧ
    • AWS؀ڥߏங
    • ੥ٻॻ෷͍Ͱͷ੥ٻ୅ߦ
    • ֤छਃ੥୅ߦʢ্ݶ؇࿨ਃ੥ͳͲʣ
    • QAαϙʔτɺAWSαϙʔτ୅ߦ
    • AWSར༻ྉۚͷେ෯ׂҾ
    ͝ఏҊ
    ߏங
    ӡ༻
    ؂ࢹ

    View Slide

  27. ੥ٻॻʹΑΔ͓ࢧ෷͍ͳͷͰ
    ԁ෷͍ՄೳͰɺ
    ΫϨδοτΧʔυ͸ෆཁͰ͢ɻ

    View Slide

  28. AWS૯߹ࢧԉαʔϏε
    ϝϯόʔζ
    • AWSͷઃܭίϯαϧ
    • AWS؀ڥߏங
    • ੥ٻॻ෷͍Ͱͷ੥ٻ୅ߦ
    • ֤छਃ੥୅ߦʢ্ݶ؇࿨ਃ੥ͳͲʣ
    • QAαϙʔτɺAWSαϙʔτ୅ߦ
    • AWSར༻ྉۚͷେ෯ׂҾ
    ͝ఏҊ
    ߏங
    ӡ༻
    ؂ࢹ

    View Slide

  29. ൥ࡶͳαϙʔτ΁ͷ໰߹ͤ΍
    ֤छਃ੥΋୅ߦͯ͠ߦ͍·͢ɻ

    View Slide

  30. AWS૯߹ࢧԉαʔϏε
    ϝϯόʔζ
    • AWSͷઃܭίϯαϧ
    • AWS؀ڥߏங
    • ੥ٻॻ෷͍Ͱͷ੥ٻ୅ߦ
    • ֤छਃ੥୅ߦʢ্ݶ؇࿨ਃ੥ͳͲʣ
    • QAαϙʔτɺAWSαϙʔτ୅ߦ
    • AWSར༻ྉۚͷେ෯ׂҾ
    ͝ఏҊ
    ߏங
    ӡ༻
    ؂ࢹ

    View Slide

  31. పఈͨ͠ར༻෼ੳʹΑΔ
    ίετޮ཰ԽʹΑͬͯ
    ҟ࣍ݩͷׂҾΛఏڙ͠·͢ɻ

    View Slide

  32. ׂҾྫ
    • EC2ΦϯσϚϯυར༻අ 10%OFF
    • CloudFront௨৴අ 64%OFF
    • AWSΤϯλʔϓϥΠζαϙʔτʹ

    ɹɹɹɹɹɹɹɹɹ૬౰͢Δαϙʔτ ແྉ

    View Slide

  33. ͞Βʹ෇ଳଛ֐อݥΛ
    ඪ४Ͱ͓෇͚͠·͢ɻ

    View Slide

  34. ౦ژւ্೔ಈͷAWSϢʔβʔ޲͚
    ઐ༻อݥ͕ඪ४Ͱద༻

    View Slide

  35. ༷ʑͳΦϓγϣϯαʔϏεΛ
    ͝༻ҙ͓ͯ͠Γ·͢ɻ

    View Slide

  36. ϝϯόʔζͷΦϓγϣϯαʔϏε
    • ೔தӡ༻ࢧԉαʔϏε
    • 24/365 ແਓࣗಈ؂ࢹαʔϏεʮ͘Β΋Μʯ
    • Deep Security؂ࢹɾ෼ੳαʔϏε

    ɹɹɹɹɹɹɹɹɹɹɹɹʮHoot Securityʯ

    View Slide

  37. ϝϯόʔζͷΦϓγϣϯαʔϏε
    • ೔தӡ༻ࢧԉαʔϏε
    • 24/365 ແਓࣗಈ؂ࢹαʔϏεʮ͘Β΋Μʯ
    • Deep Security؂ࢹɾ෼ੳαʔϏε

    ɹɹɹɹɹɹɹɹɹɹɹɹʮHoot Securityʯ

    View Slide

  38. ฐࣾDeep Security؂ࢹɾ෼ੳαʔϏε
    ʮHoot Securityʯͷ͝঺հ

    View Slide

  39. ηΩϡϦςΟରࡦͰ
    Deep SecurityΛಋೖ͠Α͏ɻ

    View Slide

  40. ηΩϡϦςΟରࡦͰ
    Deep SecurityΛಋೖ͠Α͏ɻ
    ಋೖͨ͠΋ͷͷઃఆ͕෼͔Βͳ͍…

    View Slide

  41. ηΩϡϦςΟରࡦͰ
    Deep SecurityΛಋೖ͠Α͏ɻ
    ಋೖͨ͠΋ͷͷઃఆ͕෼͔Βͳ͍…
    DS͕ͪΌΜͱಈ࡞͍ͯ͠Δ͔ෆ҆…

    View Slide

  42. ηΩϡϦςΟରࡦͰ
    Deep SecurityΛಋೖ͠Α͏ɻ
    ಋೖͨ͠΋ͷͷઃఆ͕෼͔Βͳ͍…
    DS͕ͪΌΜͱಈ࡞͍ͯ͠Δ͔ෆ҆…
    ߈ܸ͞Ε͚ͯͨͲؾ෇͔ͳ͔ͬͨ…

