security day - intro
TRANSCRIPT
![Page 1: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/1.jpg)
AWS Security Day Welcome
![Page 2: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/2.jpg)
9:00 Welcome & Keynote
9:30 The AWS Shared Security Responsibility Model in Practice
10:10 FIRE ALARM TEST
10:20 Break
10:45 IAM Best Practices
11:30 Encryption Options on AWS
12:30 Lunch
13:30 AWS Logging, Analysis and Alerting
14:30 Account Separation and Mandatory Access Control
15:30 What’s New: Web Application Firewall, Config Rules, Inspector
16:30 Q &A + Close
Today’s Session Plan
![Page 3: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/3.jpg)
Feedback.
It’s really important
to us
#AWS
#SecurityDay
![Page 5: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/5.jpg)
Over 1 Million Active Customers
“Active customer” is defined as a non-Amazon customer with AWS account usage activity in the past month, including the free tier
2 0 0 8 2 0 0 9 2 0 1 0 2 0 1 1 2 0 1 2 2 0 1 3 2 0 1 52 0 14
![Page 6: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/6.jpg)
Startup Customers
http://aws.amazon.com/solutions/case-studies/
Meerkat
![Page 7: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/7.jpg)
Enterprise Customers
http://aws.amazon.com/solutions/case-studies/
![Page 8: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/8.jpg)
ISV Partners
http://aws.amazon.com/solutions/case-studies/
![Page 9: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/9.jpg)
Gartner“MagicQuadrantforCloudInfrastructureasaService,”LydiaLeong,DouglasToombs,BobGill,GregorPetri,TinyHaynes,May28,2014.ThisMagicQuadrantgraphicwaspublishedbyGartner,Inc.aspartofalargerresearchnoteandshouldbeevaluatedinthecontextoftheenMrereport.TheGartnerreportisavailableathNp://aws.amazon.com/resources/analyst-reports/.Gartnerdoesnotendorseanyvendor,productorservicedepictedinitsresearchpublicaMons,anddoesnotadvisetechnologyuserstoselectonlythosevendorswiththehighestraMngs.GartnerresearchpublicaMonsconsistoftheopinionsofGartner'sresearchorganizaMonandshouldnotbeconstruedasstatementsoffact.GartnerdisclaimsallwarranMes,expressedorimplied,withrespecttothisresearch,includinganywarranMesofmerchantabilityorfitnessforaparMcularpurpose.
Gartner Magic Quadrant Cloud Infrastructure as a Service
![Page 10: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/10.jpg)
Cloud Has Become The New Normal
![Page 11: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/11.jpg)
What Are The Patterns Of This New Normal?
![Page 12: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/12.jpg)
Start-ups Build Businesses From Scratch In The Cloud
1
![Page 13: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/13.jpg)
No legacy Lower cost structureNo dependencies
SMove quickly
Building All Applications In The Cloud
![Page 14: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/14.jpg)
Disrupt Long Standing Industries, Quickly
Hotels Storage Gaming
Collaboration Matchmaking
![Page 15: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/15.jpg)
Speed Is Not Just For Start-ups: Companies of All Sizes Move Faster Than Ever Before
2
![Page 16: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/16.jpg)
![Page 17: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/17.jpg)
It’s Impossible To Stay Competitive Today Without The Cloud
![Page 18: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/18.jpg)
In The Old Days…
Spend millions for expensive, inflexible, slow-moving infrastructure that is
#FrozenInTime
![Page 19: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/19.jpg)
Old World
Large upfront capital investment
Basic compute and storage only
Responsible for feature upgrades
Slow to get new capabilities
Low, variable cost
Broad and deep platform
New features arrive daily
Ready to use
![Page 20: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/20.jpg)
Enterprises Are Using The Cloud For New Apps & Digital Transformation
StatCast App platform Healthcare E-commerce
Digital Personal Finance Web Digital content
![Page 21: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/21.jpg)
Customers Want Access To The Sunday Roast with all the Trimmings
3
![Page 22: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/22.jpg)
Key Components Of Agility
+ =
Quick to provision
Don’t have to reinvent the wheel
Vast infrastructure technology platform
![Page 23: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/23.jpg)
Vast Infrastructure Technology Platform
RegionsAvailability Zones
Points of Presence
INFRASTRUCTURE
CORE SERVICES
Compute VMs, Auto-scaling, & Load Balancing
Storage Object, Blocks, Archivals, Import/Export
Databases Relational, NoSQL, Caching, Migration
