csa meetup 09.11.2015

Report

Post on 15-Apr-2017

225 Views

Category:

Internet

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

www.nordcloud.com 1

AWS re:Invent 2015CSA Meetup

Oslo, 09.11.2015

www.nordcloud.com 2

About re:Invent

● Annual AWS user conference since 2011

● Focus on learning

● All materials are available

● Security and Compliance track

https://reinvent.awsevents.com/

https://reinvent.awsevents.com/
https://reinvent.awsevents.com/

www.nordcloud.com 3

About Nordcloud

www.nordcloud.com 4

SEC323 Securing Web Applications with AWS WAF

STG205 Secure Content Delivery Using Amazon CloudFront

AWS WAFWeb Application Firewall

www.nordcloud.com 5

Use cases for WAF

www.nordcloud.com 6

AWS WAF vs traditional approach

● Simple● Easy and fast to install● Reasonably priced● Reduce false positives● Automation● Optimal workflow

www.nordcloud.com 7

AWS WAF in nutshell

● Protect websites and content

● Block or allow requests

● Monitor events

● Customizable, flexible

● Integrates with other services

● Fast to deploy

www.nordcloud.com 8

AWS WAF workflow

● Create a web ACL

○ Add a rule

■ AND/OR

■ Block, allow, count

■ Ordered

○ Add match conditions

■ IP

■ Match any part (string or binary)

■ SQLi (url decoded request, valid SQL)

● Assign to CloudFront

○ ~1 minute to changes

○ 1 minute metrics

○ Request samples, observing rules in action

www.nordcloud.com 9

AWS WAF typical ruleset

1. Whitelisted IPs - ALLOW2. Blacklisted IPs - BLOCK3. Blacklisted signatures - BLOCK4. SQL Injection - COUNT5. Suspicious activity - COUNT

Default - ALLOW

www.nordcloud.com 10

AWS WAF automated blacklist

www.nordcloud.com 11

SEC324 Introducing Amazon Inspector

Amazon Inspector

www.nordcloud.com 12

Amazon Inspector usage workflow

● Install inspector agent on your instance

● Tag instances with application specific info

● Configure Inspector

○ Application and assessment

● Start Inspector

● Exercise and test your service

● Telemetry collects information

● Stop inspector (or wait timeout)

● Look at findings

www.nordcloud.com 13

Amazon Inspector in a nutshell

● Security insight into application deployments● Runs an automated, repeatable, full scale,

dynamic check of your running services● Selectable built-in rules

○ Use AWS security knowledge to strengthen servers

● Delivery of actionable findings○ Carefully explained○ Help their resolution

● Automatable

www.nordcloud.com 14

Amazon Inspector rule packages

● CVE (Common vulnerabilities and exposures)

● Network security best practices

● Authentication best practices

● Operating system security best practices

● Application security best practices

● PCI DSS 3.0 readiness

www.nordcloud.com 15

Amazon Inspector availability

Limited preview, apply and try it out!

www.nordcloud.com 16

Questions?

Please contact:

Attila BaboCloud Architectattila.babo@norcloud.comMobile: +47 936 71565www.nordcloud.com

mailto:attila.babo@norcloud.com
mailto:attila.babo@norcloud.com
http://www.nordcloud.com/
http://www.nordcloud.com/

top related

mb52 actual al dia 09.11.2015 (1)
Documents
csa alloy wheels catalogue 2017 - csa direct
Documents
csa investor index - canadian securities administrators| csa
Documents
journal an nasr 09.11.2015
Documents
meetup lfoppiano
Technology
meetup 5min lightning talk for meetup 2/17/2016
Technology
tamp bay word press meetup – npr feb-11_2015 meetup
Internet
csa 201 csa basics-can csa pay?...csa 201 csa basics-can csa...
Documents
ibd meetup pikes peak meetup group colorado springs, co
Documents
wearables meetup
Mobile
meteor meetup
Education
seattle tilth farm works csa examples. sample csa boxes...
Documents
meetup performance
Documents
pega 7 csa dumps,pega csa dumps
Technology
sydney ioe meetup community - 1st meetup presentation
Technology
twp meetup
Design
csa global geotourism division -...
Documents
microservices security csa meetup ppt 10_21_2015_v2-2
Software
talend spark meetup 03042017 - paris spark meetup
Technology
meetup -- rfid
Technology