AWS re:Invent 2015 | (SEC201) How Should We All Think About Security

https://www.youtube.com/watch?v=fCH4r3s4THQ

1. Five Why:

  1. Why is security such a hot topic? (because it is important, and it's hard)
  2. Why is enterprise security traditionally so hard?(Because so much planning is needed)
  3. Why does planning take so long?(Because it requires so many processes)
  4. Why so many processes?(Because mistakes are so easy to make and hard to correct)
  5. Why are mistakes so hard to correct?(lack of visibility and low degree of automation)

2. new tools to move fast and stay safe

  • Amazon inspector
  • AWS WAF
  • AWS Config rules

2.1 Amazon Inpector

Security assessment tool analyzing end-to-end application configuration and activity
Why amazon inspector?
. Application testing key to moving fast and stay safe
. Security assessment highly manual, resulting in delays or missed security checks
. Valuable security subject matter experts spending too much time on routine security assessment

image.png

image.png

image.png

3. Security by Design

image.png

3.1 Operating principles

  • Separation of duties
  • Different personnel across service lines
  • Least priviledge

3.2 Technology to automate operational principles

  • Visibility through automation
  • Shrinking the protection boundaries
  • Ubiquitous encryption

4 takeaways

  • Design and deploy


    image.png
  • Operate and improve


    image.png

你可能感兴趣的:(AWS re:Invent 2015 | (SEC201) How Should We All Think About Security)