Networking VPC, DX, DNSCDN
![Page 24: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/24.jpg)
Vast Infrastructure Technology Platform
ENTERPRISE APPS
DEVELOPMENT & OPERATIONSMOBILE SERVICESAPP SERVICESANALYTICS
Data Warehousing
Hadoop/Spark
Streaming Data Collection
Machine Learning
Elastic Search
Virtual Desktops
Sharing & Collaboration
Corporate Email
Backup
Queuing & Notifications
Workflow
Search
Transcoding
One-click App Deployment
Identity
Sync
Single Integrated Console
Push Notifications
DevOps Resource Management
Application Lifecycle Management
Containers
Triggers
Resource Templates
TECHNICAL & BUSINESS SUPPORT
Account Management
Support
Professional Services
Training & Certification
Security & Pricing Reports
Partner Ecosystem
Solutions Architects
MARKETPLACE
Business AppsBusiness Intelligence DatabasesDevOps Tools NetworkingSecurity Storage
Access Control
Identity Management
Key Management & Storage
Monitoring & Logs
Assessment & Reporting
Resource & Usage Auditing
SECURITY & COMPLIANCE
Configuration Compliance
Web Application Firewall
HYBRID ARCHITECTURE
Data Backups
Integrated App Deployments
Direct Connect
Identity Federation
Integrated Resource Management
Integrated Networking
API Gateway
IoT
Rules Engine
Device Shadows
Device SDKs
Registry
Device Gateway
Streaming Data Analysis
Business Intelligence
Mobile Analytics
RegionsAvailability Zones
Points of Presence
INFRASTRUCTURE
CORE SERVICES
Compute VMs, Auto-scaling, & Load Balancing
Storage Object, Blocks, Archivals, Import/Export
Databases Relational, NoSQL, Caching, Migration
Networking VPC, DX, DNSCDN
![Page 25: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/25.jpg)
Expansive Services With Depth of Functionality
Compute Databases Encryption Access Control
General Purpose (M4)
Compute Optimized (C4)
Memory Optimized (R3)
High Memory (X1)
GPU Optimized (G2)
Storage Optimized (D2)
IO Optimized (I2)
Low Cost, Burst-able Performance (T2)
Dedicated Instances
RDS For MySQL
RDS For SQL Server
RDS For Oracle
RDS For PostgreSQL
RDS For MariaDB
RDS For Amazon Aurora
Multi-AZ Synchronous Replication
Read Replica Support
Server-side Object Encryption
Customer Controlled Keys
Dedicated HSMs
Integrated Key Management
Key Usage Auditing
Identity Policies
Location Policies
Time-based Policies
Individual API Calls
Key Rotation
Temporary Credentials
Policy Simulator
![Page 26: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/26.jpg)
AWS Rapid Pace Of Innovation 722 major new features and services launched in 2014
2009
48
159
722
82
2011 2013 2015
![Page 27: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/27.jpg)
Invention Is Continuous
4
![Page 28: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/28.jpg)
For Example, Consider Compute…
m1.small General Purpose (M3)
Compute Optimized (C4)
Memory Optimized (R3)
GPU Optimized (G2)
Storage Optimized (D2)
IO Optimized (I2)
Low cost, burst-able performance (T2)
New
![Page 29: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/29.jpg)
Building With Smaller Blocks
Quicker to build Lower costEasier to adapt and update
</> </></>
![Page 30: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/30.jpg)
Shrinking Compute To Atomic Scale With AWS Lambda
![Page 31: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/31.jpg)
AWS Lambda: An Event Driven Computing Service
Events from AWS services Cloud Functions in Node.js
Automatic execution with no servers to provision
![Page 32: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/32.jpg)
How Are Customers Using AWS Lambda?
Data triggers Stream processing Indexing & synchronization
1100
111 1
1
00
00
0 1100
111 1
1
00
00
01100
111 1
1
00
00
0 1100
111 1
1
00
00
0
IoT Server-free back-end
![Page 33: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/33.jpg)
us-west-2
ELB
ELB
Bidders
Ad Servers
us-east-1
ELB
ELB
Bidders
Ad Servers
eu-west-1
ELB
ELB
Bidders
Ad Servers
ap-southeast-1
ELB
ELB
Bidders
Ad Servers
ap-northeast-1
ELB
ELB
Bidders
Ad Servers
Kinesis
S3
60B Events/Day
600k Files/Day
SQS
SQS
SQS
SQS
Machine Learning
Analytics
Dynamic Creatives
Profiles
DynamoDB
us-west-2
DynamoDB
us-east-1
DynamoDB
eu-west-1
DynamoDB
ap-southeast-1
DynamoDB
ap-northeast-1
![Page 34: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/34.jpg)
Learning more about AWS
![Page 35: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/35.jpg)
aws.amazon.com/blogs/aws
aws.amazon.com/new
@AWScloud @AWS_UKI
![Page 36: Security Day - Intro](https://reader033.vdocuments.site/reader033/viewer/2022052117/587dffb91a28abe11a8b46af/html5/thumbnails/36.jpg)
Let’s Get Started
@IanMmmm
Ian Massingham
AWS Technology Evangelist