Soumettre la recherche
Mettre en ligne
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
•
0 j'aime
•
468 vues
Amazon Web Services
Suivre
by Threat Stack
Lire moins
Lire la suite
Signaler
Partager
Signaler
Partager
1 sur 32
Recommandé
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
Alert Logic
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
#ALSummit: Realities of Security in the Cloud
#ALSummit: Realities of Security in the Cloud
Alert Logic
AWS Security Strategy
AWS Security Strategy
Teri Radichel
RSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics Overview
Skybox Security
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
Security Spotlight: The Coca Cola Company - CSS ATX 2017
Security Spotlight: The Coca Cola Company - CSS ATX 2017
Alert Logic
Automating your AWS Security Operations
Automating your AWS Security Operations
Evident.io
Recommandé
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
#ALSummit: Accenture - Making the Move: Enabling Security in the Cloud
Alert Logic
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
#ALSummit: Realities of Security in the Cloud
#ALSummit: Realities of Security in the Cloud
Alert Logic
AWS Security Strategy
AWS Security Strategy
Teri Radichel
RSA 2014: Skybox Security Risk Analytics Overview
RSA 2014: Skybox Security Risk Analytics Overview
Skybox Security
Extending Amazon GuardDuty with Cloud Insight Essentials
Extending Amazon GuardDuty with Cloud Insight Essentials
Alert Logic
Security Spotlight: The Coca Cola Company - CSS ATX 2017
Security Spotlight: The Coca Cola Company - CSS ATX 2017
Alert Logic
Automating your AWS Security Operations
Automating your AWS Security Operations
Evident.io
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Alert Logic
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Alert Logic
Azure sentinel
Azure sentinel
Marius Sandbu
Are You Ready for a Cloud Pentest?
Are You Ready for a Cloud Pentest?
Teri Radichel
Securing Healthcare Data on AWS for HIPAA
Securing Healthcare Data on AWS for HIPAA
Alert Logic
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure Sentinel
Ashwin Patil, GCIH, GCIA, GCFE
Managed Threat Detection and Response
Managed Threat Detection and Response
Alert Logic
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
Robert Herjavec
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Evident.io
Using m365 defender to protect against solorigate
Using m365 defender to protect against solorigate
Matt Soseman
Netskope Threat Labs: Cloud As an Attack Vector
Netskope Threat Labs: Cloud As an Attack Vector
Netskope
Protect Office 365 with Azure Sentinel
Protect Office 365 with Azure Sentinel
Nanddeep Nachan
AWS Security Ideas - re:Invent 2016
AWS Security Ideas - re:Invent 2016
Teri Radichel
Infosec 2014: Who Is Skybox Security?
Infosec 2014: Who Is Skybox Security?
Skybox Security
Getting Started with Azure Sentinel
Getting Started with Azure Sentinel
Samik Roy
#ALSummit: Alert Logic & AWS - AWS Security Services
#ALSummit: Alert Logic & AWS - AWS Security Services
Alert Logic
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Skybox Security
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
Alert Logic
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Alert Logic
Lacework AWS Security Week Presentation
Lacework AWS Security Week Presentation
Lacework
Digital Transformation with smart products - EVRYTHNG
Digital Transformation with smart products - EVRYTHNG
Amazon Web Services
Hands-on Lab: Amazon ElastiCache
Hands-on Lab: Amazon ElastiCache
Amazon Web Services
Contenu connexe
Tendances
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Alert Logic
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Alert Logic
Azure sentinel
Azure sentinel
Marius Sandbu
Are You Ready for a Cloud Pentest?
Are You Ready for a Cloud Pentest?