    View Slide

  43. ηΩϡϦςΟରࡦͰ
    Deep SecurityΛಋೖ͠Α͏ɻ
    ಋೖͨ͠΋ͷͷઃఆ͕෼͔Βͳ͍…
    DS͕ͪΌΜͱಈ࡞͍ͯ͠Δ͔ෆ҆…
    ߈ܸ͞Ε͚ͯͨͲؾ෇͔ͳ͔ͬͨ…
    ͜ͷ߈ܸͬͯͲ͏ରࡦ͢Ε͹͍͍ͷ…ʁ

    View Slide

  44. ͦͷ͓೰Έɺղܾ͠·͢ɻ

    View Slide

  45. Deep Security؂ࢹɾ෼ੳαʔϏε
    Hoot Security
    • ॳظߏங
    • ηΩϡϦςΟΠϯγσϯτ෼ੳ
    • ϩάɺϨϙʔτ
    • γεςϜϑΝϯΫγϣϯ؂ࢹ
    • ϙϦγʔνϡʔχϯά
    • Web ϙʔλϧαΠτ
    • ৘ใఏڙ
    ෼ੳ
    ؂ࢹ

    View Slide

  46. Deep Security؂ࢹɾ෼ੳαʔϏε
    Hoot Security
    • ॳظߏங
    • ηΩϡϦςΟΠϯγσϯτ෼ੳ
    • ϩάɺϨϙʔτ
    • γεςϜϑΝϯΫγϣϯ؂ࢹ
    • ϙϦγʔνϡʔχϯά
    • Web ϙʔλϧαΠτ
    • ৘ใఏڙ
    ෼ੳ
    ؂ࢹ

    View Slide

  47. Trend Microͷೝఆࢿ֨Λ
    ࣋ͬͨࣾһ͕ߏஙΛߦ͍·͢ɻ

    View Slide

  48. Deep Security؂ࢹɾ෼ੳαʔϏε
    Hoot Security
    • ॳظߏங
    • ηΩϡϦςΟΠϯγσϯτ෼ੳ
    • ϩάɺϨϙʔτ
    • γεςϜϑΝϯΫγϣϯ؂ࢹ
    • ϙϦγʔνϡʔχϯά
    • Web ϙʔλϧαΠτ
    • ৘ใఏڙ
    ෼ੳ
    ؂ࢹ

    View Slide

  49. ηΩϡϦςΟͷઐ໳Ո͕
    ϩάΛ෼ੳ͠ɺඞཁʹԠͯ͡
    ϝʔϧ௨஌͍ͨ͠·͢ɻ

    View Slide

  50. ݄࣍ΠϯγσϯτϨϙʔτΛ
    ૹ෇͍ͨ͠·͢ɻ

    View Slide

  51. Deep Security؂ࢹɾ෼ੳαʔϏε
    Hoot Security
    • ॳظߏங
    • ηΩϡϦςΟΠϯγσϯτ෼ੳ
    • ϩάɺϨϙʔτ
    • γεςϜϑΝϯΫγϣϯ؂ࢹ
    • ϙϦγʔνϡʔχϯά
    • Web ϙʔλϧαΠτ
    • ৘ใఏڙ
    ෼ੳ
    ؂ࢹ

    View Slide

  52. Deep Securityͷػೳ͕
    ਖ਼ৗʹಈ࡞͍ͯ͠Δ͔Λ
    24/365༗ਓ؂ࢹ͠·͢ɻ

    View Slide

  53. Deep Security؂ࢹɾ෼ੳαʔϏε
    Hoot Security
    • ॳظߏங
    • ηΩϡϦςΟΠϯγσϯτ෼ੳ
    • ϩάɺϨϙʔτ
    • γεςϜϑΝϯΫγϣϯ؂ࢹ
    • ϙϦγʔνϡʔχϯά
    • Web ϙʔλϧαΠτ
    • ৘ใఏڙ
    ෼ੳ
    ؂ࢹ

    View Slide

  54. ੬ऑੑɺαʔόઃఆ౳ʹԠͯ͡
    ϙϦγʔνϡʔχϯά͠·͢ɻ

    View Slide

  55. ࣄྫ͝঺հ
    • ࣜձࣾIDOM༷ʢچΨϦόʔΠϯλʔφγϣφϧ༷ʣ
    http://classmethod.jp/cases/gulliver/gulliver-221616-com/

    View Slide

  56. ʮηΩϡϦςΟ͕ؾʹͳΔʯ
    ʮDeep Security࢖͍͍ͨʯ
    ͱ͍͏ํ͸͝ݕ౼Լ͍͞ɻ

    View Slide

  57. Πϕϯτͷ͝঺հ

    View Slide

  58. େࡕͰ͸9/15։࠵༧ఆ
    http://dev.classmethod.jp/news/bigdata-20160915-27/

    View Slide

  59. 9/16։࠵༧ఆ
    http://dev.classmethod.jp/news/aws-premier-night-2/

    View Slide

  60. ͋Γ͕ͱ͏͍͟͝·ͨ͠ɻ

    View Slide

  61. View Slide