+ All Categories
Home > Technology > (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

(SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Date post: 01-Jul-2015
Category:

Technology
Upload: amazon-web-services
View: 1,117 times
Download: 3 times
Download Report this document
Share this document with a friend
Description:
Learn how to increase the effectiveness of your security operations as you move to the cloud. This session for architects and IT administrators covers considerations for optimizing your incident response, monitoring, and audit response tactics to take advantage of built-in capabilities in AWS. This session provides practical advice you can apply today, pulled from industry research, direct experience helping customers migrate to the cloud, and from the speaker's own hard-earned lessons. Sponsored by Trend Micro.
36
Transcript
Page 1: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 2: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

@marknca

Page 3: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Strategy

Tactics

Page 4: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Traditional Responsibility Model

You

Page 5: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

AWS You

Shared Responsibility Model

Page 6: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

AWS

Facilities

Physical

Network

Virtualization Layer

You

Shared Responsibility Model

Page 7: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Monitoring

Forensics

4 pillars of practice

Page 8: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 9: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 10: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 11: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

SANS incident response process

Page 12: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

SANS incident response process

Page 13: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Business point of view

Page 14: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Incident response before

Server

Analyze Repair Improve

Replacement

Page 15: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Incident response before

Instance

Analyze Repair Improve

Replacement

Page 16: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Advantages

Page 17: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

In action…

Page 18: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 19: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Optimized response

Page 20: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Optimized response

Instance

Script

Analyze

Improve

API

Replacement

Page 21: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 22: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 23: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 24: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Business point of view

Page 25: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Creating an audit trail before

Servers

Change

RecordStorage Logs

Firewall / IPS

Page 26: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Creating an audit trail before

Instances

Change

Record

Central

ManagementLogs

AWS Services

Page 27: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 28: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

In action…

Page 29: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 30: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 31: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 32: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 33: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 34: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 35: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014
Page 36: (SEC313) Updating Security Operations for the Cloud | AWS re:Invent 2014

Please give us your feedback on this session.

Complete session evaluations and earn re:Invent swag.

http://bit.ly/awsevals

http://bit.ly/awsevals

Recommended
AWS re:Invent - Accelerating Research

AWS re:Invent - Accelerating Research

Technology

AWS re:Invent Hackathon

AWS re:Invent Hackathon

Technology

Amazon Cloudsearch Session With Elsevier: re:Invent 2013

Amazon Cloudsearch Session With Elsevier: re:Invent 2013

Technology

AWS re:Invent 2017 Recap

AWS re:Invent 2017 Recap

Technology

Feedback on AWS re:invent 2016

Feedback on AWS re:invent 2016

Engineering

AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to Execution (SEC313)

AWS re:Invent 2016: Automating Security Event Response, from Idea to Code to Execution (SEC313)

Technology

AWS re:Invent re:Flection - Spot Pricing

AWS re:Invent re:Flection - Spot Pricing

Technology

ARC201 Microservices Architecture @ AWS re:Invent 2015

ARC201 Microservices Architecture @ AWS re:Invent 2015

Technology

Devops at Netflix (re:Invent)

Devops at Netflix (re:Invent)

Technology

Reserved Seating at AWS re:Invent 2016

Reserved Seating at AWS re:Invent 2016

Technology

SEC313 Securing Enterprise Platforms And Perimeters AKA – Building a Perimeter Platform and Infrastructure (with security) Ben Smith Senior Security Strategist.

SEC313 Securing Enterprise Platforms And Perimeters AKA – Building a Perimeter Platform and Infrastructure (with security) Ben Smith Senior Security Strategist.

Documents

(SEC313) Security & Compliance at the Petabyte Scale

(SEC313) Security & Compliance at the Petabyte Scale

Technology

AWS re:Invent 2015 re:Cap

AWS re:Invent 2015 re:Cap

Internet

AWS re:Invent 2017 re:View

AWS re:Invent 2017 re:View

Technology

AWS re:Invent 2016: Amazon EC2 Foundations (CMP203)

AWS re:Invent 2016: Amazon EC2 Foundations (CMP203)

Technology

The Startup’s Guide to re:Invent · 2020-04-13 · PG. 2 About re:Invent re:Invent offers four days (give or take) to rub backpacks with about 70,000 of your fellow developers,

The Startup’s Guide to re:Invent · 2020-04-13 · PG. 2 About re:Invent re:Invent offers four days (give or take) to rub backpacks with about 70,000 of your fellow developers,

Documents

AWS re:Invent 2016 recap (part 2)

AWS re:Invent 2016 recap (part 2)

Technology

JAWS-UG Osaka Special re:Invent 2013

JAWS-UG Osaka Special re:Invent 2013

Technology