CSA Talk May 2018: Difference between revisions
From Federal Burro of Information
Jump to navigationJump to search
No edit summary |
No edit summary |
||
Line 34: | Line 34: | ||
* Partners and Vendor: what can my vendor do? | * Partners and Vendor: what can my vendor do? | ||
== 10 AWS security blunders and how to avoid them | InfoWorld == | |||
https://www.infoworld.com/article/3132023/security/10-aws-security-blunders-and-how-to-avoid-them.html | |||
Mistake 1: Not knowing who is in charge of security | |||
Mistake 2: Forgetting about logs | |||
Mistake 3: Giving away too many privileges | |||
Mistake 4: Having powerful users and broad roles | |||
Mistake 5: Relying heavily on passwords | |||
Mistake 6: Exposed secrets and keys | |||
Mistake 7: Not taking root seriously | |||
Mistake 8: Putting everything in one VPC or account | |||
Mistake 9: Leaving wide open connections | |||
Mistake 10: Skimping on encryption |
Revision as of 17:53, 17 April 2018
Abstract
AWS introduces many new capabilities for provisinf IT services. They do so in a software defined way and give you lots of options.
All of the services provided by AWS take se
A Grab Bag of Security Practices
- tools to help with securoty
- some free some not free
- cloudcheckr
- aws-config-rules https://github.com/awslabs/aws-config-rules
- Sample implement 2 of these
- truffle hog
- root mfa
- using roles to access account from a central place.
- using peering to central manage.
- Diagram
- using config rules
- IAM policy best practices.
- Auditing and forensics.
- the cloudtrail -> s3 -> cloudwatch trinity
- s3 replication
- s3 imutablity
- Anomaly detection datadog
- anti patterns
- egress backhaul
- Partners and Vendor: what can my vendor do?
10 AWS security blunders and how to avoid them | InfoWorld
Mistake 1: Not knowing who is in charge of security Mistake 2: Forgetting about logs Mistake 3: Giving away too many privileges Mistake 4: Having powerful users and broad roles Mistake 5: Relying heavily on passwords Mistake 6: Exposed secrets and keys Mistake 7: Not taking root seriously Mistake 8: Putting everything in one VPC or account Mistake 9: Leaving wide open connections Mistake 10: Skimping on encryption