+ All Categories
Home > Technology > (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Date post: 01-Jul-2015
Category:
Upload: amazon-web-services
View: 1,117 times
Download: 3 times
Share this document with a friend
Description:
Learn how to increase the effectiveness of your security operations as you move to the cloud. This session for architects and IT administrators covers considerations for optimizing your incident response, monitoring, and audit response tactics to take advantage of built-in capabilities in AWS. This session provides practical advice you can apply today, pulled from industry research, direct experience helping customers migrate to the cloud, and from the speaker's own hard-earned lessons. Sponsored by Trend Micro.
36
Transcript
Page 1: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 2: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

@marknca

Page 3: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Strategy

Tactics

Page 4: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Traditional Responsibility Model

You

Page 5: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

AWS You

Shared Responsibility Model

Page 6: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

AWS

Facilities

Physical

Network

Virtualization Layer

You

Shared Responsibility Model

Page 7: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Monitoring

Forensics

4 pillars of practice

Page 8: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 9: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 10: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 11: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

SANS incident response process

Page 12: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

SANS incident response process

Page 13: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Business point of view

Page 14: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Incident response before

Server

Analyze Repair Improve

Replacement

Page 15: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Incident response before

Instance

Analyze Repair Improve

Replacement

Page 16: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Advantages

Page 17: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

In action…

Page 18: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 19: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Optimized response

Page 20: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Optimized response

Instance

Script

Analyze

Improve

API

Replacement

Page 21: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 22: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 23: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 24: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Business point of view

Page 25: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Creating an audit trail before

Servers

Change

RecordStorage Logs

Firewall / IPS

Page 26: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Creating an audit trail before

Instances

Change

Record

Central

ManagementLogs

AWS Services

Page 27: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 28: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

In action…

Page 29: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 30: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 31: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 32: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 33: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 34: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 35: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 36: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Please give us your feedback on this session.

Complete session evaluations and earn re:Invent swag.

http://bit.ly/awsevals


Recommended