Teri Radichel
Securing Healthcare Data on AWS for HIPAA
Securing Healthcare Data on AWS for HIPAA
Alert Logic
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure Sentinel
Ashwin Patil, GCIH, GCIA, GCFE
Managed Threat Detection and Response
Managed Threat Detection and Response
Alert Logic
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
Robert Herjavec
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Evident.io
Using m365 defender to protect against solorigate
Using m365 defender to protect against solorigate
Matt Soseman
Netskope Threat Labs: Cloud As an Attack Vector
Netskope Threat Labs: Cloud As an Attack Vector
Netskope
Protect Office 365 with Azure Sentinel
Protect Office 365 with Azure Sentinel
Nanddeep Nachan
AWS Security Ideas - re:Invent 2016
AWS Security Ideas - re:Invent 2016
Teri Radichel
Infosec 2014: Who Is Skybox Security?
Infosec 2014: Who Is Skybox Security?
Skybox Security
Getting Started with Azure Sentinel
Getting Started with Azure Sentinel
Samik Roy
#ALSummit: Alert Logic & AWS - AWS Security Services
#ALSummit: Alert Logic & AWS - AWS Security Services
Alert Logic
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Skybox Security
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
Alert Logic
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Alert Logic
Lacework AWS Security Week Presentation
Lacework AWS Security Week Presentation
Lacework
Tendances
(20)
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-protecting_web_apps_stephen coty_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Css sf azure_8-9-17-intro to security in the cloud_mark brooks_al
Azure sentinel
Azure sentinel
Are You Ready for a Cloud Pentest?
Are You Ready for a Cloud Pentest?
Securing Healthcare Data on AWS for HIPAA
Securing Healthcare Data on AWS for HIPAA
Threat Hunting on AWS using Azure Sentinel
Threat Hunting on AWS using Azure Sentinel
Managed Threat Detection and Response
Managed Threat Detection and Response
LIFT OFF 2017: AWS and Cloud Computing
LIFT OFF 2017: AWS and Cloud Computing
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Security Threats, the Cloud and Your Responsibilities - Evident.io @AWS Pop-u...
Using m365 defender to protect against solorigate
Using m365 defender to protect against solorigate
Netskope Threat Labs: Cloud As an Attack Vector
Netskope Threat Labs: Cloud As an Attack Vector
Protect Office 365 with Azure Sentinel
Protect Office 365 with Azure Sentinel
AWS Security Ideas - re:Invent 2016
AWS Security Ideas - re:Invent 2016
Infosec 2014: Who Is Skybox Security?
Infosec 2014: Who Is Skybox Security?
Getting Started with Azure Sentinel
Getting Started with Azure Sentinel
#ALSummit: Alert Logic & AWS - AWS Security Services
#ALSummit: Alert Logic & AWS - AWS Security Services
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
#ALSummit: Amazon Web Services: Understanding the Shared Security Model
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Css sf azure_8-9-17-microsoft_azure_security_overview_babak suzani_msft
Lacework AWS Security Week Presentation
Lacework AWS Security Week Presentation
En vedette
Digital Transformation with smart products - EVRYTHNG
Digital Transformation with smart products - EVRYTHNG
Amazon Web Services
Hands-on Lab: Amazon ElastiCache
Hands-on Lab: Amazon ElastiCache
Amazon Web Services
Netflix Cloud Security Overview
Netflix Cloud Security Overview
Amazon Web Services
Serverless for Developers
Serverless for Developers
Amazon Web Services
Developing Applications with the IoT Button - AWS Online Tech Talks
Developing Applications with the IoT Button - AWS Online Tech Talks
Amazon Web Services
Netflix Cloud Security Overview
Netflix Cloud Security Overview
Amazon Web Services
En vedette
(6)
Digital Transformation with smart products - EVRYTHNG
Digital Transformation with smart products - EVRYTHNG
Hands-on Lab: Amazon ElastiCache
Hands-on Lab: Amazon ElastiCache
Netflix Cloud Security Overview
Netflix Cloud Security Overview
Serverless for Developers
Serverless for Developers
Developing Applications with the IoT Button - AWS Online Tech Talks
Developing Applications with the IoT Button - AWS Online Tech Talks
Netflix Cloud Security Overview
Netflix Cloud Security Overview
Similaire à A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
Amazon Web Services
Nagios Conference 2014 - Jorge Higueros - SNAPS
Nagios Conference 2014 - Jorge Higueros - SNAPS
Nagios
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
AlienVault
ThreatStack Session: A Tale of Security & Ops Teamwork for Rapid Security Inc...
