+ All Categories
Home > Technology > (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Date post: 01-Jul-2015
Category:

Technology
Upload: amazon-web-services
View: 1,117 times
Download: 3 times
Download Report this document
Share this document with a friend
Description:
Learn how to increase the effectiveness of your security operations as you move to the cloud. This session for architects and IT administrators covers considerations for optimizing your incident response, monitoring, and audit response tactics to take advantage of built-in capabilities in AWS. This session provides practical advice you can apply today, pulled from industry research, direct experience helping customers migrate to the cloud, and from the speaker's own hard-earned lessons. Sponsored by Trend Micro.
36
Transcript
Page 1: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 2: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

@marknca

Page 3: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Strategy

Tactics

Page 4: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Traditional Responsibility Model

You

Page 5: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

AWS You

Shared Responsibility Model

Page 6: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

AWS

Facilities

Physical

Network

Virtualization Layer

You

Shared Responsibility Model

Page 7: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Monitoring

Forensics

4 pillars of practice

Page 8: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 9: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 10: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 11: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

SANS incident response process

Page 12: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

SANS incident response process

Page 13: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Business point of view

Page 14: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Incident response before

Server

Analyze Repair Improve

Replacement

Page 15: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Incident response before

Instance

Analyze Repair Improve

Replacement

Page 16: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Advantages

Page 17: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

In action…

Page 18: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 19: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Optimized response

Page 20: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Optimized response

Instance

Script

Analyze

Improve

API

Replacement

Page 21: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 22: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 23: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 24: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Business point of view

Page 25: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Creating an audit trail before

Servers

Change

RecordStorage Logs

Firewall / IPS

Page 26: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Creating an audit trail before

Instances

Change

Record

Central

ManagementLogs

AWS Services

Page 27: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 28: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

In action…

Page 29: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 30: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 31: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 32: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 33: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 34: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 35: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 36: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Please give us your feedback on this session.

Complete session evaluations and earn re:Invent swag.

http://bit.ly/awsevals

http://bit.ly/awsevals

Recommended
AWS re:Invent - Accelerating Research

AWS re:Invent - Accelerating Research

Technology

Navigating AWS re:Invent 2015

Navigating AWS re:Invent 2015

Technology

ARC201 Microservices Architecture @ AWS re:Invent 2015

ARC201 Microservices Architecture @ AWS re:Invent 2015

Technology

Bluesoft @ AWS re:Invent 2017 + AWS 101

Bluesoft @ AWS re:Invent 2017 + AWS 101

Technology

AWS re:Invent 2016: Amazon EC2 Foundations (CMP203)

AWS re:Invent 2016: Amazon EC2 Foundations (CMP203)

Technology

20131122 cloudpack Night re:Invent report

20131122 cloudpack Night re:Invent report

Technology

(ENT401) Hybrid Infrastructure Integration | AWS re:Invent 2014

(ENT401) Hybrid Infrastructure Integration | AWS re:Invent 2014

Technology

AWS re:Invent 2016 Fast Forward

AWS re:Invent 2016 Fast Forward

Technology

AWS re:Invent 2016 Photo Report

AWS re:Invent 2016 Photo Report

Technology

(SEC305) IAM Best Practices | AWS re:Invent 2014

(SEC305) IAM Best Practices | AWS re:Invent 2014

Technology

AWS re:Invent 2016 recap (part 2)

AWS re:Invent 2016 recap (part 2)

Technology

AWS re:Invent 2016: Open-Source Resources (DCS201)

AWS re:Invent 2016: Open-Source Resources (DCS201)

Technology

AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to Execution (SEC313)

AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to Execution (SEC313)

Technology

Brands Re:charge, Re:invent, Re:engage in today's times

Brands Re:charge, Re:invent, Re:engage in today's times

Business

Recap of AWS re:invent 2015

Recap of AWS re:invent 2015

Internet

AWS re:Invent re:Flection - Spot Pricing

AWS re:Invent re:Flection - Spot Pricing

Technology

The Startup’s Guide to re:Invent · 2020-04-13 · PG. 2 About re:Invent re:Invent offers four days (give or take) to rub backpacks with about 70,000 of your fellow developers,

The Startup’s Guide to re:Invent · 2020-04-13 · PG. 2 About re:Invent re:Invent offers four days (give or take) to rub backpacks with about 70,000 of your fellow developers,

Documents

Amazon Cloudsearch Session With Elsevier: re:Invent 2013

Amazon Cloudsearch Session With Elsevier: re:Invent 2013

Technology