DevSecOps AWS.pptx for AWS Summit Johannesburg 2023
ellan12
77 views
18 slides
May 16, 2024
Slide 1 of 18
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
About This Presentation
Presentation of Improving Cloud Security Operations on AWS
Slide Content
SECURING YOUR AWS FORTRESS STRATEGIES FOR SECURE IDENTITY,DATA AND INFRASTRUCTURE By Ellan G This Photo by Unknown author is licensed under CC BY-SA .
AWS SUMMIT JOHANNESBURG AGENDA IMPORTANCE OF SECURITY STRATEGIES GROWING THREAT LANDSCAPE IN CLOUD IDENTITY STRATEGY DATA SECURITY STRATEGY INFRASTRUCTURE STRATEGY SDLC STRATEGY TAKEAWAYS THANKS & Q/A
Speaker Profile Ellan Wambugu I am a DevOps engineer with experience across AWS,GCP and Azure. A cybersecurity professional specializing in Multi-Cloud Red Teaming . A developer working mostly with Python and Golang REST APIs. A stressed Man Utd fan
Importance Of Security Strategies 2023 cloud security statistics from RESMO
Cloud Threat Landscape: The Sneaky World Of Software Supply Chain Attacks Supply Chain Attacks defined The Growing Frequency Consequences & Lessons from the Attacks Increasing Threat Landscape & Attack Vectors Regulatory & Compliance Implications Need for Proactive Defense
Authentication is the process of confirming the identity of the principal trying to access an AWS product. Authorization: The identity has to be configured on what permissions they have under identity Account for the permissions one is given by using tools such as IAM access analyzer SECURING YOUR IDENTITY IN AWS
Locking The Front Door: AWS Identity Best Practices Federate Human users using temporary credentials MFA all Accounts Rotate Keys Regularly For long term use cases Use Access Analyzer to Implement Accountability to different Principles IAM Cross Account Guard Rails Regularly Review Your Roles and Principles Use Cases
Guarding Your Data Fortress: AWS Data Security Proactive Security Response Encryption (at rest & in transit) is a necessary evil Access Controls (user & resource level) Data Backups (security breach resilience) Monitoring (threat detection) Data Protection & Compliance
Data Security Checklist: Check It Twice Data Classification – is it public? internal? Confidential? Tagged? Data Encryption & Key Management Access Auditing Data Masking & Anonymization Retention and Disposal
Building Fort Knox: AWS Infrastructure Security Paramount to Implement Defense in Depth Principles Working With Zero Trust Architecture Mindset Proactive rather than Reactive Cybersecurity Culture Security Events can quickly escalate into disasters
Cure or Chaos: DevSecOps in SDLC Importance of a Secure SDLC DevSecOps as a Solution Integrated Security Testing Continuous Monitoring & Threat Detection Vulnerability Scanning & Patching Container Security Challenges On Adoption
The Road To Security Stardom: AWS Security Maturity RoadMap With the growing complexity of cloud environments, ensuring the security of your AWS infrastructure has become more critical than ever. Developing a robust security roadmap is essential to safeguard your data and protect against potential threats
FOUNDATIONAL
INTEGRATION ESTABLISH INCIDENT RESPONSE PROTOCOLS INTEGRATE DETECTION AND MONITORING SYSTEMS IMPLEMENT REGULAR VULNERABILITY ASSESSMENTS PRIVILEDGE REVIEW CULTURE OF SECURITY AWARENESS
AUTOMATION
OPTIMIZE
DEMO : DEVSECOPS PIPELINE IN AWS
Thanks / Q&A Thanks for making time to listen -Ellan
Download
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 77
- Slides 18
- Age 565 days
Related Slideshows
1
DTI BPI Pivot Small Business - BUSINESS START UP PLAN
MeljunCortes
30 views
1
CATHOLIC EDUCATIONAL Corporate Responsibilities
MeljunCortes
31 views
11
Karin Schaupp – Evocation; lançamento: 2000
alfeuRIO
30 views
10
Pillars of Biblical Oneness in the Book of Acts
JanParon
27 views
31
7-10. STP + Branding and Product & Services Strategies.pptx
itsyash298
29 views
44
Business Legislation PPT - UNIT 1 jimllpkggg
slogeshk98
32 views