ThreatStack Session: A Tale of Security & Ops Teamwork for Rapid Security Inc...
Amazon Web Services
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3
Lisa Niles
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
Amazon Web Services
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the Cloud
Amazon Web Services
Building an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWS
Amazon Web Services
Foxtrot Division Capabilities Collection
Foxtrot Division Capabilities Collection
Jeff Hunter
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
AmrMousa51
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
NGINX, Inc.
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)
Panther Labs
DevOpsDays Taipei 2019 - 新創導入資安?從 DevSecOps 開始
DevOpsDays Taipei 2019 - 新創導入資安?從 DevSecOps 開始
Secview
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
Asaf Nakash
Infrastructure as Code (IaC) Deployment Engineer with hex64
Infrastructure as Code (IaC) Deployment Engineer with hex64
HEX64
Wipro's Compliance as a Service [CAAS]
Wipro's Compliance as a Service [CAAS]
Symantec
Azure Sentinel Jan 2021 overview deck
Azure Sentinel Jan 2021 overview deck
Matt Soseman
Intro to Puppet Enterprise 06.28.2017
Intro to Puppet Enterprise 06.28.2017
Puppet
VMworld 2013: Security Automation Workflows with NSX
VMworld 2013: Security Automation Workflows with NSX
VMworld
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
NoNameCon
Similaire à A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
(20)
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
Nagios Conference 2014 - Jorge Higueros - SNAPS
Nagios Conference 2014 - Jorge Higueros - SNAPS
How to Solve Your Top IT Security Reporting Challenges with AlienVault
How to Solve Your Top IT Security Reporting Challenges with AlienVault
ThreatStack Session: A Tale of Security & Ops Teamwork for Rapid Security Inc...
ThreatStack Session: A Tale of Security & Ops Teamwork for Rapid Security Inc...
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3
SynerComm's Tech TV series CIS Top 20 Critical Security Controls #3
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
ThreatStack Workshop: Stop Wasting Your Time: Focus on Security Practices tha...
FireEye: Seamless Visibility and Detection for the Cloud
FireEye: Seamless Visibility and Detection for the Cloud
Building an Automated Security Fabric in AWS
Building an Automated Security Fabric in AWS
Foxtrot Division Capabilities Collection
Foxtrot Division Capabilities Collection
SEIM-Microsoft Sentinel.pptx
SEIM-Microsoft Sentinel.pptx
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Keep Ahead of Evolving Cyberattacks with OPSWAT and F5 NGINX
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)
Panther 101: Bootstrapping Your Cloud SIEM (Webinar Deck)
DevOpsDays Taipei 2019 - 新創導入資安?從 DevSecOps 開始
DevOpsDays Taipei 2019 - 新創導入資安?從 DevSecOps 開始
Azure Operation Management Suite - security and compliance
Azure Operation Management Suite - security and compliance
Infrastructure as Code (IaC) Deployment Engineer with hex64
Infrastructure as Code (IaC) Deployment Engineer with hex64
Wipro's Compliance as a Service [CAAS]
Wipro's Compliance as a Service [CAAS]
Azure Sentinel Jan 2021 overview deck
Azure Sentinel Jan 2021 overview deck
Intro to Puppet Enterprise 06.28.2017
Intro to Puppet Enterprise 06.28.2017
VMworld 2013: Security Automation Workflows with NSX
VMworld 2013: Security Automation Workflows with NSX
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Nazar Tymoshyk et al - Night in Defense Workshop: Hunting for a needle in a h...
