Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Upcoming SlideShare
What to Upload to SlideShare
Next

11

Share

Continuous Compliance con AWS Security Hub

AWS Security Hub offre una visione completa del proprio stato di sicurezza all'interno di AWS e aiuta a mantenerlo monitorato tramite continui controlli di conformità. In questo webinar imparerai come, con Security Hub, puoi eseguire una configurazione automatica e continua a livello di account e come eseguire controlli di conformità basati su standard di settore e best practice, come il Center for Internet Security (CIS) AWS Foundations. In questo webinar approfondiremo inoltre le feature principali di Security Hub e scopriremo come abilitare flussi di lavoro di riparazione automatizzati per agire sui problemi di conformità rilevati.

Related Audiobooks

Free with a 30 day trial from Scribd

See all

Continuous Compliance con AWS Security Hub

  1. 1. Continuous Compliance with AWS Security Hub Margherita Bonetto AWS Solutions Architect
  2. 2. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved.© 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pricing Table of contents Use patterns Next steps AWS Security Hub overview Getting started Demo
  3. 3. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Problem statements – “Am I secure?” Large volume of alerts and the need to prioritize 3 Too many security alerts Lack of an integrated view of security and compliance across accounts 4 Lack of an integrated view Dozens of security tools with different data formats 2 Too many security alert formats Many compliance requirements and not enough time to build the checks 1 Backlog of compliance requirements
  4. 4. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What is AWS Security Hub? AWS’s Security Posture Management service
  5. 5. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Protect Detect Respond Automate Investigate RecoverIdentify AWS Systems Manager AWS Config AWS Lambda Amazon CloudWatch Amazon Inspector Amazon Macie Amazon GuardDuty AWS Security Hub AWS IoT Device Defender KMSIAM AWS Single Sign-On Snapshot Archive AWS CloudTrail Amazon CloudWatch Amazon VPC AWS WAF AWS Shield AWS Secrets Manager AWS Firewall Manager AWS Foundational and Layered Security Services AWS Organizations Personal Health Dashboard Amazon Route 53 AWS Direct Connect AWS Transit Gateway Amazon VPC PrivateLink AWS Step Functions Amazon Cloud Directory AWS CloudHSM AWS Certificate Manager AWS Control Tower AWS Service Catalog AWS Well- Architected Tool AWS Trusted Advisor Resource Access manager AWS Directory Service Amazon Cognito Amazon S3 Glacier AWS Security Hub AWS Systems Manager AWS CloudFormation AWS OpsWorks Amazon Detective
  6. 6. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Partner integrations Firewalls Vulnerability SOAR SIEM Endpoint Compliance MSS P Other Firewalls Vulnerability SOAR SIEM Endpoint Compliance MSSP Other
  7. 7. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Use pattern 1: Centralized security and compliance workspace Goal Have a single pane of glass to view, triage, and take action on AWS security and compliance issues across accounts Personas SecOps, compliance, and/or DevSecOps teams focused on AWS, Cloud Centers of Excellence, the first security hire Key processes example 1. Ingest findings from finding providers 2. High-volume and well-known findings are programmatically routed to remediation workflows, which include updating the status of the finding 3. Remaining findings are routed to analysts via an on-call management system, and they use ticketing and chat systems to resolve them Taking action integrations Ticketing systems, chat systems, on-call management systems, SOAR platforms, customer-built remediation playbooks
  8. 8. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Use pattern 2: Centralized routing to a SIEM Goal Easily route all AWS security and compliance findings in a normalized format to a centralized SIEM or log management tool Personas SecOps, compliance, and/or DevSecOps teams Key processes example 1. Ingest findings from finding providers 2. All findings are routed via Amazon CloudWatch Events to a central SIEM that stores AWS and on-premises security and compliance data 3. Analyst workflows are linked to the central SIEM Taking action integrations SIEM
  9. 9. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Use pattern 3: Dashboard for account owners Goal Provide visibility to AWS account owners on the security and compliance posture of their account Personas AWS account owners Key processes example 1. Ingest findings from finding providers 2. Account owners are given read-only access to Security Hub 3. Account owners can use Security Hub to research issues that they are ticketed on or proactively monitor their own security and compliance state Taking action integrations Chat, ticketing
  10. 10. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Getting Started A few clicks to enable Security Hub
  11. 11. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Getting Started A few clicks to enable Security Hub
  12. 12. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security Standards AWS Foundational Security Best Practices v1.0.0
  13. 13. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Findings in AWS Security Hub The observable record of a security check or security-related detection AWS Security Finding Format (ASFF)
  14. 14. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Insights in AWS Security Hub A collection of related findings defined by an aggregation statement and optional filters
  15. 15. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Custom Actions
  16. 16. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Simple multi-account setup Security Hub Master Security Hub Account 1 Security Hub Account 2 Security Hub Account 3
  17. 17. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Pricing • Free trial: All AWS accounts will have a 30-day free trial. Security Standards Pricing First 100,000 $0.0010/check 100,001-500,000 $0.0008/check 500,001+ $0.0005/check Finding ingestion pricing: • Free tier: Post 30 days, a perpetual free tier of 10,000 findings ingestion events per account per month. • Then - finding ingestion events are $0.3 per 10,000 findings. Compliance Standards pricing: Charge is based on the following: • Per security check • Per AWS account • Per region • Per month Events Pricing First 10,000 events / month Free 10,001 + events / month $0.00003/finding
  18. 18. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo
  19. 19. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Next steps • Get Started: Free POC (30 days): https://console.aws.amazon.com/securityhub/ • Learn more: AWS Security Hub • AWS Security Webinars on-demand • Security blog post: Top 10 security items to improve in your AWS account in AWS
  20. 20. © 2020, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Next steps AWS Training & Certification https://www.aws.training: Free on-demand courses to help you build new cloud skills For more info on AWS T&C visit: https://aws.amazon.com/it/training/ E-Learning: AWS Security Fundamentals (Second Edition) https://www.aws.training/Details/eLearning?id=34259 E-Learning: Getting Started with AWS Security, Identity and Compliance https://www.aws.training/Details/eLearning?id=49720 Video: AWS Foundations: Securing Your AWS Cloud https://www.aws.training/Details/Video?id=49712 Video: AWS Shared Responsibility Model https://www.aws.training/Details/Video?id=16488 Video: Differences Between Security Groups and NACLs https://www.aws.training/Details/Video?id=16486 Video: Protecting Your Instance with Security Groups https://www.aws.training/Details/Video?id=16487
  21. 21. Thanks!
  • nanox