Plus de Amazon Web Services
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Amazon Web Services
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Amazon Web Services
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Amazon Web Services
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Amazon Web Services
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Amazon Web Services
Open banking as a service
Open banking as a service
Amazon Web Services
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Amazon Web Services
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Amazon Web Services
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Amazon Web Services
Computer Vision con AWS
Computer Vision con AWS
Amazon Web Services
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Amazon Web Services
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Amazon Web Services
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Amazon Web Services
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Amazon Web Services
Tools for building your MVP on AWS
Tools for building your MVP on AWS
Amazon Web Services
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Amazon Web Services
Building a web application without servers
Building a web application without servers
Amazon Web Services
Fundraising Essentials
Fundraising Essentials
Amazon Web Services
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Amazon Web Services
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
Amazon Web Services
Plus de Amazon Web Services
(20)
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
Open banking as a service
Open banking as a service
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Computer Vision con AWS
Computer Vision con AWS
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Tools for building your MVP on AWS
Tools for building your MVP on AWS
How to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
Building a web application without servers
Building a web application without servers
Fundraising Essentials
Fundraising Essentials
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
A Tale of Security & Ops Teamwork for Rapid Security Incident Resolution
1.
AWSSecurityArchitecture Week ATaleofSecurity&OpsTeamworkforRapidSecurityIncidentResolution
2.
Agenda ●QuickIntroduction ●DefinetheProblemWe’reSolvingFor ●FrameworkforThinkingaboutSecurityandOperations ○People ○Process ○Tools 2
3.
3 SecurityThatSupportsYourOrganization’s BusinessObjectives 4hoursto4minutesReal-timeAlerting1ConsoleforComplex Environments SOC2,HIPAA,PCI, HITRUST,SOX404, ISO27001 IncreasedVelocityof YourSecurity Operations Real-timeVisibility intoBehavior (Who,what,where,when?) ContinuousSecurity Monitoring&AlertingAcross YourEnvironment ContinuousCompliance (Automaticcontrols, policies,&procedures)
4.
Real-TimeHostMonitoring Behavior-basedmonitoringanddetectionof suspiciousevents,featuringanout-of-the-box rulesetofalertsformostcommonsecurity events. 4 SpanningyourDataCenterandCloud withOnePlatform VulnerabilityMonitoring Detectsystemsandpackagescontainingknown vulnerabilitiesandcross-referenceagainstmore thantwomillionidentifiedCVEs,automatically categorizethemaccordingtosecurityrisk. ThreatIntelligenceCorrelation Continuouslymonitorconnectionstoknown badaddressesandreceivereal-timealerts whentheseconnectionsoccur. ContinuousCompliance AchievecompliancecriteriaacrossHIPAA,PCI DSS,SOC2,ISO27001,andSOX404 regulationsandregularlyreport/auditrelevant activity. ConfigurationAuditing ScanAWSconfigurationstoensuretheproper securitysettingshavebeenselectedand enabled,whileprovidinganaccuratesecurity baseline. WorkflowIntegrations Increaseefficiencywithout-of-the-box integrationswithpopularconfiguration managementandalertingtools,enablingeasy collaborationacrosssecurityandDevOps teams.
5.
Thingsthatyouwillneverhear... 5
6.
Cropimagetofitinsidethisbox “Here’san awardfornot lettingusget breached.” 6
7.
Cropimagetofitinsidethisbox 7 “Idon’tmind thatyougetin myway becauseit’s protectingour company.”
8.
Cropimagetofitinsidethisbox 8 “Igetit!That singlechart veryclearly communicates howmuch you’vereduced ourrisk.”
9.
9 “Abreach wouldn’tbe thatbigofa deal.”
10.
10 “Sure,youcan buythattool. Towhom shouldIwrite thecheck?”
11.
Ops/DevOps/NoOps!SoftwareDefinedEverything! ●Securityisn’tallowedtoretreattotheperimeteranylonger ○Deploymentmodelisn’ttechnicallyfeasible ○Thismodeldidverylittletosecureorganizationsevenintheonpremdatacenter ●SecurityreliesonOperationsfor: ○Installingcontinuousmonitoring(agents,AWSIAM,etc.) ○Remediatingrisksoractivethreats ●OperationsreliesonSecurityfor: ○Requirementsandguidanceonhowtobuildsecuresystems ○Feedbackonwhererisksoractivethreatsare,andhowtoremediatethem ●Thissymbioticrelationshipdependsonahighvelocityfeedbackloop ○Requirestrust,whichoftenrequiresdata ○Requiresorganizationalinvestment-oftenstartswiththeCEO 11
12.
Ops/DevOps/NoOps!SoftwareDefinedEverything! ●Securityisn’tallowedtoretreattotheperimeteranylonger ○Deploymentmodelisn’ttechnicallyfeasible ○Thismodeldidverylittletosecureorganizationsevenintheonpremdatacenter ●SecurityreliesonOperationsfor: ○Installingcontinuousmonitoring(agents,AWSIAM,etc.) ○Remediatingrisksoractivethreats ●OperationsreliesonSecurityfor: ○Requirementsandguidanceonhowtobuildsecuresystems ○Feedbackonwhererisksoractivethreatsare,andhowtoremediatethem ●Thissymbioticrelationshipdependsonahighvelocityfeedbackloop ○Requirestrust,whichoftenrequiresdata ○Requiresorganizationalinvestment-oftenstartswiththeCEO 12 EVERYONECANNOTOWNSECURITY but,everyonedoeshavetoplayarole.
13.
“ 13 Focusonincreasingtime-to-exfiltrationand loweringtime-to-discovery.Bysodoing, hopefullyyoucanstopincidentsfrombecoming breaches. Verizon2017DBIR
14.
14 Youneedallthree.
15.
15 Rethinking“People”
16.
Cropimagetofitinsidethisbox 16 Integration GoesWay BeyondAPIs.
17.
Cropimagetofitinsidethisbox Don’tTryto HireYourWay outofEvery Problem 17
18.
Cropimagetofitinsidethisbox 18 Focuson Building Empathy- NotRules
19.
Rethinking“Process” 19
20.
20 ReduceYourRiskbyIsolating Failure...Everywhere
21.
Cropimagetofitinsidethisbox 21 Buildprocesses andpoliciesas though everything wereonthe Internet.
22.
Cropimagetofitinsidethisbox 22 Thinkabout which communication channelsare already working-and leveragethem.
23.
Rethinking“Technology” 23
24.
Cropimagetofitinsidethisbox 24 Stoptryingto retrofit technologythat wasn’tbuiltfor thecloud.
25.
Cropimagetofitinsidethisbox 25 Don’tConnect AWSDirectly toYourOffice’s Network.
26.
Cropimagetofitinsidethisbox 26 Stoptryingto build everything yourself.
27.
Sowheredidweland? 27
28.
Whataboutincidents& respondingtothem?! 28 Everythingwe’vetalkedaboutsupportsincidentresponse, makingitefficientandmoreeffective.
29.
Ifyouthinkthisisoldhatand thatitcan’tworkbecauseithas neverworkedforyou,thenit soundslikeyou’vealreadymade upyourmindandyourcurrent employerispayingyourpast employersdebts. 29
30.
Wheredidweland?Welandedhere 30 1.Leveragetherestoftheorganizationasaforcemultiplier 2.Everythingmustbecontinuousandincremental,which requiresautomation 3.EmbracethenewfactslikeWAN-onlyandlookfornew solutionswithinthem 4.Writemorecodethanpolicies-bonuspointsforturning yourpoliciesintocode
31.
Wanttochatsomemore? 31 Workshoplatertoday FindaThreatStackteammemberaroundtheLoft www.threatstack.com @sbisbee Entertowina$100amazongiftcardatourtable!!
32.
Appendix 32