    Sep. 23, 2021
  • MureedNazir

    Aug. 25, 2021
  • ErnestoMartinez36

    Aug. 16, 2021
  • UynSa

    Apr. 14, 2021
  • RamChenna

    Mar. 30, 2021
  • budibudifr

    Mar. 29, 2021
  • xckboy

    Feb. 5, 2021
  • krisssarodey

    Jan. 19, 2021
  • Kendiv

    Jan. 12, 2021
  • VladimirVivar1

    Nov. 26, 2020
  • DanieleSantini1

    Nov. 20, 2020

AWS Security Hub offre una visione completa del proprio stato di sicurezza all'interno di AWS e aiuta a mantenerlo monitorato tramite continui controlli di conformità. In questo webinar imparerai come, con Security Hub, puoi eseguire una configurazione automatica e continua a livello di account e come eseguire controlli di conformità basati su standard di settore e best practice, come il Center for Internet Security (CIS) AWS Foundations. In questo webinar approfondiremo inoltre le feature principali di Security Hub e scopriremo come abilitare flussi di lavoro di riparazione automatizzati per agire sui problemi di conformità rilevati.

Views

Total views

7,183

On Slideshare

0

From embeds

0

Number of embeds

18

Actions

Downloads

0

Shares

0

Comments

0

Likes

11

×